Win64:sirefef-a/Win32:downloader-pku/Win32:malware-g

[oldman]

Hi jackal13

How's the computer?

Just a couple of files to remove, the rest are files we have all ready quarantined or are in system restore. These will be removed when we remove the tools.



Next, Double click on OTL.exe

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
• Do Not copy the word CODE
  
• please note the fix starts with the :
  

Code: [Select]

:Services

:Files
C:\Users\All Users\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll
C:\ProgramData\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll

:Commands
[emptytemp]
[createrestorepoint]

Then click the Run Fix button at the top

• Let the program run unhindered
• Please save the resulting log to be posted in your next reply.

Please post the  OTL  fix log.

[jackal13]

here is the log

[oldman]

Hi jackal13,

I do believe you are good to go.

We'll clean up the tools now.

From your desktop, please delete, if present

• any notepads/logs that we created
• aswMBR.exe
• mbr.zip
• mbr.dat

Next

Click the Start button. Copy and paste the following line into the search box and click OK


Combofix /uninstall

Next

Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet -  allow this.  A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.

I suggest you keep MBAM. Keep it updated and use it regularly.

Some Recommendations and prevention tips

Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. Those you have now provided you are using a firewall. Windows 7 has a built in firewall which is pretty good when set up. You can find some very good information HERE .

You should also use Spyware Blaster to help immunize your computer.

 - SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs.
 
OR

A guide to understanding and using the hosts file.

Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS

Please read the info on disabling the DNS Client before installing a custom hosts file.

-Secure your Internet Explorer

From within Internet Explorer click on the Tools menu and then click on Options.

• Click once on the Security tab
• Click once on the Internet icon so it becomes highlighted.
• Click once on the Custom Level button.
• Change the Download signed ActiveX controls to Prompt
  
• Change the Download unsigned ActiveX controls to Disable
  
• Change the Initialize and script ActiveX controls not marked as safe to Disable
  
• Change the Installation of desktop items to Prompt
  
• Change the Launching programs and files in an IFRAME to Prompt
  
• Change the Navigate sub-frames across different domains to Prompt
  
• When all these settings have been made, click on the OK button.
  
• If it prompts you as to whether or not you want to save the settings, press the Yes button.
  

Next press the Apply button and then the OK to exit the Internet Properties page.

- Make sure you have reset Windows Updates to your chosen option. Click your start button > Control Panel > System > Windows updates (lower left) > change settings

- Keep your antivirus program updated, as well as any other security programs you have.

-More tips and programs can be found HERE

 Please post back if you have any problems.

Take care

[jackal13]

Thank you so much for your help OLDMAN.

Hopefully i can reciprocate any future needs you may have by contributing to forums that you may need in the future.

[oldman]

Hi jackal13,

You're more than welcome. Take care, keep safe.