Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 Won't Update. Adware- walware, computer is infectedd


  • Please log in to reply

#16
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Back to seeking malware as a cause.


Be sure to continue to temporarily disable any protective software when running the scan tools we use here.


Download ComboFix.exe from here to your desktop, then click that to run that scan. Agree to any warnings you might receive.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.
  • 0

Advertisements


#17
awaitingthe1

awaitingthe1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
ComboFix 13-05-07.02 - Venus Smith 05/07/2013 22:18:51.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3893.2170 [GMT -5:00]
Running from: c:\users\Venus Smith\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-04-08 to 2013-05-08 )))))))))))))))))))))))))))))))
.
.
2013-05-08 03:29 . 2013-05-08 03:29 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-05-08 03:29 . 2013-05-08 03:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-07 02:50 . 2013-05-07 02:50 -------- d---a-w- c:\windows\system32\catroot.ols
2013-05-07 02:47 . 2013-05-07 02:47 -------- d-----w- c:\windows\system32\catroot2.old
2013-05-06 08:56 . 2013-05-06 08:56 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52871534-7566-4846-9BE4-67FDBDFC8E61}\offreg.dll
2013-05-04 02:27 . 2013-05-04 02:27 -------- d-----w- c:\program files (x86)\ESET
2013-04-26 10:20 . 2013-04-17 11:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52871534-7566-4846-9BE4-67FDBDFC8E61}\mpengine.dll
2013-04-19 00:58 . 2013-04-19 00:58 -------- d-----w- c:\users\Venus Smith\AppData\Local\ElevatedDiagnostics
2013-04-15 01:37 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-15 01:37 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-15 01:12 . 2013-04-15 01:12 -------- d-----w- c:\users\Venus Smith\AppData\Local\Macromedia
2013-04-15 01:12 . 2013-04-15 01:33 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-15 01:12 . 2013-04-15 01:12 -------- d-----w- c:\windows\system32\Macromed
2013-04-15 00:57 . 2013-04-15 00:57 -------- d-----w- c:\users\Venus Smith\AppData\Roaming\Roxio Log Files
2013-04-15 00:54 . 2013-04-15 00:54 -------- d-----w- c:\users\Venus Smith\AppData\Roaming\LavasoftStatistics
2013-04-15 00:53 . 2013-04-15 00:53 -------- d-----w- c:\programdata\Downloaded Installations
2013-04-15 00:53 . 2013-04-15 00:53 -------- d-----w- c:\users\Venus Smith\AppData\Roaming\vlc
2013-04-15 00:52 . 2013-04-15 00:52 -------- d-----w- c:\program files (x86)\VideoLAN
2013-04-15 00:51 . 2013-04-15 00:51 47496 ----a-w- c:\windows\system32\sbbd.exe
2013-04-15 00:51 . 2013-04-15 00:51 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys
2013-04-15 00:51 . 2013-04-15 00:51 -------- d-----w- c:\users\Venus Smith\AppData\Roaming\Ad-Aware Antivirus
2013-04-15 00:49 . 2013-04-15 00:49 26520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-04-14 23:11 . 2013-02-03 21:05 74136 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\breakpadinjector.dll
2013-04-14 23:11 . 2013-02-03 21:05 262552 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\components\browsercomps.dll
2013-04-14 23:11 . 2013-02-03 21:05 19352 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll
2013-04-14 23:11 . 2011-04-25 00:16 119808 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\components\GoogleDesktopMozilla.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-07 02:21 . 2010-06-24 16:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-22 02:41 . 2010-04-23 00:59 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-04-22 02:41 . 2010-04-24 23:06 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-04-22 02:41 . 2010-05-21 18:15 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-04-20 02:32 . 2010-04-24 23:06 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-04-20 02:31 . 2010-04-23 00:59 2876528 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-04-20 02:31 . 2010-05-22 22:32 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-04-20 02:31 . 2010-05-08 06:38 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-04-15 01:33 . 2011-08-21 18:05 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-04 19:50 . 2010-04-23 00:14 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-04-25 30192]
"FATrayAlert"="c:\program files (x86)\Sensible Vision\Fast Access\FATrayMon.exe" [2011-04-24 98488]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-12-02 165104]
"STToasterLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe" [2009-12-02 120048]
.
c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\users\Venus Smith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-17 1080096]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\FastAccess]
2011-04-24 03:17 147640 ----a-w- c:\program files (x86)\Sensible Vision\Fast Access\FALogNot.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli FAPassSync
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [x]
R2 SessionLauncher;SessionLauncher;c:\users\VENUSS~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 ATMFBUS;A600 USB Composite Device Driver;c:\windows\system32\DRIVERS\ATMFBUS.sys [2009-10-01 63488]
R3 ATMFCVsp;A600 Cricket CM Port;c:\windows\system32\DRIVERS\ATMFCVsp.sys [2009-10-01 166528]
R3 ATMFFLT;A600 USB Modem Installation CD;c:\windows\system32\DRIVERS\ATMFFLT.sys [2009-10-01 15872]
R3 ATMFMdm;A600 Cricket EVDO Modem;c:\windows\system32\DRIVERS\ATMFMdm.sys [2009-10-01 166528]
R3 ATMFNET;A600 Cricket EVDO Network Adapter;c:\windows\system32\DRIVERS\ATMFNET.sys [2009-10-01 133632]
R3 ATMFNVsp;A600 Cricket NMEA Port Serial Port;c:\windows\system32\DRIVERS\ATMFNVsp.sys [2009-10-01 166528]
R3 ATMFVsp;A600 Cricket Diagnostics Port;c:\windows\system32\DRIVERS\ATMFVsp.sys [2009-10-01 166528]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-04-25 30192]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-07-17 220672]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-24 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-04-15 14456]
S0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdflt.sys [2009-07-23 18792]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 FAService;FAService;c:\program files (x86)\Sensible Vision\Fast Access\FAService.exe [2011-04-24 2412728]
S2 InstallFilterService;FF Install Filter Service;c:\program files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [2009-06-23 60928]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-12-02 656624]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys [2009-10-12 23912]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-09-25 233984]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-08-20 320040]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-01 20:37 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-15 01:33]
.
2013-05-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-23 00:29]
.
2013-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-23 00:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-31 8095776]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe" [2009-07-22 2384896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-23 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-23 390168]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-23 408600]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - ExtSQL: 2013-04-14 19:53; [email protected]; c:\users\Venus Smith\AppData\Roaming\Mozilla\Firefox\Profiles\ned3avdy.default\extensions\[email protected]jetpack
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-!{F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
Wow6432Node-HKLM-Run-FAStartup - (no file)
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1481317116-1840137309-1180220080-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1481317116-1840137309-1180220080-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-07 22:46:18
ComboFix-quarantined-files.txt 2013-05-08 03:46
.
Pre-Run: 345,161,224,192 bytes free
Post-Run: 345,781,084,160 bytes free
.
- - End Of File - - 9B45C840F9D31FE5ED4CD746E6CABBFC
  • 0

#18
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
I located a thread with a fix that worked for this particular problem here. Follow the steps here for a corrupt user profile, being sure to reboot where suggested. You'll be basically creating a new user account, transferring the current user account's files to it, then deleting the current user account. Post back after how that turned out please.
  • 0

#19
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Forgot to mention - ComboFix really didn't pick up anything of importance.
  • 0

#20
awaitingthe1

awaitingthe1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I get a similar message when I try to add an user. I'm unable to get to any of the Administrative features in windows.

Edited by awaitingthe1, 08 May 2013 - 07:41 PM.

  • 0

#21
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator" (assuming you do do this). At the prompt copy/paste the following, pressing Enter after each:

net user administrator /active:yes

Then type exit and press Enter to close the command prompt.

Reboot to Safe Mode. At startup tap the F8 key about once per half-second, then select Safe Mode from the menu that will appear.

Log in as the Administrator. See if you can create the new user account then.
  • 0

#22
awaitingthe1

awaitingthe1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
After i rebooted, I pressed F8 and the Windows froze, I did a hard reboot and Window repair came up. I ran the repair and it seems to have worked. I'm able to add users and run windows updates. Thanks for your help. If anything else comes up I'll post back. Thanks again.
  • 0

#23
Jintan

Jintan

    Trusted Helper

  • Malware Removal
  • 904 posts
Good you got that resolved. Not sure what Windows Repair you got, but it fixed things anyway. If that Windows Repair didn't step on everything, I will provide a standard end of thread steps, so whatever our work added to the system can be removed (plus some).

You may have slightly outdated versions of vulnerable programs, so Go to each of these sites and update to the latest version (keep your eyes open - they often slide in "opportunities" for things like Google, or McAfee's scanner):

http://www.adobe.com/downloads/
(For Adobe Reader and Flash Player - uncheck the useless McAfee scan, if offered)

http://java.com/en/download/manual.jsp
(For Java 7 Update 21 - trying to slip Ask adware/spyware to systems lately, so watch and uncheck it)


Once you have done that, be sure to go to Control Panel, Uninstall/Programs and Features and uninstall any older, more vulnerable Java versions.

-----------

Eset, if you don't plan to use it again, uninstalls through the Control Panel - Uninstall/Programs and Features.


Go to Start Search, type cmd.exe in the Start Search box. Cmd.exe will appear at the top of the Menu. Rightclick on it and choose "Run as administrator". At the prompt copy/paste the following, pressing Enter after each:

cd "%userprofile%\desktop"

combofix /uninstall


ComboFix should uninstall itself at this time.

--------

You can also at this time delete the files/folders of the tools we used. To assist with some of that, run OTL again. This will help by automatically removing some of the tools we used.

Just click CleanUp, and select Yes. When it finishes removing some of the tools and files we used there just agree to the reboot.

-------

In addition, I like to recommend reviewing the information here to make sure you stay malware free.

http://www.geekstogo...he-first-place/

http://www.geekstogo...safe-computing/
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP