-
Posts
26 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by lilbirdie13
-
Presumably when you say "all but the most common System Protection Restore Points" you mean "all but the most recent"? Okay, I've followed your instructions and everything seems to be working now. I've also deleted the files I downloaded on the day I was infected. ESET shows everything is clear now, and I'm just about to uninstall your tools and delete the restore points. Thank you so much for all your help. I've read your recommendations and will take them into account. Thanks again!
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir Win32/Thinknice.B potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir a variant of Win32/Thinknice.F potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir a variant of Win32/Thinknice.F potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir a variant of Win32/ELEX.AV potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir a variant of Win32/ELEX.AM potentially unwanted application C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}Gw64.sys.vir a variant of Win64/BrowseFox.Q potentially unwanted application C:\FRST\Quarantine\C\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\I61E49TW\2[1].zip a variant of Win32/ELEX.AM potentially unwanted application C:\FRST\Quarantine\C\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\L23B2UT3\AdvanceElite[1].dll a variant of Win32/BrowseFox.O potentially unwanted application C:\FRST\Quarantine\C\Users\Ann\AppData\Local\Temp\ICReinstall_microsoft_word.exe.xBAD a variant of Win32/InstallCore.QD potentially unwanted application C:\FRST\Quarantine\C\Users\Ann\AppData\Local\Temp\optprosetup.exe.xBAD multiple threats So they all seem to be quarantined now, right? Does that mean it's okay? I can leave them there and they won't hurt me?
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Here's the fixlog: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-10-2014 02 Ran by Ann at 2014-10-14 06:29:23 Run:1 Running from C:\Users\Ann\Downloads Loaded Profile: Ann (Available profiles: Ann) Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\I61E49TW C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\L23B2UT3 C:\Users\Ann\AppData\Local\Temp\ICReinstall_microsoft_word.exe C:\Users\Ann\AppData\Local\Temp\optprosetup.exe EmptyTemp: ***************** C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\I61E49TW => Moved successfully. C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\L23B2UT3 => Moved successfully. C:\Users\Ann\AppData\Local\Temp\ICReinstall_microsoft_word.exe => Moved successfully. C:\Users\Ann\AppData\Local\Temp\optprosetup.exe => Moved successfully. EmptyTemp: => Removed 65.1 MB temporary data. The system needed a reboot. ==== End of Fixlog ==== I'll re-scan with ESET and get back to you.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Plus, there are more files showing up on ESET compared to when I ran the scan under your instruction. Is this a bad sign?
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
I don't like the fact that threats still show up on the ESET scan. Should I use ESET or another scanner to remove them?
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
When I run the ESET Online Scanner again, there are still threats: C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir Win32/Thinknice.B potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir a variant of Win32/Thinknice.F potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir a variant of Win32/Thinknice.F potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir a variant of Win32/ELEX.AV potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir a variant of Win32/ELEX.AM potentially unwanted application C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\I61E49TW\2[1].zip a variant of Win32/ELEX.AM potentially unwanted application C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\L23B2UT3\AdvanceElite[1].dll a variant of Win32/BrowseFox.O potentially unwanted application C:\Users\Ann\AppData\Local\Temp\ICReinstall_microsoft_word.exe a variant of Win32/InstallCore.QD potentially unwanted application C:\Users\Ann\AppData\Local\Temp\optprosetup.exe multiple threats
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
This is from SecurityCheck. Results of screen317's Security Check version 0.99.88 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Security Center service is not running! This report may not be accurate! Windows Firewall Enabled! Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Mozilla Firefox (30.0) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Here's the JRT log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.3.1 (10.06.2014:1) OS: Windows 8.1 x64 Ran by Ann on Tue 07/10/2014 at 18:41:50.40 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Tue 07/10/2014 at 18:44:41.90 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
It says the version of JRT I am running is out of date. Should I agree to update now?
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Okay, I ran Adware cleaner. Here's the log file. # AdwCleaner v3.311 - Report created 05/10/2014 at 06:10:55 # Updated 30/09/2014 by Xplode # Operating System : Windows 8.1 (64 bits) # Username : Ann - ANN1 # Running from : C:\Users\Ann\Desktop\adwcleaner_3.311.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16384 -\\ Mozilla Firefox v30.0 (en-US) [ File : C:\Users\Ann\AppData\Roaming\Mozilla\Firefox\Profiles\z979finn.default\prefs.js ] ************************* AdwCleaner[R0].txt - [3870 octets] - [29/09/2014 16:56:49] AdwCleaner[R1].txt - [3930 octets] - [29/09/2014 16:58:59] AdwCleaner[R2].txt - [955 octets] - [29/09/2014 17:02:23] AdwCleaner[R3].txt - [1018 octets] - [05/10/2014 06:09:08] AdwCleaner[s0].txt - [3336 octets] - [29/09/2014 16:59:31] AdwCleaner[s1].txt - [941 octets] - [05/10/2014 06:10:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1000 octets] ##########
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
I think I know where this came from. I tried to install Microsoft Office but since I'd never installed it before, I didn't really know what I was doing. I did get it from a Microsoft site though.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Okay, I'm done scanning. Here is the text file: C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir Win32/Thinknice.B potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir a variant of Win32/ELEX.AV potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir a variant of Win32/ELEX.AM potentially unwanted application C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\I61E49TW\2[1].zip a variant of Win32/ELEX.AM potentially unwanted application C:\Users\Ann\AppData\Local\Microsoft\Windows\INetCache\IE\L23B2UT3\AdvanceElite[1].dll a variant of Win32/BrowseFox.O potentially unwanted application C:\Users\Ann\AppData\Local\Temp\ICReinstall_microsoft_word.exe a variant of Win32/InstallCore.QD potentially unwanted application C:\Users\Ann\AppData\Local\Temp\optprosetup.exe multiple threats Thanks so much for all your help.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
McAfee won't let me turn off real-time scanning unless I buy a subscription. Is there a way around this?
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
There are no other logs, apart from the two I've posted above. The scan showed there was nothing that needed removing.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
My internet connection seems to be working now. Thank you! I'll be hanging around in case you want to ask me any more questions. Thanks for all your help.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
The scan finished and said there was no malware found. Here are the two logs. Thanks. system-log.txt mbar-log-2014-09-29 (19-55-01).txt
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Just thought that might help with troubleshooting I'll write back once I've scanned and rebooted etc.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
When I ran mbar.exe, it said: Malwarebyte Anti-Rootkit BETA is already running. Do you really want to run another instance of the application? I clicked "Yes", I was pretty sure that was right... When I asked it to update, it said: Failed: No address found. (Presumably that's because I'm not connected to the Internet.) I'm scanning now. P.S. Maybe I should have mentioned this before, but I have Linux Mint 17 installed on the same laptop. The Internet is working on Linux Mint.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Sorry, but I'm still getting the error. I also tried downloading the file again, but I still have the same error.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
When I open Gmer, I get an error message saying: C:\Windows\system32\config\system: The process cannot access the file because it is being used by another process.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Thank you! I'm just incompetent at this sort of stuff... Okay, here's the first two attachments.... I'm going onto the next step now. Addition.txt FRST.txt
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
I used FRST before when I was trying to fix my problem, so I've checked five boxes, but can't remember which one was originally checked. Could you let me know? Thanks.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Actually, I made a mistake. I think I've found the logs. Will upload them in a sec... Hope this is right. Thanks again. mbam-log-2014-09-29 (16-20-00).xml.zip protection-log-2014-09-29.xml.zip
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with:
-
Hi, I have Windows 8.1 and don't have either of those folders in my C: drive, as far as I can see. I only have: AdwCleaner FRST inetpub Intel PerfLogs Program Files Program Files (x86) SWSetup Users Windows Thanks in advance.
- 42 replies
-
- malwarebytes
- internet
-
(and 2 more)
Tagged with: