miekiemoes

Volunteer Security Advisor
  • Content Count

    4,077
  • Joined

  • Last visited

Everything posted by miekiemoes

  1. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue. Everyone else please begin a New Topic. Thank you !
  2. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue. Everyone else please begin a New Topic. Thank you !
  3. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue. Everyone else please begin a New Topic. Thank you !
  4. Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue. Everyone else please begin a New Topic. Thank you !
  5. Due to lack of feedback, this topic has been closed. If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic. Thank You !
  6. Due to lack of feedback, this topic has been closed. If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic. Thank You !
  7. Hi, If the Combofix folder is still present, then delete it. Yes, we removed the malware that we could find in the logs + all related loading points, so you should be OK Glad I could help. Please read my Prevention page with lots of info and tips how to prevent this in the future. And if you want to improve speed/system performance after malware removal, take a look here. Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan. Happy Surfing again!
  8. Hi, This looks OK again. * Go to start > run and copy and paste next command in the field: ComboFix /u Make sure there's a space between Combofix and / Then hit enter. This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again. Let me know in your next reply how things are now.
  9. Because Avira is better in detection? And you're most welcome
  10. Hi, Did you set Firefox as your default browser? Please read here: http://kb.mozillazine.org/Default_browser You'll see all steps there how to make Firefox default for every url handler, html files etc...
  11. Hi, This infection doesn't spread via the network, so you should be OK Glad I could help. Please read my Prevention page with lots of info and tips how to prevent this in the future. And if you want to improve speed/system performance after malware removal, take a look here. Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan. Happy Surfing again!
  12. Hi, This looks OK again. * Go to start > run and copy and paste next command in the field: ComboFix /u Make sure there's a space between Combofix and / Then hit enter. This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again. Let me know in your next reply how things are now.
  13. See why it is so important to follow my instructions? Combofix still found and deleted a lot of malware and we're not finished yet, because more is still present there.. Also, funny you never mentioned the Yoog search you're still dealing with since that's part of the infection as well. * Open notepad - don't use any other texteditor than notepad or the script will fail. Copy/paste the text in the quotebox below into notepad: Save this as txtfile CFScript Then drag the CFScript into ComboFix.exe as you see in the screenshot below. This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply.
  14. Hi, It would be a great idea to follow my instructions, because fixing that entry in HijackThis is certainly not enough as it doesn't remove the file. Also, leftovers are still present. So, if you want your computer clean again (since leftovers can be responsible for reinstalling the infection), then perform my steps.
  15. Hi, First of all, uninstall the Ask Toolbar since it's not recommended. Reboot afterwards. I'm pretty sure that the main cause why your computer is slower, especially when online, is because of the Nvidia Firewall (Nvidia NetworkAccessManager) If you google the Nvidia Firewall / Nvidia Networkaccess manager, you'll see that many are having problems with it - so I suggest you uninstall it. Also, the Internet Download Manager toolbar / browser plugin you have installed also reduces speed when browing online though. Oh, the NowStarter.ocx you were "dealing" with appears to be a part of gogobox.com in your case.
  16. Hi, No need to disable the mailguard though. But the webguard may indeed cause that. I've had the same with it as well and disabled it for a couple of weeks. I then enabled it again and don't appear to have any slowdown issues anymore. The issue about Webguard is known though. On some computers, people are not having any problems with it, on other computers, there are indeed problems with the Webguard. Also see here: http://forum.avira.com/wbb/index.php?page=...uard#post348513 Good that disabling Webguard already solves it for you, some really have to uninstall the "feature". The good news is, within a couple of weeks, a new version of Avira will be available. You'll get notified as well, or your Avira will already automatically download and install the new version. And from what I've heard is, that the new version will be much improved (even though I think Avira runs pretty fast anyway and doesn't slowdown at all). And, most probably the webguard "issue" on some computers will be fixed then as well
  17. Glad I could help. Please read my Prevention page with lots of info and tips how to prevent this in the future. And if you want to improve speed/system performance after malware removal, take a look here. Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks. To find out what programs need to be updated, please run the Secunia Software Inspector Scan. Happy Surfing again!
  18. Hi, AVG is OK, but my personal choice is Avira Antivir. This because it's great in detection and not such a resource hog.The personal version is for free - it's a good basic protection for every user. I'm using the Premium version which is not for free, but has more protection (also against spyware, adware, webscanner etc..) See comparison table here between the free and Premium version: http://www.free-av.com/en/products/1/avira..._antivirus.html (see below) As you see, it's not expensive at all The Security Suite is also mentioned there, but since I've never tried it, I cannot tell you either how it works. I personally prefer a standalone Antivirus and standalone Firewall. Also, Firewalls may be too advanced for the common user and may cause extra problems if you don't know how to use it properly. That's another reason why I rather recommend a standalone Antivirus instead of a Security Suite Hope this has answered your questions
  19. Hi, I've already had the feeling that this wouldn't work since more got corrupted here... This isn't MS fault though. It's the malware that corrupted your Windows. Try to contact PC World and ask them more information about the XP CD, because you really should get one. After all, one day, you'll have to reinstall your Windows anyway (or upgrade). The only way to properly restore your problems is a Windows repair install, or full install, or upgrade to Vista / Windows7 whatever. Anyway, in a meanwhile, you can try other alternatives... You can get Thunderbird from here: http://www.mozillamessaging.com/en-US/thunderbird/ I use it as well in combination with Firefox.
  20. Hi, I see you are running Teatimer. I suggest you to disable it because it can interfere with the changes you'll make on your system. When everything is done and your log is clean again, you can enable it again. If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it. How to disable TeaTimer <== click me for instructions. The same applies for Adwatch. Then, * Download: HostsXpert Unzip hoster to an own folder, eg C:\HostsXpert Start HostsExpert.exe, click 'Restore MS Hosts file' and click OK. Then, * Please visit this webpage for instructions for downloading and running ComboFix: http://www.bleepingcomputer.com/combofix/how-to-use-combofix Post the log from ComboFix in your next reply. Please make sure you disable ALL of your Antivirus/Antispyware/Firewall before running ComboFix..This because Security Software may see some components ComboFix uses (prep.com for example) as suspicious and blocks the tool, or even deletes it. Please visit HERE if you don't know how.
  21. Ok. So from what I understand, his Outlook works fine? If so, then it's your Windows useraccount which became corrupted. This makes sense since this also affects IE. If you create a new Windows useraccount, then a new temp folder and user settings will be present.So, if I were you, I would create a new useraccount for you and set everything up there. Then, when all is set, you can delete your old useraccount (Halibut) via controlpanel > useraccounts. Or you can just leave it there, this in case you need something from the old useraccount (since your pictures, music, personal program settings etc are located there as well..)
  22. Hmm, what you can also still try is, create a new Windows userprofile and see if everything works there. Because if a Windows useraccount gets corrupted, it may also explain why you're having so much problems with OE and IE Edit, I see the userprofiles Spreadie and halibut in your log. Don't know which one is yours, but test the other account and see if it's the same there in outlook (and IE).
  23. Hi, Just skip the step with the cd. Try to create a new userprofile in your Outlook and let me know if you're still having the same problem. What's the upgrade CD exactly? So basically, you don't have a repair CD either? So, what do you have to do when something goes terribly wrong and you have to reinstall Windows? If I were you, I would contact PC World to ask for more info what to do in such cases, because I find it really important that everyone has an install CD. After all, if nothing of the instructions I posted works, then this means that something got really corrupted here (which doesn't suprise me with the amount of malware you were dealing with). Damage cannot always be properly restored unless you perform a Windows repair install. This won't erase your data, but repairs your Windows and restores files and settings again. But for a Windows repair install, you also need the CD. Anyway, if this isn't possible, then there's still a solution. And that is to use alternative software instead. For example, for your browser, you use Firefox and for your mailprogram, you can use Thunderbird. Anyway, it would suprise me that the instructions I posted won't work though - unless, as I already said, your Windows got damaged in between.
  24. Hi, Don't worry about them, I get the same error for them here... Just proceed with the rest of the steps.