Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Suspected malware, Zone Alarm registry changes


  • Please log in to reply

#16
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Overall, it's running much better. Thank you.

 

 

That is excellent news. I think you are good to go. :thumbsup:

We have a couple of last steps to perform and then you're all set. :)

To clear away the tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

  • Remove disinfection tools
  • Purge System Restore
  • Reset System Settings

    Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

-------------------------------------------------------------------------------------------------------------------

A reminder:  Remember to (re-install if uninstalled during cleaning) update and turn back on any anti-malware programs you may have turned off during the cleaning process.
-------------------------------------------------------------------------------------------------------------------

Here are some things that I think are worth having a look at if you don't already know about them:

---------------------------------------------------------------------------------------------------------------------

It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article Strong passwords: How to create and use them.

----------------------------------------------------------------------------------------------------------------------

So many of us use Facebook nowadays. Go here for a guide to Facebook security.

-----------------------------------------------------------------------------------------------------------------------

Java warning

Java is a popular point of entry to your computer for malicious programs. Unless you need it to run an important software the safest approach is to completely uninstall Java. Where you do require it, then the next safest option is to disable it in your browsers until you need it, then enable it.

How to disable Java in your web browser and How to unplug Java from the browser

If you do still need Java then regularly check that it is up to date. Older versions are the most vulnerable to malicious attack.
 

  • Download Java for Windows

    Reboot your computer.
    You also need to unininstall older versions of Java.

       
  • Click Start > Control Panel > Add or Remove Programs
       
  • Remove all Java updates except the latest one you have just installed.

--------------------------------------------------------------------------------------------------------------------

CryptoLocker Warning

There is a particularly nasty infection out there at the moment.

Go here for information about CryptoLocker Ransomeware

Download CryptoPrevent free for home use.

--------------------------------------------------------------------------------------------------------------------

Hola users warning.

If you use the Hola VPN (Virtual Private Network) you should be aware that you might be compromised. See here.

--------------------------------------------------------------------------------------------------------------------

To help protect your computer in the future:



If you do not already have automatic updates set then it is recommended that you do set Windows to check, download and install your updates automatically.

    * Click Start > Control Panel > System and Security > Windows Update
    * Under Windows Update click on Turn automatic updating on or off
    * Check items shown to ensure you receive updates automatically. Click OK.

Be aware of what emails you open and websites you visit.

Go here for some good advice about how to prevent infection.

For some common sense advice about protecting your computer read How to boost your malware defense and protect your PC

A fun way to check your online safety literacy.

Quiz - getsafeonline

Have a safe and happy computing day!


  • 0

Advertisements


#17
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts

Thanks for the info. I use NoScript to prevent Java from running without my approval. Is that enough protection?

 

Here goes my last log:

 

# DelFix v1.013 - Logfile created 01/05/2016 at 14:06:08
# Updated 17/04/2016 by Xplode
# Username : Smash - SIDEKICK
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\SecurityCheck
Deleted : C:\Users\Smash\Desktop\Addition.txt
Deleted : C:\Users\Smash\Desktop\AdwCleaner.exe
Deleted : C:\Users\Smash\Desktop\AdwCleaner[C1].txt
Deleted : C:\Users\Smash\Desktop\Fixlog.txt
Deleted : C:\Users\Smash\Desktop\FRST.txt
Deleted : C:\Users\Smash\Desktop\FRST64.exe
Deleted : C:\Users\Smash\Desktop\JRT.exe
Deleted : C:\Users\Smash\Desktop\JRT.txt
Deleted : C:\Users\Smash\Desktop\SecurityCheck.exe
Deleted : C:\Users\Smash\Desktop\Shortcut.txt
Deleted : C:\Users\Smash\Downloads\Extras.Txt
Deleted : C:\Users\Smash\Downloads\HijackThis.exe
Deleted : C:\Users\Smash\Downloads\hijackthis.log
Deleted : C:\Users\Smash\Downloads\OTL.Txt
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #532 [JRT Pre-Junkware Removal | 04/18/2016 04:56:35]
Deleted : RP #533 [Removed 7-Zip 9.20 (x64 edition) | 04/18/2016 14:43:53]
Deleted : RP #534 [Removed AVG | 04/27/2016 14:19:23]
Deleted : RP #535 [Removed AVG 2016 | 04/27/2016 14:25:57]
Deleted : RP #536 [Removed VAIO Care. | 04/27/2016 14:43:41]
Deleted : RP #537 [Removed VAIO Care. | 04/27/2016 14:47:37]
Deleted : RP #538 [Removed Microsoft Office Word Viewer 2003 | 04/27/2016 15:18:32]
Deleted : RP #539 [Removed VoiceOver Kit | 04/27/2016 16:35:19]
Deleted : RP #540 [Removed Visual Studio 2012 x64 Redistributables | 04/27/2016 16:39:17]
Deleted : RP #541 [Removed Visual Studio 2010 x64 Redistributables | 04/27/2016 16:40:44]
Deleted : RP #542 [Removed Visual Studio 2012 x86 Redistributables | 04/27/2016 16:43:18]
Deleted : RP #543 [Removed Java 8 Update 91 (64-bit) | 04/30/2016 16:11:05]
Deleted : RP #544 [TrueCrypt installation | 04/30/2016 16:39:11]
Deleted : RP #545 [Removed QuickTime 7 | 04/30/2016 20:48:46]
Deleted : RP #546 [Removed QuickTime 7 | 04/30/2016 20:50:06]
Deleted : RP #547 [Windows Update | 04/30/2016 21:22:06]
Deleted : RP #548 [Windows Update | 04/30/2016 23:20:28]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 


  • 0

#18
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

I use NoScript to prevent Java from running without my approval. Is that enough protection?

 

I think NoScript is great and yes I think that would do the job. Remember though that your Java should always be kept up to date.

 

 

Here goes my last log:

 

That looks good. :thumbsup:

 

I will keep this topic open for a day or two in case any issues arise. :)


  • 0

#19
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts

Fantastic. Thanks for all your help!


  • 0

#20
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Your very welcome. :happy:


  • 0

#21
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 56 posts

One question. I've noticed some lingering lags, but they seem to be associated with USB peripherals. I use an apple mouse and an apple keyboard. Sometimes if I adjust the volume on the keyboard, the PC doesn't immediately respond, then cranks it all the way in one direction or the other, as if I had held my finger on the key.

 

I have one USB port that I have deactivated, because it always thinks there's something plugged in that it doesn't recognize, even when it is unused.

 

Does this sound more like a hardware problem? I suppose it could be an old driver, but I haven't changed any of the hardware it works with.

 

Thanks


  • 0

#22
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello blues57,

I don't think that is a malware problem.

 

Not my area of expertise I am afraid.

Try opening a topic here and hopefully someone will have an answer for you. :)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP