pc worse after removing trojen and malwar

Hi,
Super antispyware scan is finished it found 2 adware cookies, one I recognise as one of my ISP's cookies, the other is in documents and settings.oem.cookies/oem@atdmt(2).txt.
Thank's Belinda

 

I assume by now you have completely cleaned your registry using CCleaner. Did it find a lot of old files? I forgot to tell you earlier to run the registry cleaner a few times to make sure all the crap is cleaned out. Keep the three anti-spyware tools, those are the best free programs out there. OK, time to install a Firewall. You have two choices, the first is Zonealarm http://www.download.com/ZoneAlarm-Firewall-Windows-2000-XP-/3000-10435_4-10039884.html The second is Comodo http://www.download.com/Comodo-Firewall-Pro/3000-10435_4-10460704.html Take your pick. I'd try both, see which one you like. But, make sure you only run one at a time. After using the first firewall, disable it before downloading and activating the other. If you don't like the second one, just delete it and re-activate the first one. Since all your malware scans are comming up negative. Time to stop scanning, the system appears to be clean. I'll show you later how to run Spybot and Ad-aware in safe mode. I would like you to check the file which was in question. (Navigate to this file) O4 - HKCU\..\Run: [AntiVirusProMFC] C:\Program Files\Antivirus Pro\Antivirus Pro.exe If you find it there delete it. Important! If you don't find it, let me know. A couple of questions I asked earlier which you did not address. What brand and model computer do you have? Do you know how to use Disc Cleanup and Disc Defragmenter? Here's another Anti-spyware you should install. Download Windows Defender. http://www.microsoft.com/downloads/...E7-DA2B-4A6A-AFA4-F7F14E605A0D&displaylang=en Go here and make sure your operating system is fully updated. http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us

 

Hi, sorry, I will answer all questions,

I have used disk defragmenter before, I just let it do it's thing (I didn't do anything custom). I have never used disk clean up.

I am using ms windows xp version 2002, service pack 2 (oem) Intel Pentium dual 3.20ghz - 3.20ghz, 896 mb of ram. I connect to the Internet via broad ban cable. I still have a lot of memory left.

I have windows defender, I downloaded it yesterday when all my probs began.

I used ccleaner thoroughly, but I had trouble afterwards, I could not access the website, ninemsn.com a popular news site, I saved my current registry when prompted and reversed it (does this mean that all the cleaning process has been reversed?).
I have looked through ccleaner and done searches and can't find how to eliminate ninemsn, so it won't be affected? I will keep looking! Yes, it found lot's of old files, it also found a lot of things left behind from uninstalling programmes, (sorry I'm not very good with terms.) I will keep trying to find a way to eliminate ninemsn, then I will perform the clean again several times.

I installed comodo yesterday, today I downloaded zone alarm, which I prefer, I think it's really good. I removed comodo and turned of windows firewall.

I searched my pc for the file you mentioned and couldn't find it, I hope that is what you meant? Could you tell me what you mean by navigate, does that just mean a file search?

I went to the ms update site, it wants to update my pc with:

Microsoft .NET Framework 3.0 Service Pack 1 (KB929300)
Microsoft .NET Framework 2.0 Service Pack 1 (KB110806)

Is this o.k? I have service pack 2.

I know how to search my harddrive through "my computer" and click on 'hard disk drives" and then "local disk (c".

Thank you for your help, I feel far more comfortable with my pc now, the speed is a little better, and I have not performed all of your recommendations yet. (I have to work out ccleaner)

I have noticed a lot of people post the results of the hijack this log when asking for help. How do you know what is in the log? Is there a site or article I can read to learn?

I hope I have answered everything, I am looking after my kids, so I will let you know if I have to take a break, rather than just disappearing.

Thanks Belinda.

 

Go to the ms update site, and install both Framework updates. Run another scan to see if there is any other updates.
All I can say about CCleaner, is you'll have to figure out which file not to remove from the list. I've never used ninemsn. You could first try eliminating the obvious. Then start removing 3 files at a time until you find which one affects the ninemsn. Restore the backup. Not sure but there my be an option to have the program over look this file in future scans. We can look into that later once you've located the correct file to keep.
Follow this path: Start\All Programs\Accessories\System tools\Disc cleanup. Open disc cleanup and place a tick next to the first two, and the third and forth entries in the list. Skipping the third entry. Click OK and yes to start the scan. I use both disc cleanup and disc defragmenter at least once per week. You might think about putting a short cut on the desktop for both programs. Makes it a lot easier to access.
To seach your HDD. Start\My Computer\Search\All files and folders\All or part of the file name. type in the file your looking for. Note: this will take a practice understand what to remove. I can teach you this some other time when we are not fixing your computer.
I think Zonalarm would be my choice, too. Hey, try doing a HDD search for Comodo. Using the method I just showed you above. Let me know what comes up.
There's the website you asked about. http://www.hijackthis.de/ Copy and paste your HJK log into it. Google each result in question. And the more you use it the better you'll get.
Use CCleaner and Disc Defragmenter at least once per week. This will help you keep your PC running good.
Have you ever used msconfig?
What home page opens when click on Internet Explorer? Do you know how to change your Internet home page?

 

Hi, I have updated at the ms site, and completed the disk cleanup, I haven't put a shortcut yet but will.

I searched for the files, this is what came up:

comodo - in: c/program files - type: file folder
antivirus pro - in: c/windows - type: file folder

I deleted antivirus pro should I delete comodo?

I run ccleaner and unchecked, adobe acrobat 7.0, adobe flash player, quick time player and zone alarm logs which I thought I should keep at the moment? Adobe and quick time you need to view pictures on the web? Should I uncheck remote desktop? I haven't worked out what to eliminate in the registry but am still trying.

I will use ccleaner regularly thanks for the advise.

My home page is bigpond.net.au, it is my isp home page. Yes I can change it.

I can't be at my pc constantly at the moment so maybe it would be better if I can come back same time tomorrow (or when you have time), so I don't leave my responses way to long.

I will definitely look at the website and learn about the logs.

By tomorrow I will have finished all, I will work out ccleaner tonight if it kills me.

Thanks again, Belinda

 

The good part about CCleaner is the backup option. I clean it all out and if something ends up not working later, I restore the backup and locate the file I need. Doesn't happen very ofter.
Yes, get rid of Comodo. When you get rid of files with the HDD search, you'll find that once you do this, CCleaner will remove whatever else you missed.
So, your outback? Noticed the au ending on your homepage. I'm familiar with that page.
Have you ever used microsoft configuration utility, or msconfig? We will need to configure your startup programs to free up memory and improve your startup time.
Reset and Re-enable your System Restore to remove bad files that have been backed up by Windows. The files in System Restore are protected to prevent any programmes changing them. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected.)

To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

Run system file checker. Follow this path: start-> run-> type: sfc /scannow
This program will take about 15 minutes to run. And if you'd like to learn more about this. http://www.updatexp.com/scannow-sfc.html

Do you know how to unhide protected files?

Do you know how to boot into safe mode?

Remember what I said earlier about using Google to find something. Here's some information about remote desktop. You decide whether or not you need this file. http://www.microsoft.com/windowsxp/using/mobility/getstarted/remoteintro.mspx

G'Day

 

Hello,

I wanted to post after this time, as I never had a chance to thank you for all your help.

I have had major problems since I was attempting to fix my PC with your help. My PC refused to power up, after being at the shop where I purchased it, I was told that dropping a cup of coffee on my hard drive nearly a year ago, had caused the internal modem to become corroded which in turn caused other issues.

They removed the modem and chemically cleaned my PC. I have moved since and have changed over from cable to ADSL, which was another huge nightmare. I am not sure what exactly was done by the technicians (they performed a general clean up as well) but I would still like to configure my start up programs, which I will now look back on. In Aus we have notoriously slow Internet speed, so when everything else is running slow the whole experience becomes a nightmare.

Once again thank you for your help and advice, I am still running all the programmes you advised and I am very happy with them.

Regards, Belinda