Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan infection

trojan

  • Please log in to reply

#16
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Okay, but i'm not sure which test produces a speccy log.??



I would like to keep going checking out my computer but Im not sure what test you are asking me for. Which one produces a Speccy log?
  • 0

Advertisements


#17
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

  • 0

#18
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Speccy File attached.Attached File  ROBERTJ-PC2.txt   574.77KB   45 downloads
  • 0

#19
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

How is it running now?

 

Let's get a second opinion on your hard drive and on the temps:

 

 
  See if you can get Speedfan to work:
 
 
Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).
 
It will tell you your temps.  Speccy was saying your CPU was running at 52 but they are not always accurate.  What does Speedfan say?
 
click on the S.M.A.R.T. tab.  Click on the down arrow to the right of the Hard Disk box.  Select your hard drive.  Click on Perform and In-depth Online Analysis of this hard disk.  Your browser will open.
 
At the bottom of the new page will be a line:  
 
The link to get back and see a new report about this hard disk in the future is this.
 
Right click on the underlined "this" and select Copy Link Address.  Move to a Reply and Paste (Ctrl + v).
 
 
 
Forgot to ask you:  Do you get McAfee for free or do you have to pay for it?  If you are paying for it then you should seriously consider a different anti-virus when it comes time to renew.  Kasperski or Bitdefender work a lot better than McAfee.  If it's free then you might want to try the free Avast instead.   

  • 0

#20
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
http://www.hddstatus...cation=FE9A7867

I get my McAfee through Att. It comes as a free add on with my ATT Internet service.
  • 0

#21
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

I'm not a big fan of McAfee.  Usually scores low on tests of anti-virus software, is poorly written so that it doesn't uninstall cleanly and we see a lot of PCs with McAfee in the forum.  I prefer the free Avast even with the stupid popups in the bottom right corner.  

 

 

What temp does Speedfan tell you?

 

How is it running now?


  • 0

#22
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

http://www.hddstatus...cation=3057752A

 

If I'm reading it right, it is 23C.


  • 0

#23
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

The temps should be on the first tab (Readings)  of speedfan:

 

sf.JPG

 

Sometimes called Temp1,2,3 or Core 1,2 ,3 or CPU1,2,3  

Usually the highest one fo the above is what we want.

 

HD1,2,3 is the hard drive(s).  

 

GPU is your video card if you have a separate one.

 

How is it running?


  • 0

#24
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

HD 0 34C

temp 1 49C

Core 0 49C

Core 1 45C

 

the computer seems to be working ok.

a quick question about windows 7, I have noticed that the auto updates do not always load all the downloads. I this because it doesn'ts apply to my computers configuration? Also Service 2 pack has never been downloaded, will this update AND backfill the missing pieces of Service pack 1?


  • 0

#25
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Don't know about the updates.  If you look at Speccy most of the ones it says failed are also in the installed list so I assume they may have failed once or twice and then installed OK.  Others may fail because they no longer apply having been superceded by some other update.  As long as Windows Updates is not continuially trying to install the same update then I think there's nothing to worry about.

 

Another reason that all updates do not automatically get downloaded is that MS tries to limit the load on their servers so some updates will be held back from the automatic update process for a while tho you can usually download them if you do a manual update.

 

I think we can clean up now:

 

If we used a FRST fixlist
To delete the Quarantine Folder used by FRST create a fixlist.txt file with just the following line:
 
DeleteQuarantine:
 
Save the fixlist.txt to the same folder as FRST then run FRST and hit Fix.  You can easily delete any other folders and logs.
 
If we installed Speccy it needs to be uninstalled.  Process Explorer, VEW, AdwCleaner, JRT  and their logs and Speccy's log can just be deleted.
 
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.  Flash is now the most malware targeted program so it must be kept up to date.  Be careful with Adobe.  They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan (now renamed as something from intel).  Go slow and uncheck the optional stuff.
 
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program.  There is an exploit out there now that can use it to get on your PC.  For Adobe Reader:  Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript.  OK Close program.  It's the same for Foxit reader except you uncheck Enable Javascript Actions. 
 
 
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on.  Go to adblockplus.org with each browser and get the add-on.  (It's actually a program for IE)
 
If Chrome/Firefox is slow loading make sure it only has the current Java add-on.  Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox.  Close Chrome/Firefox/Skpe. Hit Optimize.   You can run it any time that Chrome/Firefox seems slow starting..
 
If you are a Facebook user get the FB Purity extension for your browser:
This will stop all of the suggested pages and ads so that Facebook loads much quicker.
 
 
Be warned:  If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum.  If you must use P2P then submit any files you get to http://virustotal.combeforeyou open them.
 
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
 
CryptoPrevent
 
 
The free version does not update on its own so you should check for updated versions once in a while. When you install it the default is NONE which is kind of worthless so change it to Standard or default. If you have problems after installing CryptoPrevent you can just uninstall it.
 
If you have a router, log on to it today and change the default password!  If using a Wireless router you really should be using encryption on the link.  Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business.  See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important.  If you don't know how, visit the router maker's website.  They all have detailed step by step instructions or a wizard you can download.
 
Special note on Java.  Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better.  These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE.  Get the latest version from Java.com.  They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download.  Just uncheck the garbage before the download (or install) starts.  If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.  IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level.  OK.
 
 
My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's an Orcas Island environmental organization that I volunteered with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)
 
Ron

  • 0

Advertisements


#26
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts

Ok Im sorry but I'm confused about how to/whereto save the fixit.text. Ive got the FRST program and I have another folder that says "FRST-OLDER. am I saving to this folder? if so how do I get that folder into FRST program to run it??

Been trying to figure this out for a couple days, I don't want to screw anything up! Sorry if I am being an idiot.


  • 0

#27
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Appears your FRST is on the desktop:

 

Running from C:\Users\Robert J\Desktop

 

 

so the fixlist needs to be on the desktop.  If you need to you can just open the fixlist in the download folder then File, Save As, (to the desktop) fixlist, OK


  • 0

#28
BuddysBoy

BuddysBoy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Ok I think I have everything done that you suggested. I don't think I have Flash or Shockwave on my computer. What is the easiest way for me to double check myself in case I'm overlooking it?
  • 0

#29
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,031 posts
  • MVP

Look in Control Panel, (View by: Large Icons) Programs and Features.  They are both Adobe products.  If you don't see them there you don't have them installed.  You do not need Flash for Chrome but IE & Firefox do need it.


  • 0






Similar Topics


Also tagged with one or more of these keywords: trojan

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP