Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

New Virus [Solved]


  • This topic is locked This topic is locked

#16
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Results of screen317's Security Check version 0.99.79
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
JavaFX 2.1.0
Java™ 7 Update 4
Java version out of Date!
Adobe Flash Player 12.0.0.70 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (27.0.1)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbam.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
  • 0

Advertisements


#17
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Thanks for the logs. Surf around for a bit. How is everything running? ;)
  • 0

#18
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Please don't forget to evaluate and let me know how your system is doing after all of these. :thumbsup:

  • Step 1

    You currently have the following outdated program(s) installed. I highly recommend that you perform an update. You will find the download link(s) for the new version(s) below.

    Adobe Flash Player -- Update
    Adobe Reader -- Update
    Java Runtime Environment -- Update

    Note: Please untick any optional offers Adobe products might come with.
Uninstall the previous version(s) before installing the updated one(s). If you run into any errors, let me know.
  • Step 2

    Run a free 'ESET Online Scan by ESET' by firstly saving the file to your desktop.

  • Double-click esetsmartinstaller_enu.exe. Accept the Terms of Use then click on Start.
  • Ensure the following settings are followed before clicking Start (you may or may not see the software warning at the very bottom):

    Posted Image

  • The virus signature database will begin to download. Wait for the scan to end--it may take several hours.
  • Upon completion, use Notepad to open and save C:\Program Files\ESET\EsetOnlineScanner\log.txt to your desktop.
  • Select Uninstall application on close and click Finish.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Step 3

    You do not seem to have an anti-virus installed in your system. Choosing a good program is crucial as without it you will be easily infected. Thus, I have gathered a list of free programs for you to pick from. Please choose only one from the list below and install it. Note that the names lead to the respective download links.

  • Avira Free Antivirus

    More information can be found 'here'.
If you are unsure which one to pick, you can view 'Virus Bulletin' or 'AV-Comparatives'.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):
  • log.txt (ESET Online Scan)

  • 0

#19
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
How do I get rid of the "Norton Utility Scan"? Cannot "uninstall" from the control panel
  • 0

#20
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
What error(s) do you get? Where do you still see it?
  • 0

#21
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Start/Control Panel/Programs/Norton Security Scan
  • 0

#22
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2daa6879e56e3248ae762fbdf852846c
# engine=17280
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-03-01 10:56:27
# local_time=2014-03-01 02:56:27 (-0800, Pacific Standard Time)
# country="Hong Kong S.A.R."
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 145 145258037 0 0
# scanned=214720
# found=6
# cleaned=4
# scan_time=25782
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
sh=95AC8E011E99A0E91BBA6EFFAD3FB8AC60F86169 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\jojo\Desktop\U_0112_01_Organizing_0911_10_en.msi"
sh=95AC8E011E99A0E91BBA6EFFAD3FB8AC60F86169 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\Installer\1cb7c4e.msi"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\ApnIC[1].0"
  • 0

#23
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
I've submitted my fix to be approved. While waiting, could you do as suggested and test your computer? I would need to know what issues still remain.
  • 0

#24
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts

Start/Control Panel/Programs/Norton Security Scan

That's a pesky program for an anti-virus component, don't you think? :whistling: On a serious note, after doing the below, please check whether or not it is still there. I would also appreciate it if you test your system as suggested and give feedback on how it is performing.

  • Step 1

    If you haven't already, download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.

    Posted Image

  • Copy and paste the following into the Custom Scans/Fixes box:

    :Files
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
    C:\Program Files (x86)\Norton Security Scan
    C:\Windows\tasks\Norton Security Scan for jojo.job
    C:\Program Files\Common Files\Symantec Shared\nsssetup
    C:\Program Files (x86)\Common Files\Symantec Shared\nsssetup
    C:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe
    C:\Windows\system32\Adobe\Shockwave 11\nssstub.exe
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "NSS"=-
    
    
  • Click Run Fix.
  • After, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):
  • MMDDYYYY_HHMMSS.log (OTL)

  • 0

#25
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Funny, it didn't find it, but I just went to control panel/Programs/ and it was still there.

========== FILES ==========
File\Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan not found.
File\Folder C:\Program Files (x86)\Norton Security Scan not found.
File\Folder C:\Windows\tasks\Norton Security Scan for jojo.job not found.
File\Folder C:\Program Files\Common Files\Symantec Shared\nsssetup not found.
File\Folder C:\Program Files (x86)\Common Files\Symantec Shared\nsssetup not found.
File\Folder C:\WINDOWS\system32\Macromed\Shockwave 10\nssstub.exe not found.
File\Folder C:\Windows\system32\Adobe\Shockwave 11\nssstub.exe not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\NSS not found.

OTL by OldTimer - Version 3.2.69.0 log created on 03022014_135201
  • 0

Advertisements


#26
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
This is a rather queer solution, but bear with me. :lol: After the reboot, let me know if it is still there.

  • Step 1

    Download 'Norton Security Scan'.

  • Install the application--it may take a while.
  • Click Agree & Install if prompted.
  • The application will now be successfully installed.
  • Double-click the icon it created on your desktop.
  • Navigate to Settings in the menu.
  • Click Uninstall Norton Security Scan. It may take a while to respond.
  • Choose Skip > Uninstall > Next > Finish.
Inform me if you encounter problems in the removal process.
  • Step 2

    If you haven't already, download 'OTL by OldTimer' and save it to your desktop or move your existing copy into the said location.

  • Simply double-click the program icon to run it. It will ask for administrator privileges.

    Posted Image

  • Copy and paste the following into the Custom Scans/Fixes box:

    :Files
    C:\ProgramData\Norton
    C:\ProgramData\NortonInstaller
    
    :Commands
    [emptytemp]
    
  • Click Run Fix.
  • OTL will reboot your system. Allow it by clicking OK.
  • After the reboot, a Notepad window will appear, named MMDDYYYY_HHMMSS.log. Alternatively, you can find that log at C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log.
  • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the log in your next reply.
  • Logs to Post
In summary of the above, I will need you to post the following log(s):
  • MMDDYYYY_HHMMSS.log (OTL)

  • 0

#27
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
On another note, did you willingly install Norton Online Backup?

Edited by Pyxis, 03 March 2014 - 11:23 PM.

  • 0

#28
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
I am so scared to install the norton software. Last time I did it, it was so heavy on the system that it added 2 min to the startup procedure and hard to get off. Is there anyway to get out of doing it this way?
  • 0

#29
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
I'm not sure what gave you that idea when you're clearly going to remove it the moment you install it as instructed. It's not even going to affect your computer's booting time because no booting will happen at all. I suppose I'll go look for another method since you're very hesitant despite this. While I do so, I ask that you please answer the following questions:

  • How is everything running?
  • Did you willingly install Norton Online Backup?
Thank you.
  • 0

#30
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Hi it's running well. I'll do the install, uninstall.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP