23

You can run the avenger script if you want. It should unload the driver now. I’m pretty sure it’s diabled and the file “C:\WINDOWS\system32\drivers\ikuracjg.dat” is gone as we renamed it and avast caught the renamed file. I don’t know if it was replaced though. You can check for the file.

There may also be a line to fix in HJt, the 02 line that refers to “C:\WINDOWS\System32\datacle.dll”

The java update is important, as old java can be an entry point for malware.

You may want to consider this

If you are using windows firewall, please note that it doesn’t provide outbound protection. A third party firewall will.

A discussion on free firewalls can be found here.

http://forum.avast.com/index.php?topic=30808.0

If you want to post the logs we’ll have a look, if you are satisfied then you can clean up the tools you downloaded.

download OTMOVEIT2 from here

http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

Double click OTMoveIt and you should see a CleanUp! button, press that button, you may get prompted by your firewall that OTMoveIt wants to contact the internet, allow this, a cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will delete all the tools you have downloaded plus itself

Now to get you off to a good start we will re-set your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean.

  1. Select Start > All Programs > Accessories > System tools > System Restore.
  2. On the dialogue box that appears select Create a Restore Point
  3. Click NEXT
  4. Enter a name e.g. Clean
  5. Click CREATE

You now have a clean restore point, to get rid of the bad ones:

  1. Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  2. In the Drop down box that appears select your main drive e.g. C
  3. Click OK
  4. The System will do some calculation and the display a dialogue box with TABS
  5. Select the More Options Tab.
  6. At the bottom will be a system restore box with a CLEANUP button click this
  7. Accept the Warning and select OK again, the program will close and you are done