AV Security Sphere malware... Please help!!

• Please run OTL.exe again
  
• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

• CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
  
• If it asks to reboot the computer, please allow that.
  
• Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

This should take care of the AV security Sphere. After running this you can reboot your computer and probably will find its gone.

====================

You have some adware installed on your computer (Shop To Win). Adware is regarded as low-risk malware. While some adware has its uses, it also provides unsolicited advertisements, may slow down your computer and is not alltogether trustworthy (it may upgrade to something nastier). I would suggest you uninstall it (Start >> Control Panel >> Add or Remove Programs). If you are not successful at uninstalling, let me know and we´ll eliminate it manually.

====================

Please download Malwarebytes' Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:

• If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
  
• Click OK to either and let MBAM proceed with the disinfection process.
  
• If asked to restart the computer, please do so immediately.

Post the contents of the MBAM log in your next reply, please.

Everything seemed to have worked. I have had no issues with this adware/malware. Thanks for your help.....

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8385

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

12/18/2011 9:24:55 AM
mbam-log-2011-12-18 (09-24-55).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 276118
Time elapsed: 24 hour(s), 18 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Ron\Desktop\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

You need to install the latest version of Java. Having the latest version is important to take advantage of fixes that have eliminated security vulnerabilities.

• Go to Start > Control Panel
  
• Double-click on Add or Remove Programs
  
• Look for entries that say Java, Java RunTime Environment or J2SE.
  
• Uninstall all of them that are not named Java (TM) 6 Update 29

After doing this, you can go to java.com, click on Free Java Download and proceed from there to install the latest version of Java (currently Version 6 Update 29).

After installing Java, go to Start > Control Panel > Java to open the Java Control Panel.
Under the General tab, Temporary Internet Files click Settings, then click Delete Files.
Select both options and click OK to delete the Java cache.

====================

Do you have any more questions or do you want to see my ALORTKYCC (Awesome List Or Recommendations To Keep Your Computer Clean)?

Yes, please send me a link to your ALORTKYCC..... Thanks for your help in fixing my computer. Happy Holidays....

Time to uninstall used tools.

• Double click OTL.exe to run it again and click the CleanUp button.
  
• If we used any other tools and they still remain on your desktop, please delete them manually.

====================

Allright! Here follows my ALORTKYCC (Awesome List Of Recommendations To Keep Your Computer Clean):

1) Keep your Windows up-to-date. Windows Autoupdate should be ON (see Start >> Control Panel >> Security Center). An alternative way (but more time-consuming) is to periodically visit http://windowsupdate.microsoft.com. Hackers are looking every day for new security holes. Microsoft keeps patching them. You cannot fall behind in this race, it will make your system vulnerable.

2) For your average daily computer activities, use a limited/standard user account, not an administrator account. If you use Vista/WIN7 do not disable User Account Control (UAC). You would be amazed to know how much malware can´t touch you if you deny it admin rights. Create a separate password-protected administrator account that you use for admin activities, like (un)installing software.

3) Use a good antivirus. There are various free ones, you cannot go wrong with either of the following three:

• Panda Cloud Antivirus. If you want your antivirus to be light on resources, I recommend Panda. Install without the toolbar.
  
• Ad-Aware Free Internet Security has received great reviews from leading security analysts.
  
• Avast! is a very complete antivirus, with modules like mailscanner and webshield.

4) If your computer has 1GB system memory or more, you should install a third party firewall, to replace the weak Windows Firewall. I recommend:

• Comodo Firewall. Install the internet security suite, but without the antivirus and without the Hopsurf toolbar.
  
• Online Armor. A very smart and user friendly firewall.
  
• Outpost Firewall is another rocksolid choice.

Note: you should run only ONE antivirus and ONE firewall. Running multiples of either is bad, it will cause slowdowns and/or conflicts.

5) Miscellaneous advice:

• Stay away from cracks and keygens (look here for the why). Get free software instead. Gizmo is an excellent source of freeware reviews.
  
• Navigate safely. Google Chrome is the safest browser available. However, Mozilla Firefox can be made extremely safe with the NoScript addon. Internet Explorer (always use the last version) can be made a lot safer with Spywareblaster (manual here).
  
• The WOT (Webs Of Trust) addon will help you to stay on reliable webpages.
  
• WinPatrol alerts you when changes are made in vital system areas. Especially good on light systems not running a third party firewall.
  
• Make sure you have ways to recuperate your operating system and vital other data if its gets frustrated by malware and/or other problems. A Windows setup CD and recent backups/disk images will be priceless, if you find yourself in an unexpected tight spot.

Finally: did we help you? Help us back!