Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Hear random audio in background, now after trouble shooting, system s


  • This topic is locked This topic is locked

#196
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
We have reached the final strectch! :)

Step 1 - Run adwCleaner

  • Download AdwCleaner from here or here and save it to your desktop.
  • Run AdwCleaner and select Delete

    Posted Image
  • Once it has completed it will ask to reboot the computer, please allow it to so.
  • After the computer reboots, a log will be produced. Please attach that log to your next post.

Step 2 - MalwareBytes Scan

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 3 - Security Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. adwCleaner Log
2. MalwareBytes Log
3. Security Check Log (checkup.txt)
4. How is your computer running?
  • 0

Advertisements


#197
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Apologize for this delayed response. Did not see your post on the new page..
  • 0

#198
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
# AdwCleaner v2.306 - Logfile created 07/23/2013 at 11:38:17
# Updated 19/07/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : Fry's Electronics - MONVISHI
# Boot Mode : Normal
# Running from : C:\Users\Fry's Electronics\Desktop\Geekstogo\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Common Files\DVDVideoSoft
Deleted on reboot : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\DVDVideoSoft
Deleted on reboot : C:\Program Files (x86)\WinZip Registry Optimizer
Deleted on reboot : C:\Program Files (x86)\Wondershare
Deleted on reboot : C:\ProgramData\boost_interprocess
Deleted on reboot : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
Deleted on reboot : C:\Users\Fry's Electronics\AppData\Local\Conduit
Deleted on reboot : C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk
Deleted on reboot : C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj
Deleted on reboot : C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Deleted on reboot : C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Deleted on reboot : C:\Users\Fry's Electronics\AppData\LocalLow\Conduit
Deleted on reboot : C:\Users\Fry's Electronics\AppData\LocalLow\DVDVideoSoft
Deleted on reboot : C:\Users\Fry's Electronics\AppData\LocalLow\PriceGong
Deleted on reboot : C:\Users\Fry's Electronics\AppData\Roaming\dvdvideosoftiehelpers
Deleted on reboot : C:\Users\Fry's Electronics\Documents\DVDVideoSoft
File Deleted : C:\END
File Deleted : C:\Program Files (x86)\Mozilla FireFox\Components\AskSearch.js

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoft
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AutocompleteProBHO
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DVDVideoSoft
Key Deleted : HKCU\Software\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro3_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2314472
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3059010
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DVDVideoSoft
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0AECDAD6-AB91-40CD-A0C2-815B97080702}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0AECDAD6-AB91-40CD-A0C2-815B97080702}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\klibnahbojhkanfgaglnlalfkgpcppfi
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Fry's Electronics\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.2314] : homepage = "hxxp://search.conduit.com/?CUI=UN21052501181863512&ctid=CT3289847&SearchSource=48",

*************************

AdwCleaner[S1].txt - [7602 octets] - [23/07/2013 11:38:18]

########## EOF - C:\AdwCleaner[S1].txt - [7662 octets] ##########



  • 0

#199
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.07.23.07

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Fry's Electronics :: MONVISHI [administrator]

Protection: Enabled

7/23/2013 11:50:28 AM
mbam-log-2013-07-23 (11-50-28).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 231158
Time elapsed: 6 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



  • 0

#200
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Results of screen317's Security Check version 0.99.71
Windows Vista Service Pack 2 x64 (UAC is disabled!)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Trend Micro Titanium Maximum Security 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.75.0.1300
HijackThis 2.0.2
TuneUp Companion 2.4.8.5
Java™ 6 Update 20
Java 7 Update 9
Java™ SE Runtime Environment 6
Java version out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.6 Adobe Reader out of Date!
Google Chrome 28.0.1500.71
Google Chrome 28.0.1500.72
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Trend Micro AMSP coreServiceShell.exe
Trend Micro UniClient UiFrmWrk uiWatchDog.exe
Trend Micro AMSP coreFrameworkHost.exe
Trend Micro UniClient UiFrmWrk uiSeAgnt.exe
Trend Micro Titanium plugin TMAS\TMAS_OE\TMAS_OEMon.exe
Trend Micro SafeSync HrfsClient.exe
Trend Micro SafeSync hrfscore.exe
Trend Micro Titanium Plugin TMAS\TMAS_WLM\TMAS_WLMMon.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
  • 0

#201
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Apologize for this delayed response. Did not see your post on the new page..


That's okay, I actually missing posts sometimes for the same reason. I've been in and out this morning starting to get things lined up for the children for school so the timing was perfect. :)
  • 0

#202
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Same here...had a dentist visit this morning for my daughter. She starts her school, Aug 1st week :)
  • 0

#203
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Yeah, it's that time again. My oldest starts back with marching band practice all day, Monday-Friday next week. The youngest two and I have a bit more time, we all start back the 3rd week of August. Doesn't seem like summer should be almost over yet!! :blink:
  • 0

#204
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
A few things that need to be updated.

Updates

HijackThis-This is a program you can uninstall. It was the program that was used prior to OTL.

Java

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Adobe Reader

Your current version of Adobe Reader is out of date. Please go here to download the most current version.
-Be sure to uncheck the box next to "Yes, install McAfee Security Scan Plus - optional" before clicking Download now

And now what you've been waiting what feels like forever to hear...

Congratulations and Good Work, It looks like your log is clean. :thumbsup:

Now for some final "housekeeping" procedures.

Step 1 Clear Old Restore Points

Create a new, clean System Restore point:
  • Right click on Computer and select Properties >> System protection >> Create.
  • Give this restore point a descriptive name and click Create.
  • When the new restore point is created click on OK >> close the System Properties window.
Note: Do not clear infected/old System Restore points before creating a new System Restore point first!

Flush Old System Restore points:

  • Next click Start (Windows 7 Orb) >> Run (or the Windows key and R together) to bring up the Run box and and copy and paste in:
    cleanmgr
  • in the box and press OK.
  • Select the system drive, C >> OK.
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Click on Clean up system files >> Select the system drive, C >> OK.
  • Now click on the More Options tab.
  • Under:
System Restore and Shadow Copies
  • Click on Clean up... >> Delete >> OK >> Delete Files.

Step 2 Remove ComboFix

  • Delete the current copy of ComboFix on your desktop
  • Download a fresh copy from here to your desktop
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Step 3 OTL Cleanup
  • Open OTL
  • Click the CleanUp button at the top, it will ask to reboot your PC, please allow it to do so

I greatly apprecately your patience and sticking with me until the end on this one. :) The following are recommendations for future use and protection if necessary. If you have any questions, feel free to ask.

~~~~~~~~~~~~~~~~~~~~Anti Malware Protection ~~~~~~~~~~~~~~~~~~~~


MalwareBytes Anti-Malware This is an excellent Anti-Malware product. It offers free malware scanning, free malware removal, and free updates. It is recommended to periodically run a Quick Scan to keep your PC as clean as possible. Remember to check for updates before running a scan, so click the Update tab along the top, then click Check for Updates.

~~~~~~~~~~~~~~~~~~~~Free Antivirus Protection ~~~~~~~~~~~~~~~~~~~~

Always make sure you have an antivirus program! If for some reason in the future you'd like to switch programs here are some recomendations: Microsoft Security Essentials or Avast! Antivirus both are FREE to use. Please remember that you can only have one Antivirus installed at a time.

~~~~~~~~~~~~~~~~~~~~Free Firewall Programs ~~~~~~~~~~~~~~~~~~~~


If for some reason in the future you'd like to switch, Comodo Personal Firewall and Sunbelt Personal Firewall are two good options for a FREE firewall to help protect your computer from any unwanted intruders.

~~~~~~~~~~~~~~~~~~~~Staying Updated ~~~~~~~~~~~~~~~~~~~~


Keeping your PC updated is important to protect yourself against future infections. There are many infections which will exploit loopholes within Windows itself, Java and Adobe Reader. Keeping these updated is a very good habit to get into.

Automatic Updates Updates to your Operating System are vital in closing loopholes and fixing bugs which some infections exploit. To keep your Windows updated, ensure that 'Automatic Updates' is enabled on your PC so updates are downloaded and installed automatically. Click here to find out how.

File Hippo Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link.

~~~~~~~~~~~~~~~~~~~~Alternate Browsers ~~~~~~~~~~~~~~~~~~~~


Using an alternative web browser can help protect your PC from infections which exploit security holes within Internet Explorer. They can also be quicker to load pages and offer more tools and features such as Firefox's huge add-on list.

Firefox - My personal choice, easy to use and has a large number of excellent add-ons that can be installed to help keep you away from malicious sites and reduce advertisements and popups etc. AdBlockPlus and WOT are very useful add-ons that are worth having installed.

Google Chrome - Is another browser that's easy to use and is worth trying if you want to test out new browsers.

Happy surfing! :wave:
  • 0

#205
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Jasmyne,
I have not been able to work on anything today..have been busy. Will perform the tests/upgrades tomorrow morning.
  • 0

Advertisements


#206
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
That's fine. Whenever you get the chance is okay. :) Have a good evening.

Jasmyne
  • 0

#207
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts

Step 1 Clear Old Restore Points

Create a new, clean System Restore point:

  • Right click on Computer and select Properties >> System protection >> Create.
  • Give this restore point a descriptive name and click Create.
  • When the new restore point is created click on OK >> close the System Properties window.
Note: Do not clear infected/old System Restore points before creating a new System Restore point first!


Not sure how to do this??


Flush Old System Restore points:

  • Next click Start (Windows 7 Orb) >> Run (or the Windows key and R together) to bring up the Run box and and copy and paste in:
    cleanmgr
  • in the box and press OK.
  • Select the system drive, C >> OK.
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Click on Clean up system files >> Select the system drive, C >> OK.
  • Now click on the More Options tab.
  • Under:
System Restore and Shadow Copies
  • Click on Clean up... >> Delete >> OK >> Delete Files.


I am using Windows Vista. Could I get directions on this please..


Step 2 Remove ComboFix

  • Delete the current copy of ComboFix on your desktop
  • Download a fresh copy from here to your desktop
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled


Unable to uninstall. Says ComboFix cannot be found..
  • 0

#208
Monvishi

Monvishi

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 236 posts
Jasmyne,

Before we close, have a few questions:
Have the following programs downloaded, would like to understand actions on these -
adwcleaner.exe
AVPTool.exe
ListParts.exe
ListParts64.exe
Malwarebytes AntiMalware
Repairdisc Windows
Securitycheck.exe
WintoBootic.exe

Many logs are stored in .txt files, do we need to keep them?

We had changed our BIOS setup, does it need to be restored?

I am currently using Trend Micro as antivirus software. Per your recommendations, I will download all the necessary housecleaning software. What should I do about my current one? Do we need to delete and keep one?

Lastly, You and your team (Essexboy) were commendable in helping me thru the virus/ malware cleanup. Cannot imagine the status of my system without your expertise. Thank you both very much and to this forum for great support. If in any way we could contribute and give you rating, please let me know.

Thank you very very much!
  • 0

#209
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Step 1 Clear Old Restore Points

Create a new, clean System Restore point:

  • Right click on Computer and select Properties >> System protection >> Create.
  • Give this restore point a descriptive name and click Create.
  • When the new restore point is created click on OK >> close the System Properties window.
Note: Do not clear infected/old System Restore points before creating a new System Restore point first!


Not sure how to do this??


Here is a link with the same steps and images to help

Flush Old System Restore points:

  • Next click Start (Windows 7 Orb) >> Run (or the Windows key and R together) to bring up the Run box and and copy and paste in:
    cleanmgr
  • in the box and press OK.
  • Select the system drive, C >> OK.
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Click on Clean up system files >> Select the system drive, C >> OK.
  • Now click on the More Options tab.
  • Under:
System Restore and Shadow Copies
  • Click on Clean up... >> Delete >> OK >> Delete Files.


I am using Windows Vista. Could I get directions on this please..


The process is the same for Windows 7 & Vista.

Step 2 Remove ComboFix

  • Delete the current copy of ComboFix on your desktop
  • Download a fresh copy from here to your desktop
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled


Unable to uninstall. Says ComboFix cannot be found..


The OTL Cleanup may remove it so you can skip over that step.
  • 0

#210
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Before we close, have a few questions:
Have the following programs downloaded, would like to understand actions on these -


I'll go through the list here. :)

adwcleaner.exe-This tool is used to remove adware programs.
AVPTool.exe-This is a malware scanner we use to get a deeper scan of what is on the computer.
ListParts.exe & ListParts64.exe ListParts is a program that allows us to see the partitions on your computer. One type of MBR infection creates a malicious partition. This allowed us to rule out that type of MBR infection.
Malwarebytes AntiMalware-Is a great Anti-Malware program, it will remove a lot of things that many antiviruses leave. You can choose to keep the free version of it and periodically run a scan to help.
Repairdisc Windows & WintoBootic.exe- I'm assume the Repairdisc Windows you're referring to is Windows RC (Windows Recovery Console) in this post. WintoBootic is a program that allows you to burn a bootable USB to load the recovery console.
Securitycheck.exe This is a handy tool that allows us to quickly check and see what update recommendations may need give to help keep the computer more secure.

Many logs are stored in .txt files, do we need to keep them?

Those can now be deleted.

We had changed our BIOS setup, does it need to be restored?

You can change it back, but left the same as long as there isn't a bootable USB in the computer it will skip over it in the boot order and go directly to your hard drive.

I am currently using Trend Micro as antivirus software. Per your recommendations, I will download all the necessary housecleaning software. What should I do about my current one? Do we need to delete and keep one?

What I give are just recommendations if you'd like to change in the future. Trend Micro is a reputable antivirus as long as it is updated you should be fine.

Lastly, You and your team (Essexboy) were commendable in helping me thru the virus/ malware cleanup. Cannot imagine the status of my system without your expertise. Thank you both very much and to this forum for great support. If in any way we could contribute and give you rating, please let me know.

Thank you very very much!


You're welcome!! Glad we were able to help!
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP