[Biscuithd]

Ok, a couple of more steps. Also, I'm having you run MBAM below. MBAM is a good tool for cleaning up remnants and low level infections.

 

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :
Please download JavaRa to your desktop and unzip it to its own folder

• Run JavaRa.exe, then click on Remove Java Runtime.
• Select the Java version you have from the drop down list, and then click on Run Uninstaller
• Press Yes if it asks to uninstall the product.
• Allow the uninstaller to remove the installed version.
• When its finished, go back to JavaRa, and click Back
• Click on Update Java Runtime and then select Download and install latest version.
• Press Next
• Press Java Manual Download.
• A browser window will open with the Java download page.
• Click the Windows offline link to download Java.
• Run the installer.
• Close JavaRa

Download Malwarebytes' Anti-Malware

 

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Threat Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy & Paste the entire report in your next reply.

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

 

ESET Online Scanner:

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

 

• Click the green ESET Online Scanner box
• Tick the box next to YES, I accept the Terms of Use
  then click on: Start
• You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow it to install.
• Make sure that the option Remove found threats is unticked
• If your firewall asks whether you want to allow installation, say yes.
• Make sure that the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Click on Start
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically. The scan may take several hours.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close, make sure you copy the logfile first! located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt
• Then paste the Logfile in the thread
• Then click on: Finish

To summarize, please post back the ESET log and the MBAM log.Also, let me know how the Java update went as it's very important!

[Advertisements]

I'm in the middle of the MBAM part. The threat scan is only picking up two things, javaupdater and a file inside java updater folder. Should I still delete them? Also there's no way to select things or a "remove selected" button. All I can do is quarantine them, then click remove once they're in the vault.

[Shruikan66]

I'm in the middle of the MBAM part. The threat scan is only picking up two things, javaupdater and a file inside java updater folder. Should I still delete them? Also there's no way to select things or a "remove selected" button. All I can do is quarantine them, then click remove once they're in the vault.

[Biscuithd]

My expectation would be that MBAM would not find anything significant because we cleaned the major infections in the earlier steps. In any case, as long as MBAM has done a Quarantine, we're in good shape. Yes, feel free to remove them from the Quarantine. I'm not sure how to do multiple selections.

[Shruikan66]

I havn't installed anything new, or even removed those java update files yet, but my computer has begun to work extremely slowly. It takes about 10 minutes to do simple tasks such as opening the Start menu!

[Biscuithd]

It takes about 10 minutes to do simple tasks such as opening the Start menu!

Wow, not good at all!

 

Ok, let's talk this through a little bit. We had run some scans and removed some infections. Things were working properly, right? What happened just before the machine started to slow down? Was it after a tool ran? After it rebooted? Something else?

 

Next. let's have a look at an OTL scan.

 

Run OTL as you have in the past and press the Quick Scan button, then post the resulting log and I'll have a look.

[Shruikan66]

I did a system restore to back before Java and MBAM were installed. I reinstalled the latest Java and everything works fine now. I think MBAM has negative effects on my computer for some reason?

[Biscuithd]

We're you able to run ESET without issue? And, are you able to update Java?

[Shruikan66]

Sorry, I didn't see these responses until now! 

 

What happened just before the computer slowed down, was I ran MBAM and it did its scan. I didn't quarantine anything, I decided to wait and hear what you thought. And then I played a game that doesn't usually affect my computer. The game was working fine, but when i saved and exited and decided to try and open chrome all [bleep] broke loose.

 

I'll run ESET right now.

[Shruikan66]

I was able to update Java, yes. 

 

Here's the log from ESET:

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

 

 

Atleast I hope this is the log file? 

[Biscuithd]

That looks a little thin for an ESET log, but, we'll see.

 

In spite of the the hickup of the other day, how is the machine working?

[Shruikan66]

It's gone back to normal. Totally fine now.

[Biscuithd]

Hopefully, things stay working well. If not, you know where we are

 

Good news ----- Your log appears clean And, I'm not going to hold you up over the Security Check not running. My main concern that Security Check addresses is whether Adobe, Flash, Java, OS and Security Patch's are up to date. I will leave that to you to handle manually. But, be sure the to do it as these are the most vulnerable points on your computer.

That said, I'm going to send you on your way! If you have questions, issues, etc. Don't hesitate to stop back.

 

A good workman always cleans up after himself so..The following piece of code will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix



Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransom-ware. (This is really important!)



Malwarebytes.

Update and run weekly to keep your system clean

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe

 

If you have any questions or further problems, feel free to stop back It's been a pleasure!!

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.