Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible origination from uTorrent File <> avast! UNSECURE [


  • This topic is locked This topic is locked

#16
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
evening fine sir :)

so I followed your instructions as best I could but encountered some ambiguity... In sequence and inline, here we go:

1. Intel Folder snaps (including properties on each of the content folders (x2)))
a) Intel folder Capture Prop Ext Grap.PNG
b) Intel folder Capture Prop Logs Grap.PNG

2. Changing Permissions

I. Right click the folder in question and select properties [OK]

II. In the Properties window go to the Security tab and click on Edit. [OK]

III. If you are not on the list of users or groups that have permissions defined, [I was - Dan Hunter} you should click on Add. If your user or group is on that list, select it, click on Allow Full Control and then press OK. {It was already this way, but as per next image, all were checked ("Full Control" above scroll line but checked) but there is this 'Special Permission"Option & w/out sounding alarmist & maybe I'm out of touch but is this standard, hence What the...?!?] Ed. NOTE - this is not clickable, it is grayed/lightened out = more concerning??

Permission DOC & Settings Special Perms WTF Capture.PNG

IV Now you need to type the user name or the group of users for which you want to change the permissions. [A tad lost here; having clicked OK as prior step, you cannot "type" anything, you are simply back at the Properties_Folder>Tab_Securtiy. I therefore clicked>Advanced (as per image):]

Doc&Set_Prop_Advanced Capture.PNG


If you type "Administrators" you will give permissions to all the users that are administrators on your PC. If you want to give permissions only to your user, then type your user name. After that, press on Check Names and then on OK. [as above image shows, no Admin., Just "me" with suggested permissions already as required - now I may be off task here and IF SO please advise)]

V. If the user/group was not found you will receive a Name Not Found error window. Make the necessary corrections and try again. ]N/A]

VI. In the Security window, select the user/group you just added and then click on Allow Full Control and finally click OK. ]Already set therefore N/A?? see image:]

Permession Edit Capture OK or NO.PNG

SUMMARY -

nothing needed changing, to my knowledge, in accordance with your instruction, pending my wrong directoin/taken on IV above..
possible suspect "special permissions" option (was un-checked & I left it this way too).

I hope this is not too much info overload or I'm being too para but I simply still have a wee pad-lock round me crown jewles if you will
:huh:

Cheers
downtrou

PS I am up gaming so if you're about OR if a skype hand over may aid me then happy to hook in.. keen as mustard to get my 'life' back :)

Edited by downtrou, 06 July 2012 - 12:35 PM.

  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ok slap me around the face with a wet kipper... Is this an upgrade from XP

As that folder is not resident in 7 but a carry over from an upgrade
The 7 folders are under C:\Users it does not use Documents and Settings :bashhead:
  • 0

#18
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
sweet Joesphine! NO, it is not a XP upgrade, Brand new Toshi, Win7 born.. :blink:

Trust me, unless I've been possessed, this is weird shite!!
  • 0

#19
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Just browsed to Users and on 2xclicking the padlocked folders; 2-3 have a pop-up bix saying, click yes to get permanent access and the one "Default" on 2xclick denies me as per pic:

Users Padlocks Capture.PNG
  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK so I did some deeper digging and set my system files to reveal - which in the interests of safety should remain hidden :) And access is restriced so that you do not inadvertantley break the system



The Documents and Settings folder is a symbolic link pointing to the new folders for compatibility reasons. So accessing the documents and settings folder sends you to the new section. The rationale behind this is backwards compatibilty, so that programmes designed for XP using that pointer as a location for files will be re-directed to the correct folder

Hope that makes sense... So it is normal, and I was not aware of that little quirk
  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A little link that may help http://www.howtogeek...ndows-or-linux/
  • 0

#22
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Essexboy, you have made me feel a whole bunch more normal! Really appreciate what it is you do, over & above helping me, this whole community is excellent!!

Is it safe to say, assuming this quirk applies to my latest post/ image above, that I am malware/virus free??

Is there any advice or next steps you might have for me to do final tidy up & perhaps better prevent & protect myself outside my current systems : avast 7x Internet Security, a malwarebytes subscription & keeping these and windows updated?

Much appreciate :thumbsup:

cheers
downtrou
  • 0

#23
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts

A little link that may help http://www.howtogeek...ndows-or-linux/



nice, some study! thanx.. good to know we all still do learn, me more so!!
  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I must admit each day I find out something new which I add to my little box of snippets. By the time I get used to all the vagaries and quirks of windows something new will appear :lol:

IAS and MBAM should keep you clean (A mirror to my system :cool: )

Ensure that the main system files are hidden as below



Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#25
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Top notch, am working through this... Again, much appreciated and here's hoping I'm not back here too soon!

I'll give a green light in 24-48hrs to close the loop/

Cheers
downtrou
  • 0

Advertisements


#26
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK thankee :thumbsup:
  • 0

#27
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
Hey Essexboy

So, I have been cleaning up today and found that I could not install any apps due to insufficient permissions i.e. not Administrative - I first tried to upgrade Skype and this had a fatal error, the old skype version then became corrupt and died due to version conflicts.

I then followed Skype's steps to completely remove Skype https://support.skyp...reinstall-Skype
after a re-boot, I tried to re-install and got the following message:

Skype non Admin prev.PNG

Ed. The mentioned file is not even there, hidden or otherwise and the Folder has a padlock but I can browse to it (I have just "Taken Control" of this folder and will attempt to install again now).

Ed. I re-downloaded with IAS and Win Firewall off, tried to re-install but same result as above.

Then similar for Safari but after the following message it actually completed the install and seems to work ok:

Safari Install Error.PNG

Then no luck with iTunes:

iTunes Non Admin Prev.PNG

I tweaked the security settings on IAS to notify any additions and with the first Skype install attempt I had multiple msiexec.exe hits from MS installer, I did approve & accept these but this is when the privilege bollocks began...

Hopefully it is something I've done but I am appearing as the only active user, Admin level..

Suggestoins at all?

Cheers
downtrou

Edited by downtrou, 06 July 2012 - 08:40 PM.

  • 0

#28
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
just an update -

Chrome caused an error I've never seen/heard of may/may not be related:

Chrome Error.PNG

Additionally, I am experiencing frequent Wi-Fi drop outs now which were about as equally this bad about when I started this thread.

I performed an intensive Full Scan AND a Rootkit, System drive & Auto-start scan with IAS on boot (took about 2.25 hours) - all clear.

Performed Full/Intensive Malwarebytes scan - all clear.

I am in the middle of "Taking Back" permission on the User folder, it is taking an age but there are so many pad-locks in there.

I have noticed a few cheesy banner ads, when browsing and those double underlined word-ad-links.. on hovering-over the cheesy banners the linked seems to be ib.adnxs.com. I found info on removal here > http://www.cleanallv...xs-com-removal/ - I am not following this & will wait to hear your feedback first before doing anything more.

If I am to tell you what my Gut feel is on this & I know its crazy, but seems to me like Avast is re-infecting me and/or web-scipts are by-passing IAS to infect immediately... And, IAS has never picked anything up throughout.

And so the saga continues... :(

downtrou
  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

I have noticed a few cheesy banner ads, when browsing and those double underlined word-ad-links.. on hovering-over the cheesy banners the linked seems to be ib.adnxs.com. I found info on removal here > http://www.cleanallv...xs-com-removal/ - I am not following this & will wait to hear your feedback first before doing anything more.

They are actually a part of the web page.. I get them when I am not logged in here. This is from bleeping com another respected malware removal site



That site you referenced will download some programmes, find some errors/malware. But, will then say only the registered programme will remove them so you will need to buy it... A bit of a scam for something that you can't stop

When you run the installation programmes do you right click and select Run as Administrator ?

OK so lets reset all the permissions on your system. We will use the following programme.. Select the following version Portable (2.02 MB) as this does not require installation
Unzip the contents to the desktop

Download Windows Repair (all in one) from this site

From the folder run Repair_Windows file

Posted Image

Go to step 3 and allow it to run SFC
Posted Image


On the start repairs tab click start
Posted Image

Select the following items and tick restart system when finished
Posted Image
  • 0

#30
downtrou

downtrou

    Member

  • Topic Starter
  • Member
  • PipPip
  • 79 posts
IGNORE THIS

Attached Thumbnails

  • Capture Repair_Window.PNG

Edited by downtrou, 07 July 2012 - 07:23 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP