essexboy
Three showed up on Notepad:OTL.Txt, ExtrasTxt, and 09132012_145535
Only the attached was movable to My Docs, and cd be found in ‘Browse’.
If you want the others, please tell me how.

Nope all I need now is to know what problems remain before I tidy up ;D

To essexboy

1. Phew, glad that’s over Don’t know how to thank you enough for all that time and effort! Great job! I assume I can delete the debris now (?) I intend to keep Malwarebytes…can’t hurt to have two roach -killers on the job (but yes, only one AV, Avast for sure!)
2. In general PC runs much as before: good. TROJAN.RANSOM gone; no threats found by my three ghost-hunters; all seems ‘quiet on the home-front’.
3. Very minor ‘problems’ such as that damn Windows security shield back in my tray which pops up on every boot telling me updates shd be dled…forget how I removed it before. But if that’s the biggest complaint you ever get, you must be doing pretty well ;D
4. I might mention a few possible ‘indicators’, none of which may pertain to this: a)In my first post I mentioned Rundll32…shd I delete the ~60 suspicious ones, short ones (~30-60bytes) which appeared 09/07-09/09 when the trouble started?; b) Something strange showed up in My Docs ~70 ‘album art’ (half long and half short jpg’s) covers of music I’ve dled…is that of any signifigence?..I may delete them; c) That wgsdgsdgdsgs.exe is still in Avast jail, labeled ‘no virus’…shd I delete that?: d) “Error on page” appears more frequently, at the bottom just above the Start line…mean anything?

Again my heartfelt thanks for a great job. Will let you know if anything else shows up. Will also keep you on tap shd I need help in the future [that’s the trouble with showing expertise… ;D ]

Anything in the virus chest can now be deleted

Reference the windows updates you should install them to keep your system secure

"Error on page" appears more frequently, at the bottom just above the Start line...mean anything?

I assume that you mean internet explorer Go to Control Panel > Internet Options > Advanced Tab And reset the settings.. See picture at the bottom

I will clear my tools now and once that is done let me know of any further concerns

Subject to no further problems

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean

A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:Commands [resethosts] [emptytemp] [CLEARALLRESTOREPOINTS] [Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
[*]Click Start.
[*]Open My Computer.
[*]Select the Tools menu and click Folder Options.
[*]Select the View Tab.
[*]Under the Hidden files and folders heading select Do not show hidden files and folders.
[]Click Yes to confirm.
[]Click OK.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
[*]Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe

Hi essexboy

PC running well, about as usual. Lost two PWs, easily replaced; some sites load sl more slowly, but load speed varies normally.

Followed your ‘end-game’ plan:

1. OTL. Ran fix, then cleanup (twice). OTL did not delete itself, so I did it manually. But I notice those ‘attachments’ still show up on my posts…How can I delete them?
2. Hidden f&f was already checked (from long ago).
3. Malwarebytes I shall keep, as mentioned before, so I shall have Avast and two roach hunters.
4. A word on auto updates: I dislike them…they are intrusive,slow down my PC and bark at the wrong time. I generally manually update all each month, but will do so 2X/mo if you think it best. Will add Windows update to that list…have been reluctant to update Windows (created problems in the past)…was talked into updating in July…170 loaded my PC! Wd rather not have ‘Hippo’.
5. ‘Error on page’. Wd rather not reset all…some I set for other, unremembered, reasons. Is there some specific setting I shd reset? (Msg is showing right now)
6. Have a Firewall (windows) but never found out how to ‘update’ it…will check. Avast free offers no firewall, does it?
7. Emptied Avast Virus Chest…no change noted.
8. Wd still like to know how to rid my PC of that damn Window Security shield in my tray…it keeps insisting I turn on auto update >:(

Guess that’s it. Please answer above when/if you get time/inclination. You have done a fine job, and gone ‘beyond the call of duty’. I won’t thank you again…you might get the impression that you’ve done someting clever :

A word on auto updates: I dislike them...they are intrusive,slow down my PC and bark at the wrong time. I generally manually update all each month

Second Tuesday of each month is the update day ;D

Wd still like to know how to rid my PC of that damn Window Security shield in my tray...it keeps insisting I turn on auto update

Go to control panel > Security center. Turn it off there (pic 1 below)

Have a Firewall (windows) but never found out how to 'update' it

That is done via windows updates

'Error on page'. Wd rather not reset all...some I set for other, unremembered, reasons. Is there some specific setting I shd reset? (Msg is showing right now)

Again control panel > Internet Options place ticks in the debugging boxes (pic 2)

But I notice those 'attachments' still show up on my posts...How can I delete them?

On the top right of the post is a modify button, click that and then delete the attachment

Second screenshot