Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows Firewall and MSE disabled; cannot open downloaded documents &#


  • This topic is locked This topic is locked

#76
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
OTL log attached. It did not create an Extras.txt file.
I also want to note that although MSE is "on" it is unable to update or be activated. The settings and history tabs are grayed out and unselectable.

I am leaving my office now, so I will not be able to work on this machine any more today.
I will check things out in the morning. Thanks again

Attached Files

  • Attached File  OTL.Txt   109.52KB   34 downloads

  • 0

Advertisements


#77
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
MSE has been damaged again, have you considered replacing it ?

To repair MSES run the small utility from this page http://www.thewindow...fix-mse-utility

See you tomorrow :)
  • 0

#78
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
PC was turned on at about 7:30am today, similar to yesterday. So when you said the bad file was created at 8:25am, it was probably exactly an hour from when I started the machine. Everything is working at the moment.
  • 0

#79
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Let me know of any weirdness please
  • 0

#80
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Went one full day yesterday, still clean. Windows seems to load quicker.
  • 0

#81
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Without putting the mockers on it, it looks as though the google drive was infected and when it synched it then replaced the missing files .. Bad move. If you are happy then shall we wait another day or so before tidying up ?
  • 0

#82
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Yes, I suppose it would be a good idea to give it another day or so to make sure
  • 0

#83
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
My colleague is now applying the same fix to his victim so it looks like a winner .. Again not wishing to put the mockers on it :)
  • 0

#84
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button



: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#85
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Sorry, I was not in front of the computer much for about half of last week.
Everything does appear to be back to normal, and after that week nothing has come back.

Thanks again for your amazing work and help!
  • 0

Advertisements


#86
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It was my pleasure, you will be pleased to know that this routine appeared to clear the other one as well.

Thank you for the time you put in to resolve this :thumbsup:
  • 0

#87
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Turned on the PC this morning and noticed MSE wasn't running....

It's back. :smashcomp:

the irony is that I just deleted all the tools yesterday

Edited by Lyanheart, 12 November 2013 - 07:46 AM.

  • 0

#88
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What did you do yesterday that was different to the day before ? Did you use a USB stick or visit an unusual web site.. Is it just MSE malfunctioning or are the other symptoms back as well
  • 0

#89
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Yes, MSE did not come on and it is doing the same "file deleted" thing as before for anything downloaded with IE.
Did nothing unusualy yesterday as compared to any other day. Honestly, the only thing that was out of the ordinary was going through all the steps to remove the antivirus tools. After a week of no problems I was shocked to see it again as soon as I turned on the machine.

I had been running a scan of malwarebytes every day, and it has found nothing. I even ran it this morning again after seeing these problems and it still found nothing.

I know MSE is rubbish, but so is every other common antivirus package I've ever used, so I figure we just use the free one.
  • 0

#90
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Would you like to replace that with another free one as a trial ?

We will start with FRST again

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP