Computer got this, ran in smart mode, cleaned out startup, ran malwarebytes antimalware to get rid of it...running it again, appears to be gone.

Suggested next steps to ensure it or anything else is gone?

12/17/2010 11:58:18 AM

quit looking at questionable porn. lol

12/17/2010 12:01:10 PM

Don't think I got everything...my computer's speakers are now making random noises

12/17/2010 12:07:03 PM

K...the sounds are google toolbar blocking popups, and now IE keeps randomly opening.

Help my computer caught the AIDz

I'm moving random shit over to an external and will prolly reformat unless you all have better ideas

12/17/2010 12:20:51 PM

start in safe mode

run combofix

????stoplookingatquestionableporn????

profit

12/17/2010 1:07:23 PM

What, exactly, is "Smart Mode"?

12/17/2010 4:44:47 PM

What a fucking idiot.

12/17/2010 4:47:08 PM

1. IE8 has a perfectly good popup blocker, and it doesn't make an annoying noise; Google Toolbar is bloatware IMO, along with the Yahoo, Bing, and Ask toolbars.

2. After running ComboFix to clear out what might very well be a rootkit, run this program to set those sweet sweet killbits (also do the Spybot immunization): https://www.javacoolsoftware.com/spywareblaster.html

For extra killbit goodness, download this and put it in the SpywareBlaster directory: http://koti.mbnet.fi/pattaya1/customblocking.txt
Then under Tools, go to Custom Blocking.

All of this will keep malicious ActiveX controls from being installed, or running if already installed.
There are other security measures you may want to take to shore up your PC, but that one is key.

12/17/2010 8:30:57 PM

Quote :

"All of this will keep malicious ActiveX controls from being installed, or running if already installed."

You know what else will keep ActiveX controls from being installed? NOT USING IE!

Quote :

"There are other security measures you may want to take to shore up your PC, but that one is key. "

Ditching IE would be a great security measure.

12/17/2010 11:56:43 PM

Even if you don't personally use IE, lots of programs use it internally, as the WebBrowser control

also IE isn't the only thing in Windows that makes use of ActiveX controls; so do MS Office, Windows Media Player, and the Windows Explorer shell

[Edited on December 18, 2010 at 12:07 PM. Reason : I agree, don't use IE on the regular; I prefer Opera

12/18/2010 12:07:26 PM

Format C:

12/18/2010 12:20:48 PM

Quote :

"lots of programs use it internally"

It would be best to not use those programs. I know very few programs that do, and quite a few of them are migrating away from it (Steam used to use IE, but they switched to Webkit).

Office disables Macros and ActiveX controls by default. Most people aren't going to use ActiveX controls with WMP, and even then, I would avoid WMP. And I have never heard of Explorer in Vista/7 using ActiveX controls, seeing as how Explorer is no longer tied in with IE, like it was in XP.

I'm not saying your advice is bad, but I feel you left off telling him to ditch IE if he wants to be more secure. The only thing that sets IE apart from any other browser is the ActiveX controls. If you disable ActiveX, you're pretty much defeating the entire purpose of using IE.

12/18/2010 8:13:47 PM

Combo Fix

12/18/2010 8:20:30 PM

I know SoulSeek still uses the IE engine; also I'm not advocating disabling ActiveX, just blocking a shit-ton of it.

Also, even if something else is the default browser, it is possible for an application to specify that a particular link should be opened in IE.

12/18/2010 10:52:51 PM