*** meant to say the only symptom instead of system***
*** meant to say the only symptom instead of system***
I got that*** meant to say the only symptom instead of system***
Looking and sounding good but we need to do a few final checks before I can give you instructions on how to clean up the tools we’ve used.
First we need to take care of Chrome. Unfortunately, when Chrome has “bad” entries, the easiest, (and usually the only) way to deal with this is to uninstall and re-install it.
.
Uninstall Chrome and, if asked about user data or settings, remove those also.
Restart the computer and re-install Chrome
====================================================
Download Malwarebytes-Anti-Malware
Click here.
- double-click mbam-setup.exe and follow the prompts to install the program.
- at the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware. and Launch Malwarebytes' Anti-Malware, then click Finish..
- if an update is found, it will download and install the latest version.
- once the program has loaded, select Perform quick scan, then click Scan.
- when the scan is complete, click OK, then Show Results to view the results.
- be sure that everything is checked, and click Remove Selected.
- when removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
- the log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
- copy and paste the contents of that report in your next reply and exit MBAM.
NOTE: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
====================================================
Run Security Check
Download Security Check by screen317 from here or here.
- save it to your Desktop.
- double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- a Notepad document should open automatically called checkup.txt; please post the contents of that document.
Logs to include with the next post:
Mbam.txt
checkup.txt
Satchfan
Do i have to reinstall chrome. I do not use it and i believe it came on the computer already. Can I just uninstall it or do you recommend reinstalling it?
I don't like it and it's more trouble than it's worth so I would agree with you - don't bother with it.
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.07.11
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Dad :: GHOSTFISH [administrator]
3/7/2013 10:10:58 AM
mbam-log-2013-03-07 (10-10-58).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 243336
Time elapsed: 3 minute(s), 47 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Results of screen317's Security Check version 0.99.60
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.70.0.1100
Java(TM) 7 Update 1
Java version out of Date!
Adobe Flash Player 11.6.602.171
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
Another positive.
One final scan and if all is well I'll give instructions to tidy up.
Run ESET Online Scan
IMPORTANT Please make sure you uncheck the box next to Remove found threats. Eset will detect anything that looks even slightly suspicious, which could include legitimate program files. If you do not uncheck the box, Eset will automatically remove all suspicious files which could leave some of your software inoperable.
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScanIf a log has been produced post it in your next reply.
- click the Eset online Scanner button.
- for alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- click on esetinstaller.exe to download the ESET Smart Installer. Save it to your desktop.
- double click on the Eset installer icon on your desktop.
- check Yes, I accept the Terms of Use
- click the Start button.
- accept any security warnings from your browser.
- check Scan archives
- click Advanced settings and select the following:
- scan potentially unwanted applications
- scan for potentially unsafe applications
- enable Anti-Stealth technology
- click the Start button.
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take quite a long time.
- when the scan completes, push List of found threats
- click on Export to Text file and save the file to your desktop using a unique name, such as ESETScan. Note - if ESET doesn't find any threats, no report will be created.
- click on the back button.
- click on Finish
Satchfan
No report was created.
As Eset found nothing your computer appears to be clean.
Now that you’re free from malware, as long as your computer seems to be running well, please follow these simple steps to tidy up you computer and decrease the likelihood of getting infected again:
Uninstall Combofix
Follow these steps to uninstall Combofix
- click START then RUN
- now type Combofix /uninstall in the runbox and click OK.
Note the space between the X and the /, it needs to be there.
===================================================
- please follow the prompts to uninstall Combofix.
- once it's finished uninstalling itself you will receive a message saying Combofix was uninstalled successfully.
Uninstall AdwCleanerYou can delete all other logs and programs we’ve used that are on your desktop. Just click on them and press Delete.
- double-click on adwcleaner.exe to run the tool
- click on Uninstall
- confirm with Yes.
===================================================
Uninstall and update Java
The version you have is old and therefore vulnerable to infections
Remove Java(TM) 7 Update 1 and Java(TM) 7 Update 1 (64-bit)
- From the Start menu, select Control Panel.
- In Classic View, double-click Programs and Features. In Control Panel Home view, under "Programs", click Uninstall a program.
- Select the program you want to remove, and click Uninstall. Alternatively, right-click the program and select Uninstall.
Install the latest version of Java from here
NOTE – when you install Java, before clicking on Install, be sure to Uncheck “Install the Ask Toolbar and make Ask my default search provider”
===================================================
Spybot - Search and Destroy’ – Re-enable TeaTimer and remember to scan your computer with the program on a regular basis as you would with your anti-virus software.
===================================================
Update and run Malwarebytes. This really is an excellent program that you should also update and run on a regular basis, probably weekly.
===================================================
It’s important to keep programs up to date so that malware doesn't exploit any old security flaws.
FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated.
===================================================
I also recommend that you read the following:
How to prevent malware by miekiemoes
I'll leave this thread open for 24 hours and if I hear nothing from you I'll assume that all is well and close the topic.
Safe computing
Satchfan
Last edited by Satchfan; 2013-03-08 at 16:28.
I've done all the steps you have outlined. Thank you very much for your time, patience, and help. I am truly humbled and grateful to have had the pleasure of your assistance. I hope that one day when you need a helping hand, whether it be online or offline, there will be a personal of equal generosity and zeal to aid you. Goodbye, and thanks once again.
Just and FYI, the File hippo link downloads the program but for some reason it doesnt ever load properly. It always says something like an addon or plug in that is needs is not functioning.
Posting Permissions
