Still planning to run the last set of test tomorrow or Wednesday at the latest. I've had a lot of other obligations. Thanks for your patience.
low/no memory error suspect malware [Closed] [Solved]
#31
Posted 09 December 2013 - 02:54 PM
Still planning to run the last set of test tomorrow or Wednesday at the latest. I've had a lot of other obligations. Thanks for your patience.
#32
Posted 09 December 2013 - 03:03 PM
Happy Monday,
Still planning to run the last set of test tomorrow or Wednesday at the latest. I've had a lot of other obligations. Thanks for your patience.
No worries I just wanted to check in so we can keep this thread active.
#33
Posted 12 December 2013 - 01:07 PM
Sorry for the delay. I still haven't located the link for esat that you mentioned in post #29 (Text below)
{The bar to run it is usually underneath where it says "Detects and Removes Threats" However, if you look under that, you will see Need help? Click here. Click that link and it will take you to a another page that has the Run ESET Online Scanner bar. }
The only "Need help" link on the page comes after this text on the main page;
"Optimized for Internet Explorer. Chrome and Firefox users will need to download and run a small utility file before starting scan. Need help? Click here"
When I clicked that link it brought me to a help page that does not contain a download link. I attached the viewable part of the page as a screen shot. I did not see the scanner bar on the page at all.
The url is http://www.eset.com/...-scanner/help/. Please let me know what I am missing
Warmest regards,
Kate
#34
Posted 12 December 2013 - 01:44 PM
#35
Posted 12 December 2013 - 06:47 PM
#36
Posted 13 December 2013 - 09:41 AM
1.) Run the Malwarebytes Scan and post the log from it.
2.) Run SecurityCheck and post the log from it.
3.) Run a scan with your current Anti-Virus program (Total Defense) and post the log from it.
Again, I do apologize for the multiple posts.
#37
Posted 13 December 2013 - 12:15 PM
Thank you !!!
Security Check output _
Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Total Defense Anti-Virus Plus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 6 Update 22
Java 6 Update 31
Java 7 Update 45
Adobe Flash Player 11.9.900.170
Adobe Reader 10.1.8 Adobe Reader out of Date!
Mozilla Firefox (25.0.1)
Google Chrome 31.0.1650.57
Google Chrome 31.0.1650.63
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
CA CA Internet Security Suite CA Anti-Virus Plus caamsvc.exe
CA CA Internet Security Suite CA Anti-Virus Plus isafe.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 8%
````````````````````End of Log``````````````````````
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.12.12.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16428
Alonso Alienware :: ALONSOALIENWARE [administrator]
Protection: Enabled
12/12/2013 3:16:17 PM
mbam-log-2013-12-12 (15-16-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 445214
Time elapsed: 57 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 4
C:\Users\Sarah\Documents\Downloads\c.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Users\Alonso Alienware\Downloads\mozilla firefox setup.exe (PUP.Optional.Soft32.A) -> Quarantined and deleted successfully.
C:\Users\Alonso Alienware\Downloads\FlashPlayer__3142_i114415060_il5.exe (PUP.Optional.InstallMonetizer) -> Quarantined and deleted successfully.
C:\Users\Sarah\Downloads\movie_player.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
(end)
#38
Posted 14 December 2013 - 11:21 AM
#39
Posted 16 December 2013 - 10:32 AM
#40
Posted 16 December 2013 - 09:02 PM
Happy Monday Again - And Thank YOU for hanging in with me through this process. It does not appear the total defense generates a report. After the LONG scan it posted a screen showing no threats detected. It appears to only have content when a threat has been detected, in which case lists what was found. I attached the content of the "report" tab, which appears to be a generic summary. I have not seen any signs of the memory issue that started this conversation.
You are very much welcome I'm also glad that we've resolved your computer's problem. I have some last steps awaiting approval by my teacher to finish up. He's offline for the evening, but I should hear something from him in the morning.
#41
Posted 17 December 2013 - 08:10 AM
Great news, your logs are CLEAN! But we still have a few things we need to address namely:
- I need to remove the tools we installed on your machine.
- We also have some programs on your machine that need updating to help protect you in the future.
- I also have some information and tips to help you avoid infections in the future.
Step 1: Program Updates
Updating Adobe Reader
- Malware will exploit any vulnerabilities it can find in outdated software. If you are using Adobe Reader for reading pdf files, try using FoxIt Reader. It is a very capable alternative to Adobe.
- Please click here to download FoxIt Reader.
- If you wish to continue to use Adobe Reader, then please update it by clicking here.
- Please remember to uncheck the option to install McAfee's Security Suite.
Keeping your software updated
Another weapon against malicious programs and viruses is to keeping other programs updated. There are several programs out there that can check for out of date programs on your computer. One is Filehippo. You can run this on a weekly or monthly basis to check your programs for updates and then it will provide a link for you to download them.
Download Filehippo Updatechecker
Step 2: Creation of a new restore point
We're going to delete your old restore points and create a new one. We do this in case you need to do a system restore, you will have a clean restore point.
Please follow the instructions below:
- Start OTL and copy the text in the quote box below.
- Paste the contents into the Custom Scans/Fixes box and click the Run Fix button.
- OTL will delete the old restore points and create a new one.
:Files
%systemroot%\system32\vssadmin delete shadows /for=c: /all /quiet /c
:Commands
[CreateRestorePoint]
Step 3: Tool Removal
- You can delete Junkware Removal Tool from your desktop.
- Start AdwCleaner and press the Uninstall button. AdwCleaner will clean up it's files and delete itself.
- Start OTL and press the Cleanup button. OTL will clean up it's files and then delete itself.
- You can delete TFC and WinDirStat from your desktop.
- I recommend you keep Malwarebytes Anti-Malware on your machine. It's a very good defense against malware.
Step 4: Tips and Information
- Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
- Be careful of the websites you visit.
- When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take you time and read each screen as you go.
- To help protect yourself while on the web, I recommend you read How did I get infected in the first place?
Are there any further issues I can assist you with?
#42
Posted 21 December 2013 - 05:08 AM
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users