It details how we clean up the tools we have used and also osme general advice on staying safe.
Virus/Malware Infection [Solved]
Posted 15 November 2014 - 05:05 AM
It details how we clean up the tools we have used and also osme general advice on staying safe.
Posted 15 November 2014 - 06:10 AM
Good news, it looks like your system is now clean. A good workman cleans up after himself so let's now attend to that
We need to remove the tools we've used during cleaning your machine
- Download Delfix from here
- Ensure Remove disinfection tools is ticked
- Activate UAC
- Create registry backup
- Purge system restore
- Reset System Settings
- Click Run
- The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
We need to uninstall a program
Open Programs and Features by clicking the Start button, clicking Control Panel, clicking Programs, and then clicking Programs and Features.
Select the following programs from the list below, one at a time and click Uninstall.
- ESET Online Scanner
C:\Program Files (x86)\ESET
Delete any other .bat, .log, .reg, .txt, and any other files created during this process, and left on the desktop and empty the Recycle Bin.
Keep your machine updated
Due to the ever-present tide of malware, it is important to ensure your computer is kept up-to-date to minimize the risk of future infection. An important step is to ensure that automatic updates are enabled.
To enable automatic updates:
To turn on Automatic Updates yourself, follow these steps:
- Click Start, type Windows update in the search box, and then click Windows Update in the Programs list.
- In the left pane, click Change settings.
- Select the option that you want.
- Under Recommended updates, select the Give me recommended updates the same way I receive important updates or Include recommended updates when downloading, installing, or notifying me about updates check box, and then click OK.
Below are some free ones that can help keep you clean.
As you have installed Malwarebytes, I recommend that you keep this program and use it to help you stay clean.
The free version will scan your computer and fix the problems it finds but will not provide real-time protection. You must scan regularly to find any threats.
Consider purchasing the full version for active monitoring of threats.
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software or need it to play games on-line.
In that instance I would recommend that you only use Firefox or Chrome to visit those sites and do the following:
- For Firefox, install the NoScript add-on.
- For Chrome, install the ScriptNo add-on.
- Disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser or How to unplug Java from the browser)
Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older versions of Java components and update:
- Download the latest version of the Java Runtime Environment (JRE) Version from Here and save it to your desktop.
- Look for "Java Platform, Standard Edition". You will see the current Java version and update number under listed under the heading. Example: The newest update is Java SE 8u25
- Click the "Download button under "JRE".
- On the Java SE Runtime Environment page, click the button to "Accept License Agreement".
- Under the Java SE Runtime Environment 8u25 heading:
To install the version for your system:
- For Windows 64bit systems, look for Windows x64 - 88.37MB, click the jre-8u25-windows-64.exe file and save it to your desktop. Do Not run it from the Java site.
- Close any programs you may have running - especially your web browser.
Uninstall all versions of Java
- Click Start > Control Panel > Add/Remove Programs. The list of installed programs will populate.
- Click the Start Orb, then Control Panel. Under the Programs or Programs and Features section click Uninstall a program. The list of installed programs will populate.
- Remove all older versions of Java. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE or J2SE
The versions I see on the computer are:
- Java 7 Update
- Java 8 (64-bit)
- Java SE Development Kit 8
- Right click each program and click Uninstall and follow the on screen instructions for the Java uninstaller.
- Repeat as many times as necessary to remove each Java version.
- Reboot your computer once all Java components are removed.
Install the latest JAVA
Back on your desktop:
- Right click the jre-8u25-windows-x64.exe file, click Run as Administrator and OK the UAC prompt to install the newest version.
- When the Java Setup - Welcome window opens, click the Install > button.
- If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
Update Adobe Flash Player
NOTE: Depending on your settings, you may have to temporarily disable your antivirus software and firewall.
- Please click here to go to the FlashPlayer Installation page.
- In the first column, Adobe Flash Player, make sure the system version (64bit) and the browser are correct.
- Note: If you use IE and other browsers you will need to install both Flash Player for IE and Flash Player for Other Browsers.
- In the middle column, Optional offer:, UNCHECK the box next to Yes, install free McAfee Security Scan Plus
- Click the Install now button. A download window for the install_flashplayer15x64_mssd_aaa_aih.exe file will open. Save it to the desktop.
- Close the browser and all open windows.
- Back on the desktop, right click the install_flashplayer15x64_mssd_aaa_aih.exe file and click Run as Administrator to install Flash Player.
Alongside keeping Windows updated, other programs installed on your computer should also be kept current as they too can introduce security risks.
Filehippo Update Checker will scan your computer for out of date programs and provide download links for the updates. This is worth doing on a regular basis.
Go here for information about CryptoLocker Ransomeware.
The main thing with this infection is ~ Backup.
If you're using an external hard drive, keep it unplugged from the computer when you're not backing up files or using it. This will prevent the infection from getting to your backed up files if you ever do come across it.
Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed.
CryptoPrevent is a free program that prevents CryptoLocker / ransomware from infecting your PC by locking down the OS so the malware can not get a grip on your system.
Web Of Trust is a browser add-on designed to alert the user before interacting with a potentially malicious website. It will highlight green if a site is known to be safe.
Adblock is a firefox browser add-on that blocks annoying banners, pop-ups and video ads.
- When browsing the internet, look closely at the links you click on. Some aren't always what they seem
- Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
- Don't open email attachments unless you are expecting them. Even an email from your best friend can be infected, they might not have sent it.
- Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.
Posted 15 November 2014 - 09:43 AM
Ruggie - below is the final log you requested - thank you for your timely and totally effective corrections for my system. I will take your recommendations to heart and will perform these modifications. Kudos to you and the service provided by G2G - a real computer lifesaver! Good luck in your training (would have never known)! -- JT
# DelFix v10.8 - Logfile created 15/11/2014 at 10:08:01
# Updated 29/07/2014 by Xplode
# Username : TeamTkac - TEAMTKAC-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Activating UAC ... OK
~ Removing disinfection tools ...
Deleted : C:\Qoobox
Deleted : C:\Combofix
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR
~ Creating registry backup ... OK
~ Cleaning system restore ...
Deleted : RP #412 [Removed Adobe AIR | 11/09/2014 02:07:32]
Deleted : RP #413 [Windows Update | 11/12/2014 00:10:01]
Deleted : RP #414 [Windows Update | 11/12/2014 20:39:22]
Deleted : RP #415 [Windows Update | 11/13/2014 13:59:04]
Deleted : RP #416 [Windows Update | 11/14/2014 10:38:14]
New restore point created !
~ Resetting system settings ... OK
########## - EOF - ##########
Posted 15 November 2014 - 10:06 AM
Good luck and safe surfing. Its been a pleasure.
Posted 15 November 2014 - 12:39 PM
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users