Maurice Naggar Posted October 18, 2014 ID:892007 Share Posted October 18, 2014 Is the scan proceeding or is it aborting? Link to post Share on other sites More sharing options...
Shako62 Posted October 18, 2014 Author ID:892008 Share Posted October 18, 2014 Got it to run so running now... Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 18, 2014 ID:892009 Share Posted October 18, 2014 After the online scan, then you could install an antivirus program.If cost is an issue, you can get a good free one from BitDefender.ESET makes a top of the line antivirus as does BitDefender, Avira, Kaspersky too. **Download and install an antivirus program, and make sure that you keep it updated**New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.I suggest getting the BitDefender Free Editionhttp://www.bitdefender.com/solutions/free.html**Note:** You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC. I will be away for a few hours and will plan to check on you much later. Link to post Share on other sites More sharing options...
Shako62 Posted October 18, 2014 Author ID:892010 Share Posted October 18, 2014 I typically will buy something if it is good or recommended... I will download and install the free one you just mentioned after the scan...Then search / research a good one to haveScan so far it has foud one threat.. "variant of win32/Bundled.Toolbar.Ask.F Link to post Share on other sites More sharing options...
Shako62 Posted October 18, 2014 Author ID:892065 Share Posted October 18, 2014 Scan finished, here is the text file, 3 threats detected...ESET.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 18, 2014 ID:892090 Share Posted October 18, 2014 The 3 files you should be able to delete on your own. Use Windows Explorer. Navigate to each location. Select file > delete.C:\ProgramData\APN\APN-Stub\W3IV6-G\APNIC.dll a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe applicationC:\Temp\ARO2010_mt.exe C:\Users\All Users\APN\APN-Stub\W3IV6-G\APNIC.dll TIP:Pay close attention when installing 3rd-party programs.It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed. Furthermore, If the license agreement or installation screens state that they are going to install a toolbar or other unwanted adware, it is advised that you cancel the install and not use the free software. Q: How is the system now ? Link to post Share on other sites More sharing options...
Shako62 Posted October 19, 2014 Author ID:892168 Share Posted October 19, 2014 So far so good, no more pop ups and I can download files... Thank you very much for your assistance today, along with your patience as I worked through things... Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892345 Share Posted October 19, 2014 I suggest running Combofix. You will want to print out or copy these instructions to Notepad for offline reference! These steps are for member Shako62 only. If you are a casual viewer, do NOT try this on your system! If you are not and have a similar problem, do NOT post here; start your own topic Do not run or start any other programs while these utilities and tools are in use! Do NOT run any other tools on your own or do any fixes other than what is listed here. If you have questions, please ask before you do something on your own. But it is important that you get going on these following steps. = Close any of your open programs while you run these tools. On most all of the following programs and tools, you will need to do a right-click on the program link or shortcut or desktop icon (as appropriate) and then select "Run as Administrator". Please remember that as you go along and use these tools, each in turn. If you have a prior copy of Combofix, delete it now Download Combofix from any of the links below, and SAVE it to your Desktop. Link 1 Link 2 **Note: It is important that it is saved directly to your Desktop and not run straight away from download ** Turn OFF your antivirus, otherwise it will interfere. How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work. You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior. Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean. If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)or a UPS system Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser. Right- click on Combo-Fix.exe on your Desktop and select "Run as Administrator".A window may open with a warning or prompts. Accept the EULA and follow the prompts during the start phase of Combofix. When the scan completes Notepad will open with with your results log open. Do a File, Exit and answer 'Yes' to save changes.A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. A file will be created at => C:\Combofix.txt. Notes: [1] IF after Combofix reboot you get the messageIllegal operation attempted on registry key that has been marked for deletion....please reboot the computer, this should resolve the problem. You may have reboot the pc a second time if needed. [2] Do not mouseclick combofix's window nor run any program while Combofix is running. That may cause it to stall. [3]When all done, IF Combofix did not do a Restart...then ... I need for you to Restart the system fresh Reply & Copy & Paste contents of the C:\Combofix.txt log and tell me, How is the system now Re-enable your antivirus program. Link to post Share on other sites More sharing options...
Shako62 Posted October 19, 2014 Author ID:892363 Share Posted October 19, 2014 Attatched Combofix text file.Will evaluate running performance... The pesky internet blocking activeX and scripts popup is a pain ComboFix.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892370 Share Posted October 19, 2014 You need to install an antivirus program just like we discussed before. Please do that now. Tell me, where do you see ""The pesky internet blocking activeX and scripts popup"" ? Link to post Share on other sites More sharing options...
Shako62 Posted October 19, 2014 Author ID:892374 Share Posted October 19, 2014 Bottom of the screen. Rectangualr box half width of screen. Windows pop up error message. I have installed the BitDefender Anti Virus program you mentioned. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892391 Share Posted October 19, 2014 On your antivirus, I would suggest doing a Bitdefender scan ( first closing all of Internet Explorer and any other browser first). As to this webpage, ( and I do not know which website this is ) the IE is giving that message. It is probably a good thing that IE is advising you.Lest you know for real sure that the website is 100% safe. Now, if for example, this is on a Facebook page or a "social media" type page, or similar, it is best to do as IE sugests. Link to post Share on other sites More sharing options...
Shako62 Posted October 19, 2014 Author ID:892397 Share Posted October 19, 2014 It is happening on this current page, Malware forums, the screenshot was from the MSN homepage. It is happening on pretty much any page I visit. Bitdefender is active and scanned on install... Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892402 Share Posted October 19, 2014 I then would not expect that MSN would have bad code. The messages do NOT mean there is a malware on your system.IE is giving you just a notice about running a script or a webpage control off MSN. You have normal options, choose Allowor choose to add this website to the IE browsers list of Safe sites. All of this is normal behavior from Internet Explorer. I am going to compose a list ( for next reply) to cleanup the tools we used so far, Link to post Share on other sites More sharing options...
Shako62 Posted October 19, 2014 Author ID:892405 Share Posted October 19, 2014 Adding to safe list did not fix. Probably something in the security settings for internet. Tools in the drop down list. May have to review settings inthere. Probably got reset doing all this cleaning. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892407 Share Posted October 19, 2014 1.Close all Internet Explorer and Explorer windows that are currently open.2.Start Internet Explorer for a fresh start.Note If you are running Windows 8, start Internet Explorer for the desktop. Changing your settings will affect both Internet Explorer and Internet Explorer for the desktop.3.On the Tools menu, tap or click Internet options. If you don't see the Tools menu, press Alt.4.In the Internet Options window, tap or click the Advanced tab.5.Tap or click Reset. If you're using Windows Internet Explorer 6, click Restore Default.6.In the Reset Internet Explorer Settings dialog box, tap or click Reset.Select the Delete personal settings check box if you also want to remove browsing history, search providers, Accelerators, home pages, Tracking Protection, and ActiveX Filtering data.Tip: For optimal results, enable the Delete personal settings option.7. When Internet Explorer finishes applying default settings,press "Shift+CTRL+Delete keys" and delete temporary internet cache files. tap or click Close, and then tap or click OK. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892412 Share Posted October 19, 2014 We can wrap this up now. I see that you are clear of your original issues.If you have a problem with these steps, or something does not quite work here, do let me know.The following few steps will remove tools we used. Advise me after you have completed the cleanups.We have to remove Combofix and all its associated folders. By whichever name you named it, ( you had named it ComboFix put that name in the RUN box stated just below.The "/uninstall" in the Run line below is to start Combofix for it's cleanup & removal function.Note the space before the slash mark.The utility must be removed to prevent any un-intentional or accidental usage, PLUS, to free up much space on your hard disk. Highlight the line in this CODEBOX.Select & Copy the entire line within this codebox (so that it is in Windows clipboard memory) c:\users\Gaming\Desktop\ComboFix.exe /uninstallStart >> type in cmd >> press the Ctrl+Shift+Enter keyboard combination and cmd.exe will be launched as if you selected Run as Administrator. You will then see a User Account Control prompt asking if you would like to allow the Command Prompt to be able to make changes on your computer. Click on the Yes button and you will now be at the Elevated Command Prompt.Do a Right click within the command prompt window and select Paste. This must show the line from Codebox above.Then tap EnterIF in the case Combofix un-install has an issue, skip that step.NEXT Download OTC to your desktop and run itClick Yes to beginning the Cleanup process and remove these components, including this application.You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.Delete the following if still present:FRST.exe FRST.txtAddition.txtFixlist.txtFixlog.txtmbar.exethe folder \mbarYou may use Control Panel >> Programs and Features and uninstall ESET Online scan. The current Java release version is Java 8 update 25. Uninstall any old version on this system.If you must have Java, then get the latest one.Safer practices & malware preventionHave a hardware router between the incoming internet-modem and your computer.Use a Standard user account rather than an administrator-rights account when "surfing" the web.Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.Check in at Windows Update and install any Important Updates offered.Make certain that Automatic Updates is enabled.How to configure and use Automatic Updates in Windowshttp://support.microsoft.com/kb/306525 Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (OSI) on a monthly basis.See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector Download, install, and keep updated Spyware Blaster (free): http://www.brightfort.com/spywareblaster.html (all Protections should be enabled at all times)Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and MalwareI'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htmSee the FAQ page http://mvps.org/winhelp2002/hostsfaq.htmThat would help to keep your browser away from known spyware/malware sites.Get notified when the MVPS HOSTS file is updatedhttp://winhelp2002.mvps.org/updates.htm Make regular backups of your system to removable media: DVD, USB external hard drive, etc.Having a total image backup of your system stored on DVD/CD is highly important.Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if a disaster hits. How to create a Windows system image in Windows 7 and Windows 8http://www.bleepingcomputer.com/tutorials/create-system-image-in-windows-7-8/How to use System Image Recovery in the Windows 7 and Windows 8 Recovery Environmenthttp://www.bleepingcomputer.com/tutorials/system-image-recovery-in-windows-7-8/ Consider using Web of Trust WOT add-on for your browser(s)http://www.mywot.com/en/downloadhttp://www.mywot.com/en/faq/add-onTake extreme care if you share USB-flash/thumb drives from other people {even from friends, roommates, relatives}Don't plug in an unknown flash/thumb drive into your PC.IF you must do so, hold down the SHIFT-key when you insert the drive.Scan any file with your Antivirus prior to opening or using.On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:ESET Online ScannerBitDefender QuickscanTrend Micro HousecallF-Secure Online ScannerMicrosoft Safety ScannerPanda ActiveScan See Six tips to help you stay safer onlineNever, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !We are finished here. Best regards. Link to post Share on other sites More sharing options...
Shako62 Posted October 19, 2014 Author ID:892424 Share Posted October 19, 2014 Many thanks for the help, files and links to safegaurd future surfing. I will print this off and start working on your recommendations... Really appreciate all you have done... Jon Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2014 ID:892459 Share Posted October 19, 2014 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts