another System32\services.exe case. Help, please

[oldman]

Hi Lazarus78,

How does it look to you?

Looks pretty good.

We'll clean up the tools now.

From your desktop, please delete, if present

• any notepads/logs that we created
• aswMBR.exe
• mbr.zip
• mbr.dat

Next

Click the Start button. Copy and paste the following line into the search box and hit  enter


Combofix /uninstall

Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet -  allow this.  A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.

I suggest you keep MBAM. Keep it updated and use it regularly.

Updates

Java

Your java is out of date. Click your start button > Control Panel

• Use the drop down menu beside view by and change it to small icons
  
• locate java (32bit) [looks like a coffee cup) in the list and click on it
  
• when the java console opens click the update tab
  
• Click update now
  

Remember to decline the Ask ToolBar offered during the update.

Next

Click your start button > Control Panel

• Use the drop down menu beside view by and change it to small icons
  
• locate java (32bit) in the list and click on it
  
• On the General tab, Click Settings under Temporary Internet Files.
  
• On the Temporary Files Settings screen, Click Delete Files.
  
• check all boxes
• Click OK
  

.

Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. Those you have now provided you are using a firewall. Windows 7 has a built in firewall which is pretty good when set up. You can find some very good information HERE .


*A guide to understanding and using the hosts file.

Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS

Please read the info on disabling the DNS Client before installing a custom hosts file.

Please note: Follow the instruction in the link named Important! Windows 7 requires special instructions.


-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.

• Click once on the Security tab
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
  
• Change the Download unsigned ActiveX controls to Disable
  
• Change the Initialize and script ActiveX controls not marked as safe to Disable
  
• Change the Installation of desktop items to Prompt
  
• Change the Launching programs and files in an IFRAME to Prompt
  
• Change the Navigate sub-frames across different domains to Prompt
  
• When all these settings have been made, click on the OK button.
  
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
  

Next press the Apply button and then the OK to exit the Internet Properties page.

- Make sure you have reset Windows Updates to your chosen option. Click your start button > Control Panel > System > Windows updates (lower left) > change settings

- Keep your antivirus program updated, as well as any other security programs you have.

-More tips and programs can be found HERE

 Please post back if you have any problems.

Take care

[Lazarus78]

Hi there, oldman.

I am facing some problems to uninstall Combofix: by doing as you say, I receive the message "cannot find jgh.exe". The file is in the desktop, though. How to proceed now?

No problems with OTL and aswMBR, and Java was updated.

In your reply, please provide an address to send a cake, a pizza or some flowers (on demand) as a thanksgiving present

This help you are providing here is simply awesome.

Warmest regards,

[oldman]

Hi Lazarus78,

Since you removed OTL after you had problems removing combofix, the uninstall for combofix will not work without a new copy of combofix.

Delete combofix (jgh.exe) from your desktop and download a new copy from Link 1

Make sure it's saved to your desktop. No need to rename.

Try running the command again from the search box.

Let me know how it goes.

[Lazarus78]

Damn, it does not work.

I deleted the file, downloaded a new version of Combofix, but the command doesn't work. It says it cannot find it. I tried again after rebooting the computer, but I get the same answer...

Sorry for messing things up...

[oldman]

Hi Lazarus78,

No problem.

Use this command instead. (don't miss the " mark at the beginning)


"%userprofile%\desktop\combofix.exe" /uninstall

[Lazarus78]

"Combofix is uninstalled"

So, it's done! Thanks, thanks, thanks, oldman!!

Anything else to do?

[oldman]

Hi Lazarus78,

You're more than welcome.

Good job. I think you are good to go. Just try to practice safe surfing as best as you can.

Take care.

[Lazarus78]

My dear oldman,

Thank you very much for your help all these days. It is my first experience in this forum, the first time I actually receive such a free, non-interested support and advice in any forum on the Internet, and I am just amazed and extremely thankful.

Keep on doing, man, you and your mates keep on with this useful and amazing work you are doing.

Thank you, muchísimas gracias.

Warmest regards and all the best!

Miguel