[James35]

Hi

 

1)  While trying to backuop using tweaking.coms software, it only does 13/15 files.  the log shows this for the 2 failed files:

[19/09/2015 - 14:07:15] Backing Up File: C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\UsrClass.dat
[19/09/2015 - 14:07:16] Result: Failed - Error: -1 (API Reg Save Failed (), Tried File Copy, File In use, Cannot copy.)

[19/09/2015 - 14:07:16] Backing Up File: C:\Users\UpdatusUser\ntuser.dat
[19/09/2015 - 14:07:16] Result: Failed - Error: -1 (API Reg Save Failed (), Tried File Copy, File In use, Cannot copy.)

 

2)  in step 4 you say 'double click on the regfix.bat file you just saved'.  is this the same file as the regfix2 you told me to download?  confused as you told me to download regfix2.bat but ran regfix.bat

 

3) after running the file should I search using fsrt again to check those links are gone?

 

thanks

[Advertisements]

Hi

 

I redid the registry backup in safe mode and it copied 15/15.

 

I ran the regfix2.bat(obviously that's what you were referring to).

 

Ran the search and it seems to be clear now.  Have attached the search.txt

 

Everything seems to be fine now.  Doesn't run like a brand new install but then again

- I am using the old admin account

- I have used 600 of my 700gb hard drive and all data is on the one c drive(no other partitions)

 

 

 

Attached Files

•  Search.txt   1009bytes   233 downloads

[James35]

Hi

 

I redid the registry backup in safe mode and it copied 15/15.

 

I ran the regfix2.bat(obviously that's what you were referring to).

 

Ran the search and it seems to be clear now.  Have attached the search.txt

 

Everything seems to be fine now.  Doesn't run like a brand new install but then again

- I am using the old admin account

- I have used 600 of my 700gb hard drive and all data is on the one c drive(no other partitions)

 

 

 

Attached Files

•  Search.txt   1009bytes   233 downloads

[dbreeze]

I sincerely apologize for fubaring the instructions; it was late and writing the bat script took longer than I thought.  I'm glad you worked it out and now on to good news ....

 

Based on the searches and other logs, your files look clean!!  However, you do need to install a AntiVirus and have it running.  See the information  below for some suggestions.

 

As to the performance of the system, a new user account would go a long way to helping that.  Do you need any help with that?  Microsoft has some instructions on how to do this here (this is a copy of one account to a fresh one).

 

 

 

If you have no other concerns or questions, then let's get the tools removed and you on your way!!

 

All right!! Your logs are clean and you're good to go now!! We've got some final steps left to do to clean up our tools and get your system in good running condition and then you are on your way. I must say though, even though we met through less than ideal circumstances, it has been really great to work with you. Just run through the steps from the Cleanup of Tools to the Program Update Checker. That's it. Thanks.


Clean up of Malware Removal Tools
Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.
If you did not do so at the end of its scan, please uninstall ESET Online Scanner at this time.  You can use the Control Panel 'Add / Remove Programs' or 'Programs and Features' utility to uninstall it.
 

• Download Delfix from here to your desktop and double click it to start the program
• Ensure Remove disinfection tools is ticked
  Also tick:
• Activate UAC
• Create registry backup
• Purge system restore
• Reset system settings
• 
• Click Run
• The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.


Keep Windows Updated
Microsoft issues updates to Windows to close vulnerabilities as they are discovered. Staying updated helps protect your system from current exploits.

• Click Start and then click Control Panel.
• Click on the View by: in the upper right corner and select Large Icons (you can change this back later if you like).
• Scroll down and click on Windows Update.
• Click on Change settings.
• Under Important Updates, click on Install updates automatically (recommended).
• Select (click on) the other options on this page.
• Select a day and time to have windows install the updates.
• Click on Ok to change the settings.
• If you want to change the view of the Control Panel display, click on the View by: in the upper right hand corner and select an option you prefer.

Keep other Important Programs Updated
Along with keeping Windows updated, it is a good idea to keep important programs updated. Java and Adobe Reader both need to be kept updated to the latest versions; malware writers utilize exploits in the unpatched versions to their advantages.

