Help! Another lameshield attack and suspicious open ports!

Savvybunny2009

Thank you for helping me with my previous lameshield issue.

Unfortunately today lameshield was present and dropped the 'live security platinum' software on my machine.

I have managed to disable it and remove it but lameshield is still being problem as there re no doubt problems in the registry.

I also believe there are suspicious open ports due to the trojans that were dealt with between antivir and malwarebytes (21 in total)

Any help on securing my computer would be grateful, the ports is my min concern at the moment.

Savvybunny2009

Eeeek, antivir has now thrown up 32 detections! Help please!

NiftyDigits

Back up your important info and run a Factory Restore.....and this time don't neglect to actually install your Windows Updates.

Windows 7 Service Pack 1 was introduced more than a year ago. No excuse really.

Savvybunny2009

It's a laptop, a factory restore is not ideal. I would rather sort out the problem than have to go throughthe process of wiping the computer clean and starting again. My windows updates are installed and the laptop is a year old at a push.

closed

There not enough information or clarity in your post for anyone to help clean things up, all you can do is scan with different AV products or boot discs

backup, create recovery disc, factory restore - about 30 minutes to 1 hours work

cleaning up the damage after an infection, or a series of infections, potentially days or weeks (6 weeks already in this case), and you'll never be able to be 100% confident it's clean.

esuhl

Ideally I'd just re-install the OS. You could be up and running in a few hours or less depending what you've installed/configured. That's a lot quicker than six weeks, if that's how long you've been trying to fix the problem.

Otherwise... I'd try to remove any identified malware (just do a web search to find out how), then keep scanning with as many WELL KNOWN anti-malware tools as you can till you get no further detections.

NiftyDigits

Savvybunny2009 wrote: »

It's a laptop, a factory restore is not ideal. I would rather sort out the problem than have to go throughthe process of wiping the computer clean and starting again. My windows updates are installed and the laptop is a year old at a push.

My mistake then. The last time I looked I saw that you were running Internet Explorer 8 and there was no trace of SP1.

GunJack

think this time I'd be inclined to firstly delete all your system restore points (by turning off System Restore), hit it with combofix first, then mbam, and run DDS If the DDS log comes back clean after that lot, run CCleaner (both cleaner and registry) and then turn S-R back on. If it comes back again after that lot, either 1. Full Factory Restore, or 2. Stop visiting dodgy websites

Savvybunny2009

Thanks everyone. I went with NiftyDigits option of restoring to factory settings, the point raised about never being sure that it would be completely removed otherwise rang true.

The original infection was a link through mse, I suspect this is the same infection not dealt with last time. I have also upgraded my antivirus to a more efficient one.

Thank you all for your help.

GunJack

you won't get a better free one than avira (just turn the heuristics up to high), and if I was going to pay for one it would be avira premium....so what have you changed it to ???

NiftyDigits

Savvybunny2009 wrote: »

Thanks everyone. I went with NiftyDigits option of restoring to factory settings, the point raised about never being sure that it would be completely removed otherwise rang true.

The original infection was a link through mse, I suspect this is the same infection not dealt with last time. I have also upgraded my antivirus to a more efficient one.

Thank you all for your help.

Go to Windows /Microsoft Update and start the updating, installing and rebooting cycle until all of the Updates are installed.

As stated before you did not have SP1 installed, so that left you more vulnerable.
Also, be careful when downloading Shareware to not install the 'free' Toolbars and be extra careful when it comes to Torrents.

Use a modified HOSTS file for an added layer of protection in conjenction with your anti-virus solution.