Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Constant redirects, pop-ups, unable to use internet at times [Solved]


  • This topic is locked This topic is locked

#31
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Joanne, 

 

Yes, please remove Java SE Development Kit 7 Update 51, as well as all other versions (excluding the version just installed - Version 7 Update 60). 


  • 0

Advertisements


#32
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

ok.  fyi... on the control panel's add/remove programs, it states I installed Java v 60 on 8/1/2013.  I installed it today.  Is that right?  I'm continuing with your steps.


  • 0

#33
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

malewarebytes program wouldn't allow me to copy the scanlog to a clipboard, I exported it and here it is...

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/9/2014
Scan Time: 3:03:04 PM
Logfile: malwarebyteslog.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.09.09
Rootkit Database: v2014.07.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Jarrett

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 282237
Time Elapsed: 18 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.Ibryte, C:\Users\Jarrett\Desktop\Random Files\other\EZVID_Setup.exe, Quarantined, [5264afeda6d5f14571b8db621ce49b65],

Physical Sectors: 0
(No malicious items detected)

(end)


  • 0

#34
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

the esetsmartinstaller_enu file didn't save as an executable.  Should I save as and then run...  It wants a program to run it


  • 0

#35
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Yes, that is fine. :)


  • 0

#36
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

Do I want to enable or disable the potential of unwanted applications.  Screen one of 4 of the app.


  • 0

#37
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Enable. 

 

Apologies, it appears the programme has been updated recently, therefore making my instructions outdated. I believe my instructions should be OK from now onwards. 


  • 0

#38
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

Do I want to enable or disable the potential of unwanted applications.  Screen one of 4 of the app...  Not sure if either option should be checked.


  • 0

#39
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

duh... nevermind...  sorry


  • 0

#40
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts
Ugh. So it found 2 threats right away, I realized I didn't check the advanced settings, I stopped the scan, reran it, and it appears it skipped over what it found. There was a message that it was already started and it would resume, but appears that it skipped over what it initially found... Do I just let it continue? Sorry!
  • 0

Advertisements


#41
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts
Also, separately, before this, there was a pop up near the bottom toolbar that said, "dummy form"
  • 0

#42
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts
It's been stuck on the same file for a long time... I think it stopped.
  • 0

#43
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts

C:\AdwCleaner\Quarantine\C\Program Files (x86)\file scout\filescout.exe.vir a variant of Win32/FileScout.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Inbox Toolbar\Inbox.dll.old.vir Win32/Toolbar.Inbox.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\Information\50368.crx JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\FRST\Quarantine\C\Program Files (x86)\Information\50368.xpi JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawaretb.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe a variant of Win32/Toolbar.Visicom.C potentially unwanted application deleted - quarantined
C:\Users\Jarrett\AppData\Roaming\Angry_Birds\Angry_Birds.exe a variant of Win32/Toolbar.Iminent.C potentially unwanted application deleted - quarantined

 

The old Java's deleted.  Version 60 looks like it was installed 8/1/2013.  ESET did not uninstall...  I can do it manually but will wait for your reply.  Thank you.
 


  • 0

#44
LiquidTension

LiquidTension

    Instructor

  • GeekU Moderator
  • 1,064 posts

Hi Joanne,
 
Thanks for sticking it out with ESET. I was prepared to run an alternative online scan, but as ESET has completed I think we're OK.
 

Also, separately, before this, there was a pop up near the bottom toolbar that said, "dummy form"

This appears to be associated with an Acer programme; Acer Instant Update. The programme automatically refreshes webpages and email, amongst other things, as described here. Do you use the programme? 
 

Version 60 looks like it was installed 8/1/2013.

It is not uncommon for Programs and Features to display incorrect information, such as programme size and installation date.
 

ESET did not uninstall...  I can do it manually but will wait for your reply.

I will provide instructions on removing ESET, as well as the other tools we have used. 
 
 
How is the computer performing? Any outstanding issues?
 
STEP 1
CXrghb6.png Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

  • jfMhRM5.png Adobe Flash Player (Uncheck "Yes, install McAfee Security Scan Plus - optional")
  • u9DsAVv.png Follow these instructions to check for and download the latest Windows Updates.
     

STEP 2
EtQetiM.png Remove Outdated Software

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall one at a time.
    • Adobe Flash Player 11 Plugin
  • Follow the prompts and reboot if necessary.
     

STEP 3
zANS9oB.png Disable Java in Your Browser
Due to frequent exploits we recommend you disable Java in your browser. For information on Java vulnerabilities, please read the following article (point #7).

  • Press the Windows Key pdKOQKY.png + on your keyboard at the same time. Type Java Control Panel (or javacpl) in the search bar. 
  • Click on the Java Control Panel. Once opened, click the Security tab.
  • Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser. 
  • Click Apply. When the Windows User Account Control (UAC) AVOiBNU.jpg appears, allow permissions to make the changes. 
  • Click OK in the Java Plug-in confirmation window.
  • Restart your browser(s) for changes to take effect.
  • More information can be found here and here.
     

STEP 4
oxliOQk.png Security Check

  • Please download SecurityCheck and save the file to your desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • checkup.txt
  • Comments on how your computer is performing. 

Note: There are important steps to follow. Please ensure you continue following this topic until I give you the "All Clean".


  • 0

#45
jbcteacher

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 197 posts
Got it. I've got errands to run and will do this upon return. We have not been using the computer because I wasn't sure if doing so would cause issues. Before we are done, I'd like to return the PC to Jarrett to use to make sure it operates well for him. Is that ok? I'll post the logs in a few hours.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP