Jump to content

Elise

Experts
  • Content Count

    8,720
  • Joined

  • Last visited

Posts posted by Elise


  1. That is not known as a malicious file, but to be sure you may want to uninstall Apple Application support.

    Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:

    • Download the latest version of Adobe Reader Version X. and save it to your desktop.
    • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
    • Click the download button at the bottom.
    • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
    • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
      If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
    • Then from your desktop double-click on Adobe Reader to install the newest version.
      If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the "Adobe Setup - Welcome" window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

    Your Adobe Reader is now up to date!

    Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

    • Download the latest version of Java Runtime Environment (JRE) Version 7u4.
    • Look for "JDK 7u4 (JDK or JRE).
    • Click the "Download JRE" button at the right.
    • Read the License Agreement, and then check the box that says: "Accept License Agreement".
      • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe

      [*]Save it to your desktop

      [*]Close any programs you may have running - especially your web browser.

      [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

      [*]Reboot your computer once all Java components are removed.

      [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

    ESET ONLINE SCANNER

    ----------------------------

    I'd like us to scan your machine with ESET OnlineScan

    1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
    2. Click the esetonlinebtn.png button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

      1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the esetsmartinstaller_enu.png
        icon on your desktop.

      3. Check "YES, I accept the Terms of Use."
      4. Click the Start button.
      5. Accept any security warnings from your browser.
      6. Under scan settings, check "Scan Archives" and "Remove found threats"
      7. Click Advanced settings and select the following:
        • Scan potentially unwanted applications
        • Scan for potentially unsafe applications
        • Enable Anti-Stealth technology

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, click List Threats

    [*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Click the Back button.

    [*]Click the Finish button.


  2. I see I forgot to answer your earlier question: a reformat of C might be enough, although it depends a bit what you ahve on your other partitions.

    OTL

    -----

    Please download OTL from one of the following mirrors:

    [*]Save it to your desktop.

    [*]Double click on the otlicon.png icon on your desktop.

    [*]Click the "Scan All Users" checkbox.

    [*]Copy and Paste the following code into the customscanfix.png textbox.

    netsvcs

    [*]Push runscan.png

    [*]A report will open. Copy and Paste that report in your next reply.


  3. No problem, that should have installed the right version. In the log only some cache objects show up (which have nothing to do with the actual Java installation, but with page content you visited).

    ALL CLEAN

    --------------

    Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :)

    Please do the following to remove the remaining programs from your PC:

    • Delete the tools used during the disinfection:
      • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time. In the run box type combofix /uninstall, then press OK.
        run-box.jpg
      • This will remove Combofix and other tools we used from your computer.

      [*]You can delete any other tool or log by simply deleting them.

    Please read the following advice on how to prevent reinfecting your PC:

    1. Install and update the following programs regularly:
      • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
        A comprehensive tutorial and a list of possible firewalls can be found here.
      • an AntiVirus Software
        It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
      • an Anti-Spyware program
        Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
        SUPERAntiSpyware is another good scanner with high detection and removal rates.
        Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
      • Spyware Blaster
        A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.

    [*]Keep Windows (and your other Microsoft software) up to date!

    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

    [*]Keep your other software up to date as well

    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

    [*]Stay up to date!

    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

    Some more links you might find of interest:

    Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.


  4. No problem, glad it worked! :)

    P2P WARNING

    -------------------

    Going over your logs I noticed that you have uTorrent installed.

    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
    • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
    • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
    • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

    It is pretty much certain that if you continue to use P2P programs, you will get infected again.

    I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.

    If you wish to keep it, please do not use it until your computer is cleaned.

    Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

    • Download the latest version of Java Runtime Environment (JRE) Version 7u4.
    • Look for "JDK 7u4 (JDK or JRE).
    • Click the "Download JRE" button at the right.
    • Read the License Agreement, and then check the box that says: "Accept License Agreement".
      • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe

      [*]Save it to your desktop

      [*]Close any programs you may have running - especially your web browser.

      [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

      [*]Reboot your computer once all Java components are removed.

      [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

    ESET ONLINE SCANNER

    ----------------------------

    I'd like us to scan your machine with ESET OnlineScan

    1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
    2. Click the esetonlinebtn.png button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

      1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the esetsmartinstaller_enu.png
        icon on your desktop.

      3. Check "YES, I accept the Terms of Use."
      4. Click the Start button.
      5. Accept any security warnings from your browser.
      6. Under scan settings, check "Scan Archives" and "Remove found threats"
      7. Click Advanced settings and select the following:
        • Scan potentially unwanted applications
        • Scan for potentially unsafe applications
        • Enable Anti-Stealth technology

    [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

    [*]When the scan completes, click List Threats

    [*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

    [*]Click the Back button.

    [*]Click the Finish button.


  5. You are welcome. :) I hope you'll be able to sort the remaining issue out as well.

    ALL CLEAN

    --------------

    Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :)

    Please do the following to remove the remaining programs from your PC:

    • Delete the tools used during the disinfection:
      • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time. In the run box type combofix /uninstall, then press OK.
        run-box.jpg
      • This will remove Combofix and other tools we used from your computer.

      [*]You can delete any other tool or log by simply deleting them.

    Please read the following advice on how to prevent reinfecting your PC:

    1. Install and update the following programs regularly:
      • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
        A comprehensive tutorial and a list of possible firewalls can be found here.
      • an AntiVirus Software
        It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
      • an Anti-Spyware program
        Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
        SUPERAntiSpyware is another good scanner with high detection and removal rates.
        Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
      • Spyware Blaster
        A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.

    [*]Keep Windows (and your other Microsoft software) up to date!

    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

    [*]Keep your other software up to date as well

    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

    [*]Stay up to date!

    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

    Some more links you might find of interest:

    Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.


  6. That looks excellent! :)

    ALL CLEAN

    --------------

    Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :)

    Please do the following to remove the remaining programs from your PC:

    • Delete the tools used during the disinfection:
      • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time. In the run box type combofix /uninstall, then press OK.
        run-box.jpg
      • This will remove Combofix and other tools we used from your computer.

      [*]You can delete any other tool or log by simply deleting them.

    Please read the following advice on how to prevent reinfecting your PC:

    1. Install and update the following programs regularly:
      • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
        A comprehensive tutorial and a list of possible firewalls can be found here.
      • an AntiVirus Software
        It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
      • an Anti-Spyware program
        Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
        SUPERAntiSpyware is another good scanner with high detection and removal rates.
        Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
      • Spyware Blaster
        A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.

    [*]Keep Windows (and your other Microsoft software) up to date!

    I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

    Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

    [*]Keep your other software up to date as well

    Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

    [*]Stay up to date!

    The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

    Some more links you might find of interest:

    Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.


  7. Hi, that is looking quite good! :) Do you have any problem left at this point?

    Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:

    • Download the latest version of Adobe Reader Version X. and save it to your desktop.
    • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
    • Click the download button at the bottom.
    • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
    • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
      If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
    • Then from your desktop double-click on Adobe Reader to install the newest version.
      If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
    • When the "Adobe Setup - Welcome" window opens, click the Install > button.
    • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

    Your Adobe Reader is now up to date!

    Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

    • Download the latest version of Java Runtime Environment (JRE) Version 7u4.
    • Look for "JDK 7u4 (JDK or JRE).
    • Click the "Download JRE" button at the right.
    • Read the License Agreement, and then check the box that says: "Accept License Agreement".
      • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe

      [*]Save it to your desktop

      [*]Close any programs you may have running - especially your web browser.

      [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

      [*]Reboot your computer once all Java components are removed.

      [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

    Finally, please launch MBAM, update it and run a full scan. Post me the resulting log.


  8. Hi, that looks good, fortunately the infection was no longer completely active.

    COMBOFIX

    ---------------

    Please download ComboFix from one of these locations:


    Bleepingcomputer
    ForoSpyware

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
    • Double click on Combofix.exe and follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

    Query_RC.gif

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    RC_successful.gif

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.


  9. It depends a bit, but yes, that might be broken. that doesn't mean the information is lost though, it does mean however that it might be difficult to access the recovery image (you would have to manually alter the partition table to set it to boot straight into recovery if you wanted that). If you have a Dell reinstall CD there is no need to worry about that though.

    This is a tricky infection and sometimes the command does not outright detect the infection. It is also possible that the main components is not there, however other parts are still present and need to be removed (which will be done by this tool).

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.