Java
Most security experts and the US CERT (part of the US Homeland Security) now recommend that users uninstall Java from their systems; if you don't have any programs that need Java on your system, you are safe to do this. You can read some of the articles on this here and here. I strongly suggest you uninstall Java unless you need it run certain software; in that case I would recommend that you disable or unplug Java from your web browsers and only enable it when you need it.

To disable / unplug Java in your browsers:

• How to disable Java in your web browser
• How to unplug Java from the browser

To uninstall Java (on Win7):

• Click Start and then click Control Panel.
• If you need to, click View by: and select either Large Icons or Small Icons.
• Click on Programs and Features.
• Scroll down until you find Java and click on it to select that program.
• (Older versions of Java may appear in the program list as J2SE, Java 2, Java SE or Java Runtime Environment.)
• Click Uninstall.
• If more than one version of Java shows in your program list, you should repeat the selection and uninstall until all of them are removed.

To check for the latest version of Java and installation steps:

• Go to java.com and click on Do I have Java?.
• On the next page, click on Verify Java Version.
• If you get a security pop up entitled "Do you want to run this application?" with the Name: Java Detection and Publisher: Oracle America, Inc., click Run.
• Follow the recommendations (if any) on the results screen.
• If there is a new version (or none at all on your system), there will be a button on the page showing Agree and Start Free Download. Click on it to update or install Java.
• The site will start a download of jxpiinstall.exe. Save the file to your desktop.
• When the download is finished, close your browser.
• Right click on the jxpiinstall.exe and select Run as Administrator.
• On the opening window, check Change destination folder and then click Install>.
• The program will now download the rest of the files needed to install Java.
• On the Destination Folder window, click Next>.
• On the next window, the install will present you the option of adding additional software (this is known as Foistware).
• Uncheck the Set and keep Ask as my default search provider.
• Uncheck the Install the Ask Toolbar.
• Click Next> to finish the install.
• When the installation is finished, you will be taken to a web page that will check to see if Java is working properly.

Adobe Reader
Adobe Reader is the second most targeted (by malware) common software. If all you ever do with Adobe Reader is view PDF files, then please consider replacing it with a lighter, free PDF reader that is not exploitable. One that we recommend is Sumatra PDF.

To update Adobe Reader:

• Launch your Adobe Reader.
• Click Help and then click on About Adobe Reader from the menu list.
• If the version is 11.0.04 then you are up to date. If it is less than this and you are keeping Adobe Reader, you should update to the latest version.
• The best place to get Adobe Reader is from Adobe (click on Adobe to go there now).
• Click on Download in the menu bar on top of the Adobe web page.
• Click on Adobe Reader in the list on the right hand side of the page.
• On the next page, click on the check mark (to turn it off) beside the option to include the McAfee scanner in the download and install. Make sure the check is NOT marked (this is another example of Foistware).
• Click the Install Now button and follow the directions on next page.
• If you are prompted to Save the installer file, choose to save it to your desktop. Once it is saved, right click on the file and select Run as Administrator.
• When the installation is finished, you can delete the installer file on your desktop.

Consider a program that will check for out-of-date programs on your system
Some programs don't have update checks built in or make you run the application to start the check for updates process. An easier way to stay on top of the current versions of your installed programs is to use a version checking program like Heimdal Free from Heimdal Security (you can get the software from here and read more about it on the same page).


You are now done!

Now some information on programs to help keep you safe:

First, an Antivirus program. You NEED one; free is just as good as paid-for as long as you keep them updated. ONLY use one at a time as having more than that will cause system problems. Here are some free ones to check out:
Microsoft Security Essentials
Avast! Free Antivirus

Next, a firewall is a must have now-a-days. The built in firewall in Windows 7 is fine (just make sure it is turned on (Start > Control Panel > Windows Firewall)). Or, if you like, you could choose one of the free ones listed here:
Emsisoft Online Armor  -  installs as trialware which converts to freeware in 30 days
Zone Alarm Free Firewall  -  installer includes foistware so read the options very carefully

=== options ====
Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing.  By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed.

CryptoPrevent is a free program that prevents CryptoLocker / ransomware from infecting your PC by locking down the OS so the malware can not get a grip on your system.  You can read the details about this program here.

