Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

UT oh! Pop up suggests Malware. Pic attached [Solved]

Started by jbcteacher , Sep 25 2014 09:35 AM

  • This topic is locked This topic is locked

#16
JSntgRvr
Posted 05 October 2014 - 09:43 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

I believe all is clear.
 
We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked

Also tick:

delfix.jpg

  • Create registry backup
  • Purge system restore
  • Click on Run

The program will run for a few moments and then notepad will open with a log. 
 

Here are some suggestions.

  • Always keep your JAVA updated. Older versions will make your computer vulnerable.
  • Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft.  To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backupof your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article   by Miekiemoes.
 
Best wishes! icon_hello.gif


  • 0

Advertisements

#17
jbcteacher
Posted 07 October 2014 - 04:18 AM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts

Not sure if you wanted this...

 

Cheers -

 

# DelFix v10.8 - Logfile created 07/10/2014 at 06:13:18
# Updated 29/07/2014 by Xplode
# Username : Justin - JUSTIN-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\_OTL
Deleted : C:\32788R22FWJFW
Deleted : C:\Combofix
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Justin\Desktop\FRST-OlderVersion
Deleted : C:\TDSSKiller.2.8.8.0_29.08.2012_18.43.29_log.txt
Deleted : C:\TDSSKiller.2.8.8.0_29.08.2012_18.44.34_log.txt
Deleted : C:\Users\Justin\Desktop\Addition.txt
Deleted : C:\Users\Justin\Desktop\AdwCleaner.exe
Deleted : C:\Users\Justin\Desktop\Fixlog.txt
Deleted : C:\Users\Justin\Desktop\FRST.txt
Deleted : C:\Users\Justin\Desktop\FRST64.exe
Deleted : C:\Users\Justin\Desktop\OTL.Txt
Deleted : C:\Users\Justin\Desktop\OTL.exe
Deleted : C:\Users\Justin\Desktop\Shortcut.txt
Deleted : C:\windows\grep.exe
Deleted : C:\windows\PEV.exe
Deleted : C:\windows\NIRCMD.exe
Deleted : C:\windows\MBR.exe
Deleted : C:\windows\SED.exe
Deleted : C:\windows\SWREG.exe
Deleted : C:\windows\SWSC.exe
Deleted : C:\windows\SWXCACLS.exe
Deleted : C:\windows\Zip.exe
Deleted : HKCU\console_combofixbackup
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart
Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #333 [Windows Update | 09/04/2014 14:57:34]
Deleted : RP #334 [Windows Update | 09/05/2014 13:26:23]
Deleted : RP #335 [Installed Adblock Plus for IE (32-bit and 64-bit) | 09/05/2014 13:35:12]
Deleted : RP #336 [Windows Update | 09/05/2014 17:46:23]
Deleted : RP #337 [Scheduled Checkpoint | 09/25/2014 20:14:44]
Deleted : RP #338 [Windows Update | 09/26/2014 07:01:18]
Deleted : RP #339 [Windows Update | 10/03/2014 00:35:43]
Deleted : RP #340 [Windows Update | 10/04/2014 13:16:37]
Deleted : RP #341 [Removed ABBYY FineReader 6.0 Sprint | 10/04/2014 13:17:09]
Deleted : RP #342 [Removed Ad-Aware | 10/04/2014 13:20:25]
Deleted : RP #343 [avast! antivirus system restore point | 10/04/2014 13:39:38]

New restore point created !

########## - EOF - ##########

 

Thank you again!


  • 0

#18
jbcteacher
Posted 07 October 2014 - 04:18 AM

jbcteacher

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 209 posts

Do I want to keep Adblock Plus running?  A pop up just asked me.


  • 0

#19
JSntgRvr
Posted 07 October 2014 - 08:39 AM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts

It wouldn't hurt. However, if feeling uncomfortable with it, remove it.


  • 0

#20
JSntgRvr
Posted 16 December 2014 - 05:05 PM

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,579 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP