OK, don't worry about the ComboFix log. How did you uninstall ComboFix? I still see entries related to the programme in your logs.
After completing the last few steps, how is your computer performing? Are there any outstanding issues?
I don't recall whether I uninstalled Combofix through the uninstall module or just deleted the .exe file. I may have run Combofix before I restored to a prior restore point. Perhaps that's why I can't find the .txt file. I can't find any evidence of Combofix using the "search programs and files" function.
I'm not noticing any problems with my PC. How does everything look from your end?
Thanks again for your help. This forum is a terrific resource!
Hi Robin,
As there is still evidence of ComboFix in your logs, I will provide instructions on how to completely uninstall the programme once we are finished.I don't recall whether I uninstalled Combofix through the uninstall module or just deleted the .exe file. I may have run Combofix before I restored to a prior restore point. Perhaps that's why I can't find the .txt file. I can't find any evidence of Combofix using the "search programs and files" function.
Everything looks good. Lets run two last scans to check for remnants.I'm not noticing any problems with my PC. How does everything look from your end?
STEP 1
Malwarebytes Anti-Malware (MBAM)
- Please download Malwarebytes Anti-Malware Free to your desktop.
- Double-click mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme.
- Launch the programme and select Update.
- Once updated, click the Settings tab and tick Scan for rootkits.
- Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
- Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
- If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
- Upon completion of the scan (or after the reboot), click the History tab.
- Click Application Logs and double-click theScan Log.
- Click Copy to Clipboard and paste the log in your next reply.
STEP 2
ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.
- Please download ESET Online Scan and save the file to your Desktop.
- Temporarily disable your anti-virus software. For instructions, please refer to the following link.
- Double-click esetsmartinstaller_enu.exe to run the programme.
- Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
- Agree to the Terms of Use once more and click Start. Allow components to download.
- Place a checkmark next to Enable detection of potentially unwanted applications.
- Click Hide advanced settings. Place a checkmark next to:
- Scan archives
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
- Ensure Remove found threats is unchecked.
- Click Start.
- Wait for the scan to finish. Please be patient as this can take some time.
- Upon completion, click
. If no threats were found, skip the next two bullet points.
- Click
and save the file to your Desktop, naming it something unique such as MyEsetScan.
- Push the Back button.
- Place a checkmark next to
and click
.
- Re-enable your anti-virus software.
- Copy the contents of the log and paste in your next reply.
======================================================
STEP 3
Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
- MBAM Log
- ESET Log
Sorry for my delay in responding. I was out of town last weekend. Here are the logs you requested:
MBAM Log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/8/2014
Scan Time: 11:26:53 AM
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.08.05
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Robin
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 357545
Time Elapsed: 3 min, 31 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
ESET did not find any threats. Hence, I have no ESET log to post. Please let me know if I need to do anything else. Thanks!
Hi Robin,
No problem at all.Sorry for my delay in responding. I was out of town last weekend.
Lets update your vulnerable software to minimize the risk of infection.
STEP 1
Update Outdated Software
Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.
Adobe Reader (Uncheck the Optional Offer)
Google Chrome
Follow these instructions to check for and download the latest Windows Updates.
STEP 2
Remove Outdated Software
- Press the Windows Key
+ r on your keyboard at the same time. Type appwiz.cpl and click OK.
- Search for the following programmes, right-click and click Uninstall one at a time.
- Adobe Reader X (10.1.11)
- Follow the prompts and reboot if necessary.
STEP 3
Security Check
- Please download SecurityCheck and save the file to your desktop.
- Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
- A log (checkup.txt) will automatically open on your desktop.
- Copy the contents of the log and paste in your next reply.
======================================================
STEP 4
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
- checkup.txt
- How is your computer performing? Are there any outstanding issues?
Hi Adam,
I installed the Windows updates, except for a Synaptics driver update that I had to uninstall because it caused my Thinkpad-style keyboard and touchpad not to work. I installed Adobe XI. I did not see Adobe X in the list of programs to uninstall. Perhaps it automatically uninstalled when I installed Adobe XI? I haven't had any other noticeable issues.
Here is the SecurityCheck log:
Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Adobe Reader XI
Google Chrome 37.0.2062.103
Google Chrome 37.0.2062.120
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Spybot Teatimer.exe is disabled!
Malwarebytes Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
Thanks!
Hello Robin,
Yes, that is possible.I did not see Adobe X in the list of programs to uninstall. Perhaps it automatically uninstalled when I installed Adobe XI?
Please refer to the following article on how to defrag your Hard Drive.
Do not do so if you have a Solid State Drive (SSD).
All Clean!
Congratulations, your computer appears clean!
I no longer see signs of malware on your computer, and feel satisfied that our work here is done. The steps below will remove the tools we have used, and reset any settings changed. I have also provided a list of resources and tools that you may find useful.
My help will always be free. But if you are happy with the help provided, and would like to support my fight against malware and/or buy me a beer, please consider a donation.
STEP 1
DelFix
- Please download DelFix and save the file to your Desktop.
- Double-click DelFix.exe to run the programme.
- Place a checkmark next to the following items:
- Activate UAC
- Remove disinfection tools
- Create registry backup
- Purge system restore
- Reset system settings
- Click the Run button.
-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
--- Malwarebytes Anti-Malware will still be present on your computer. I recommend keeping this programme, updating and scanning with it once a week to maintain security on your computer. If you do not wish to keep this programme on your computer, you can uninstall it by pressing the Windows Key
Below I have compiled a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet.
- Answers to common security questions - Best Practices by quietman7, MVP
- How Malware Spreads - How did I get infected? by quietman7, MVP
- Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
- How to Prevent Malware by miekiemoes, MVP
- How to backup and restore your data using Cobian Backup by YourHighness
- Slow Computer/browser? It May Not Be Malware by quietman7, MVP
The following programmes come highly recommended in the security community.
AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
Emsisoft Antimalware (free) acts as an additional on-demand scanner, and can be used in conjunction with your Anti-Virus.
Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
Malwarebytes Anti-Malware Premium (MBAM) incorporates real-time protection and is designed to run alongside your Anti-Virus.
NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
Sandboxie isolates programmes of your choice, preventing files from writing to your HDD unless you approve the file.
Secuina PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
Unchecky automatically removes checkmarks for additional software in programme installers, helping you avoid adware and PUPs.
Web of Trust (WOT) is a browser add-on designed to alert the user before interacting with a potentially malicious website.
-- Please feel free to ask if you have any questions or concerns on computer security or the programmes above.
======================================================
Please confirm you have no outstanding issues, and are happy with the state of your computer. Once I have confirmation things are in order, we can wrap things up and I will close this thread.
Thank you for using Safer Networking.
Safe Surfing.
Adam (LiquidTension).
Posting Permissions