Also, consider adding MalwareBytes Antimalware to your arsenal of safe keeping programs. Use the free version (not the paid or trial version) and you won't have a problem with your antivirus scanner program. Keep it updated and run a scan with it once a week.

Lastly, if you use Firefox as your main web browser, consider adding the NoScript and AdBlockPlus add-ons to the browser to block scripting hijacks and remove unwanted ads from the pages you view.

You may also find some information and tips at this thread:
 How did I get infected in the first place?
and
COMPUTER SECURITY - a short quide to staying safer online
 

I'll leave this topic open for a few days so that if you have any questions you can come back here. Surf safe, my friend!!
 

 

[James35]

Hi

 

I downloaded and ran the dflix program.  initially it displayed a log which showed that it removed all the programs e.g. adware, zoex and so on.  however I didn't copy/paste it straightaway as I thought its on the desktop.  however I couldn't find the log anywhere.  I downloaded and ran it again but all software has gone so no log activity this time.  I just realised it gets written to c so heres the log but its overridden the previous file which did remove all the software I downloaded except for malwarebytes.

 

# DelFix v1.011 - Logfile created 20/09/2015 at 17:25:37
# Updated 18/08/2015 by Xplode
# Username : James- SAMSUNG-LAPTOP
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #201 [End of disinfection | 09/20/2015 15:04:56]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Edited by James35, 20 September 2015 - 10:34 AM.

[dbreeze]

So everything else is good?  Did you install a AV?

[James35]

Yes.  Everything seems to be fine.

 

I installed the Microsoft security essentials as recommended.

 

I do have one question though, you made me remove all the clean up removal tools including Adware.  Just wondering should I not download Adware and keep it, I think that was the one that removed the proxy issus whilst malwarebytes was unable to.

 

Thanks

[dbreeze]

Actually, the Fixlist.txt script fixed your proxy issue. 

 

As to AdwCleaner, it is not an automatic tool so it relies on a user to make the final determinations on repairs.  The writers make no guarantees on AdwCleaner never being able to 'bork' a system since it is the user that tells it to remove items.  The choice is up to you.

 

If you are interested in learning more about the tools and techniques of malware removal, I would suggest you check out GeekU.

[James35]

HI Dbreeze, I suddenly got a bit busy so sorry not to reply earlier .

 

Many thanks for your time and help, I really appreciate you cleaning my computer for me.  Have made a small donation for your help.

 

I just have two final questions:

 

1.  You said Adware might bork the system.  Does the same apply to Malwarebytes or is Malwarebytes ok to just scan and delete everything it quarantines?

 

2.  I currently have my windows automatic updates on.  Its currently set to 'install updates automatically' once every 3 days at 3pm.  There are also some further options which have been selected:

- Recomended updates (Give me recommened updates the same way I recieved important updates)

- Who can install updates (Allow users on this computer to install updates)

- Microsoft update (Give me updates for microsoft products and check for new optional microsoft software when I updates windows)

 

I notice the updates occur quite often which is a bit irritating but I dont mind it if its really required.  I want to ensure that only the important things are there e.g. to prevent security and most important things.  Shoudl I leave the current settings as is or can/should I change anything i.e. remove recommended or microsoft update or would you not recommend this in which case I shoudl leave it as is?  My guess microsoft updates could be nothing important e.g. not related to windows or performance but I really don't know.  Also is it ok to change to updates to 1 a week - I use my computer daily though.  Please advise.

 

Once again Many thanks for your help.

 

James

[dbreeze]

1) The point about AdwCleaner is that it is more of an advanced tool for malware removal / system repair than a standard scanning tool.  Malwarebytes programs are designed for unattended cleaning BUT that is after some time of actually rendering some systems unbootable.  All of those problems seem to be fixed with version 2 so there should be no problems in the future.

 

2) The default settings for MS Updates is fine.  I would not choose a time longer than one week between update checks (if you want to change that); MS does put out urgent updates when necessary so you don't want to wait too long for those patches to your system.

 

3) Thank you for the donation;very much appreciated.  More importantly though, is there anything else we can do for you now?

[James35]

No, everything seems to be fine now.  Actually the updates have also stopped and it's loading faster now so all is well.

 

Thanks for everything!

[dbreeze]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.