Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Virus or spyware

clean this device Facebook and ESET Scanner download Scanner

  • Please log in to reply

#46
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Hello Bruce,  

 

I hope this is correct.  I think I followed the instructions right.  The computer seems to be running properly now.  Now maybe I can download my Trend Micro Internet Security.   

 

Attached File  ESET log.txt   1.02KB   24 downloads


  • 0

Advertisements


#47
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

We'll remove what ESET has found - one was already quarantined by AdwCleaner and will be removed when I remove all the tools I have used.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Download the attached fixlist.txt to your desktop.Attached File  fixlist.txt   269bytes   26 downloads
  • Ensure fixlist.txt is in the same location as FRST.exe on your desktop.
    FRSTfix.jpg
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.


    Now maybe I can download my Trend Micro Internet Security.


    Is this a paid for subscription? There are some good Anti Virus out there which are free :) You have AVG installed so make sure you only ever have one anti virus installed and running so uninstall this if you go ahead with it.


    Also run a security check

    Please download Security Analysis by Rocket Grannie from here
  • Save it to your Desktop.
  • Close your security software to avoid potential conflicts.
  • Double click RGSA.exe
  • Click OK on the copyright-disclaimer
  • It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
  • Please copy and paste the contents of that log in this topic.

    Things for your next post:
  • fixlog.txt
  • SALog.txt
  • Are you still ok getting into Facebook now?

  • 0

#48
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

ESET log scan results-2-26-18 8-10 pm  EST..jpg Attached File  ESET log.txt   1.02KB   32 downloadsPage screw-up.JPG Bruce,

 

We have a problem here, I can not open up google on Bobs computer.  Somewhere between this morning and late afternoon, Ransom Ware Hit.   I think it is ransom ware.   I just

can not seem to stop it.  Do not close your computer down this a internet security alert, or something to that effect.  I have had this happen before, but to bad for me, I can't remember what to do.   S**t happens around here I guess.  Do you have any suggestions?  I am rerunning the ESET Scanner to see if it gets it or not.

 

The first one is my computer page for this forum.  I don't know what happen.  put it only opens like that. 


Edited by RobertDad, 26 February 2018 - 07:13 PM.

  • 0

#49
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

I was getting into Facebook but still can't get the game Slotomania to toggle to the New Look that they have.   The clean this device, is now gone.  Just had the Internet Security Alert - ransom ware, but it seems okay now.  


  • 0

#50
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Attached File  SALog.txt   441bytes   17 downloadsFix result of Farbar Recovery Scan Tool (x86) Version: 24.02.2018
Ran by Admin (26-02-2018 21:34:17) Run:4
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Betty Tremblay & Guest)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
C:\BETTYSLAPTOP\Data\C\Users\BettyTBoop\Downloads\RegAlive (2013_11_15 23_12_53 UTC).zip
C:\Users\Betty Tremblay\Downloads\ccsetup418.exe
C:\Users\Public\Documents\Downloaded Installers\{5386DB6C-026A-4D5F-9EE2-13619CA24320}\setup.msi
EmptyTemp:
*****************
 
Restore point was successfully created.
C:\BETTYSLAPTOP\Data\C\Users\BettyTBoop\Downloads\RegAlive (2013_11_15 23_12_53 UTC).zip => moved successfully
C:\Users\Betty Tremblay\Downloads\ccsetup418.exe => moved successfully
C:\Users\Public\Documents\Downloaded Installers\{5386DB6C-026A-4D5F-9EE2-13619CA24320}\setup.msi => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8192 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5492081 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 259371 B
Edge => 0 B
Chrome => 39315250 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
LocalService => 692 B
NetworkService => 1868 B
Admin => 18066235 B
Betty Tremblay => 0 B
Guest => 0 B
 
RecycleBin => 2417168 B
EmptyTemp: => 62.5 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 21:34:49 ====
 
 
 
 
 
My subscription for Trend Micro runs out in Sept. 2018, it is for 3 computers, but  was not able to upload it here on Bob's.  I have very good luck on my computer with it, except for the ransom ware 1 time.  They told me how to get rid of it, over the phone.  They took the URL that came from and blocked it.  It never (knock on wood) came on my computer.  It has hit Bob now.
 
This is what I saw after I ran the program.  
RGSA.exe Decline.jpg
When I said okay then I saw the Salog.txt on my desktop.    Are you teasing me?   Each program I have to figure out what to do. I sure scared me when it wouldn't run.  
 
 
Attached File  SALog.txt   441bytes   17 downloads
 
 
Still getting into Facebook ok.     I am going to install the AVG Free for now, I may change it to Trend Micro on renewal.   Do you think it is a good program-it isTrend Micro Maximum Security?

Attached Thumbnails

  • RGSA.exe   Decline.jpg

Edited by RobertDad, 26 February 2018 - 09:08 PM.

  • 0

#51
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

All the programs i ask you to run are perfectly safe but by their nature some will be flagged as potentially dangerous by some AV's. When running these tools it's usually best to ensure Anti Virus and other security programs are turned off. I probably forgot to tell you that. Sorry.

Trend Micro is a fine product and if you are happy with it and are stilll currently subscribed then worth keeping. However as Vista is no longer a suppported windows platform by Microsoft then you may not get the full protection it offers and there may be some compatibility issues. See this.

Perhaps for now keep AVG. I'll cover more security issues when we close up :)

Ok, can you run fresh FRST logs
  • Please run Farbars Recovery Scan Tool again. Run FRST by right clicking on it and selecting Run as Administrator. Allow it to update if it wants to.
  • Please tick the Addition.txt box under Optional Scan.
  • Press Scan button.
  • It will make logs FRST.txt & Addition.txt in the same directory the tool is run.
  • Please copy and paste the FRST.txt and Addition.txt to your reply.

  • 0

#52
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Hello  Bruce,

 

Here are the files, I hope:  Would it be okay to delete the other files that we did before, it is getting a little cluttered on the Desktop.

Attached File  FRST.txt   33.76KB   23 downloadsAttached File  Addition 1b.txt   28.88KB   22 downloads     


Edited by RobertDad, 27 February 2018 - 11:02 PM.

  • 0

#53
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

We'll declutter your desktop when I remove my tools at cleanup. :)

Just a few leftover tidy up in FRST. Otherwise looks good.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Download the attached fixlist.txt to your desktop.Attached File  fixlist.txt   521bytes   25 downloads
  • Ensure fixlist.txt is in the same location as FRST.exe on your desktop.
    FRSTfix.jpg
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.


    Some advisory security issues

    Internet Explorer

    Your internet explorer is out of date. Although this is not your default browser I would recommend you have the latest version your operating system will support. For windows vista this is Internet Explorer 9. You can download it here.

    Java

    javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application.

    Upgrade Java : (32 bits)
  • Download the latest version of Java SE Runtime Environment (JRE) JRE Version 8 Update 161 .
  • Click on Free Java Download and follow the on screen instructions. Download this to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista or Win 7 users, right click and select "Run as an Administrator.")

    End of support for Vista

    Microsoft Vista is now no longer a supported operating system by Microsoft. This means that it no longer receives critical software updates and patches and is at major risk of infection.

    I would strongly urge you to consider upgrading to a supported operating system as soon as possible. Here is an article on what options you may have and some security measures you can consider if you are not in a position to upgrade.

    Things for your next post:
  • Fixlog.txt
  • Are there any other issues/questions before we finish up?

  • 0

#54
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
 
This is all I have for now.  Could not find a copy of Fixlist.txt anywhere on the computer.   I did everything I have done before and still no luck, there was a shortcut for it on my desktop, but I couldn't open it, file is invalid, missing, corrupt or moved.   I will finish in the morning with what I can do.  Good Night.
 
 
Fix result of Farbar Recovery Scan Tool (x86) Version: 28.02.2018
Ran by Admin (28-02-2018 20:51:19) Run:5
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Betty Tremblay & Guest)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
 
*****************
 
 
==== End of Fixlog 20:51:19 ====

  • 0

#55
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

I do have questions, but have totally forgotten them.   I want to thank you for all your help, patience and understanding.   


  • 0

Advertisements


#56
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts

Hi

Can you go to FRST folder - it should be located at C:\FRST and look for a folder called logs.

Double click on this and you should see all the FRST, Addition and Fixlogs. Look for a fixlog that might have been run on 28/02/2018 before 20:51:19.

If you see one please post this log. If you don't please try to download the fixlist.txt from post #53 to your desktop and open FRST.exe and click on Fix button.

Upon reboot this will create a fixlog. Please post this.
 

I do have questions, but have totally forgotten them.


No worries, I'm sure they'll come back to you. Probably when lying in bed and you'll ping awake! :rofl:
 

I want to thank you for all your help, patience and understanding.


Your most welcome. :thumbsup:

Once i get your log and confirm all looks good, i'll clean up and remove all the files/tools and post some further advice on keeping your computer safe. :)


  • 0

#57
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Here you go, I hope.

 

Fix result of Farbar Recovery Scan Tool (x86) Version: 28.02.2018
Ran by Admin (28-02-2018 20:51:19) Run:5
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Admin & Betty Tremblay & Guest)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
 
*****************
 
 
==== End of Fixlog 20:51:19 ====
 
I just remembered one question:  I do a "Clear Browser Data" and "Disc Clean" every night.   Should I be doing that, if not, how often is the right time, if any.   Thanks.  

Edited by RobertDad, 02 March 2018 - 12:32 AM.

  • 0

#58
Bruce1270

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,703 posts
Hi

The log hasn't run but don't worry it was only a few minor remnants of files that have been removed and will have no impact.

So subject to no further issues...

Good News! - Your system now appears to be clean. :)
Now for some clean up and "housekeeping" procedures.


A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
  • Download Delfix from here
  • Locate the file and right click on it. Click on Run as Administrator.
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore
  • Reset system settings

    delfix.jpg
  • Click Run

    The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply


    Advisory

    As previously mentioned I would strongly urge you to consider upgrading to a supported Windows system as soon as possible. :)

    Malwarebytes - Update and run weekly to keep your system clean.


    Some tips to stay safe
  • Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
  • Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
  • Be careful of the websites you visit.
  • When browsing the internet, look closely at the links you click on. Some aren't always what they seem.
  • Avoid Peer to Peer file sharing utilities, these are a minefield of malware infections.
  • Pay attention when installing a program to your computer, particularly to any check boxes that may appear during installation, it is common for unwanted software to be installed in this way.

    To learn more about how to protect yourself while on the internet read this little guide Best security practices.

    Go here for some good advice about how to prevent infection.

    Happy safe surfing!! :)

    I just remembered one question: I do a "Clear Browser Data" and "Disc Clean" every night. Should I be doing that, if not, how often is the right time, if any. Thanks.


    That should be mre than sufficient. Usually I would recommend around once a month but if you have a routine for every day that's fine.

    That's us finished now. It's been a pleasure working with you. :)

    I'll leave the topic open for a few more days in case of any further questions.

    P.S Don't forget to post the Delfix log!

  • 0

#59
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
I will do the logs again from Bob's computer instead of mine.  I hope I didn't mess up my computer.    Too much to do and so little time.  
 
OMG, So sorry, but I saw the other boxes to check and I did that and deleted the first one I did with only the "Remove disinfection tools".   Is there anything I can do to get it back.   Notepad=I hit the save button, but it didn't show where it saves it too.  It is not in any of my folders or on the flash drive.    This is a very, very bad day.  I ran this all on my computer, what will happen to my computer now.   And NOW I have to replace a battery in one of my digital clocks, maybe I should wait until tomorrow.  That may be a better day.

Edited by RobertDad, 02 March 2018 - 05:19 PM.

  • 0

#60
RobertDad

RobertDad

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Delfix will not run.  I have the download, but I can get it to run.  I will keep trying. 

 

 

Still can not run Delfix-it worked fine on my computer, must be the chrome.


Edited by RobertDad, 03 March 2018 - 03:10 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP