Jump to content

"Bad Image" error after running Malwarebytes


Guest SherlockTAS

Recommended Posts

Guest SherlockTAS

I am trying to clean up a computer for a friend's daughter.   I tried downloading and running the Malwarebytes free program as it always worked in the past.  Her computer is an HP laptop running Windows 8, which I hate using, but can get around with time. 

 

The first time I ran Malwarebytes, I ended up with 4,199 results!!!  I uninstalled some programs I deemed to be malware while the program was scanning (probably shouldn't have done that), and then clicked to quarantine the items when the results finished.  Upon rebooting the computer, it stopped to install some Windows updates and after restarting, the computer failed to load beyond the desktop image.  An error popped up about bad image and explorer.exe. 

 

From there I rebooted the computer hoping it was just a fluke.  This time the computer loaded, but the majority of the programs did not work right and I kept getting "bad image" errors.  From there I decided to try restoring the computer to an earlier time and unfortunately I picked the restore point on the day most of the malware was installed.  I was a bit freaked out by the way the computer reacted to the last scanning and cleaning by Malwarebytes, so I tried uninstalling most of the malware programs myself.

 

For the most part I succeeded, but the after results of the one program, PastaLeads, persists.  It set up a proxy server, http=127.0.0.1:8800 and nothing would allow it to be changed.  If you deleted it, it would come right back after closing the connection settings.

 

Bleepingcomputer claimed using Rkill and Emsisoft Anti-Malware would get rid of it when the directions were followed.  Result = No change.  The Emsisoft scanner found 33 items, but 15 of them could not be removed and those items were all located in a Driver folder.

 

I installed Comodo Internet Security on the computer, but because of this PastaLeads, it disabled the internet browsers and Comodo's ability to update and scan. 

 

I need someone's help to get rid of the after effects of PastaLeads and ferret out any other malware.  I am currently doing a Malwarebytes scan to see if it picks anything else up, but I read other people's posts stating that Malwarebytes was unable to solve the same problem.

 

You might have to go slower with instructions with me.  I am not a novice with computers, but I am not an expert either.

Link to post
Share on other sites
  • Staff

Hello SherlockTAS, welcome to Malwarebytes' Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. :)
 
General P2P/Piracy Notice: 
 

If you are using Peer to Peer (P2P) filesharing software such as uTorrent, BitTorrent or similar you must either fully uninstall or completely disable the programme(s) from running whilst receiving assistance at this forum. 
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
If you have illegal/cracked/keygen or similar software on the computer, please remove/uninstall the software now and read the policy on Piracy. Failure to do so will also result in your topic being closed.

 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Please ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • If you are unable to copy/paste your logs directly into your post, please attach the file. 
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation and providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you will require additional time to complete my instructions.
  • Ensure you are following this topic. Click xetYzdbu.png.pagespeed.ic.U7AjmRUewW.png at the top of the page. 
     

======================================================

 

Please do the following after the Malwarebytes Scan has finished. 

If you are unable to download the file, please do so on a clean machine, and transfer the file across using a USB drive. 

 

xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
Link to post
Share on other sites
Guest SherlockTAS

No important files to worry about.  All my friend's daughter uses it for is pictures and to play The Sims 3.

 

I have to work with attachments as the browsers refuse to work because of the proxy problem.  This computer doesn't use one, but the setting won't change. 

 

The 64-bit one worked.  Funny, I saw 86-bit in this computer.

 

I'm Troy.

Addition.txt

FRST.txt

Link to post
Share on other sites
  • Staff

Hi Troy, 
 

I have to work with attachments as the browsers refuse to work because of the proxy problem.

That's OK.
 
Please consider the following suggestion, and proceed with the instructions below. 
 

goGMWSt.gifSpybot S&D No Longer Recommended

------------------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results (scroll down and read under Freeware Antispyware Products).

I would advise uninstalling Spybot S&D. The presence of this programme can make the cleaning of your computer more difficult. You can uninstall the programme by:

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for Spybot, right-click the entry and click Uninstall.
Please inform me of your decision.

 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for anything removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 

STEP 3
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 4
mlEX1wH.png RogueKiller

  • Please download RogueKiller (x64) and save the file to your Desktop.
  • Close any running programmes.
  • Right-Click RogueKiller.exe and select Run as administrator to run the programme.
  • Allow the Prescan to complete. Upon completion, a window will open. Click Accept.
  • A browser window may open. Close the browser window.
  • Click jpgUwzp.png. Upon completion, click phPvmc6.png.
  • Close the programme. Do not fix anything!
  • A log (RKreport.txt) will be open. Copy the contents of the log and paste in your next reply.
     

======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did you uninstall Spybot?
  • Fixlog.txt
  • AdwCleaner[s0].txt
  • JRT.txt
  • RKreport.txt
Link to post
Share on other sites
Guest SherlockTAS

I used the Spybot Search & Destroy to see if it would find anything and very pathetic results I got, too.  I was going to uninstall it, but decided to wait for your word before doing so.  I've uninstalled it now, but it's a pity that they let it go so far downhill.  It was once a geat product.  Should I uninstall the Emsisoft Anti-Malware program as well?

 

After the "fixlist.txt" part, it asked me to restart the computer and I clicked YES before I realized what was happening.  After it rebooted, the Comodo Internet Security Premium actually succeeded in updating itself, but I stopped it from scanning because I thought it would interfere with what we were doing.  Something is apparently working now at least as it couldn't update before.  Should we repeat something here because you never said anything about restart prompts after the "fixlist.txt"?

 

Didn't see anything legitimate in the AdwCleaner results to worry about.  The Junkware Removal Tool ran like molasses, unfortunately.  Luckily I had my my own computer to busy myself on while waiting.  I don't think it found anything.  RogueKiller found something.

 

Here are the other things you asked for.

 

 

AdwCleanerR0.txt

Fixlog.txt

JRT.txt

RKreport_SCN_12112014_004639.log

Link to post
Share on other sites
Guest SherlockTAS

Is it okay to let Comodo do a scan yet?  I intend to uninstall it soon and download a different version because their newest free version does not come with the firewall for some idiotic reason.  Makes no sense considering that you can download it separate.  Going to be using the recommeded tools to uninstall it as thoroughly as possible.

Link to post
Share on other sites
  • Staff

Hello Troy, 
 

Should I uninstall the Emsisoft Anti-Malware program as well?

Emsisoft Antimalware is a reputable programme. Far better than Comodo in my (and the security communities') opinion.
And I believe you have the paid-for version? 
 

Should we repeat something here because you never said anything about restart prompts after the "fixlist.txt"?

No, that's OK. The reboot was necessary. 
 

Didn't see anything legitimate in the AdwCleaner results to worry about.

Did you have AdwCleaner remove the items detected by clicking Clean? I see you've attached the report (AdwCleaner[R0].txt) created prior to clicking Clean. 
 

RogueKiller found something.

The items detected by RogueKiller are OK.
 

Is it okay to let Comodo do a scan yet? 

Yes, that's OK. 
 

I intend to uninstall it soon and download a different version because their newest free version does not come with the firewall for some idiotic reason.

Have you considered sticking with the Windows 8 Firewall? It's more than sufficient, and will use far less resources. 
 
-----------------------
 
STEP 1
b8zkrsY.png Browser Reset
 
Instructions on how to backup your Favourites/Bookmarks and other data can be found below.

Proceed with the reset once done.

STEP 2
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 3
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Hide advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did your browsers reset OK?
  • MBAM Scan log
  • ESET Online Scan log
Link to post
Share on other sites
Guest SherlockTAS

 

Emsisoft Antimalware is a reputable programme. Far better than Comodo in my (and the security communities') opinion.

And I believe you have the paid-for version?

 

No.  I downloaded the free version following directions on Bleepingcomputer for supposedly getting rid of the proxy changes the PastaLeads malware had made.  I have no reason to keep it.  It's not my computer and I am satisfied with Comodo on my own computer anyway.  I haven't had any problems with malware or viruses on my own computer for a very long time.

 

 

Did you have AdwCleaner remove the items detected by clicking Clean? I see you've attached the report (AdwCleaner[R0].txt) created prior to clicking Clean.

 

I believe I did.  Don't know what happened there.  Maybe I clicked to save the text report before clicking clean.  I did another scan and nothing came up in the results, so I must have clicked clean the first time.  Sorry about that.

 

 

Have you considered sticking with the Windows 8 Firewall? It's more than sufficient, and will use far less resources.

 

I wouldn't know how good the Windows 8 Firewall is.  I know how bad it was in XP and if Windows 7 has one, I don't use it.  Perhaps I could use it instead.

 

Perhaps that would help solve the problem I found when I installed Comodo on this laptop.  I apparently installed it from either the wrong link or something went wrong and I ended up with Antivirus with no firewall, which shouldn't have happened.  Perhaps Avira would be satisfactory for this kid's laptop instead of Comodo.  Comodo is too complex and too advanced for her laptop.

 

 

Instructions on how to backup your Favourites/Bookmarks and other data can be found below.

 

Don't need to worry about this.  For some reason my friend and his family don't use bookmarks much.  Me, I'm drowning in them.  I have a hard time understanding how anyone can stand to have a taskbar covered in links or type in every single website they want to visit.  Seems such a waste of time and space when you can have folders on a bookmarks bar and use one click to go to a site.

 

Anyway, Browser reset done.  No problems.

 

The Eset scanner has developed a problem.  It gets to 32% and stops scanning.  I cancelled and tried to redo the scan twice and it stops at the same area each time.  It stops at the WildTangent folder.  The Antivirus is off, so I don't know what is going on. 

 

What do I do now?  It does pick up 6 results before it gets to the WildTangent folder and freezes.

 

No results from Malwarebytes.

Link to post
Share on other sites
  • Staff

Hi Troy, 
 

I wouldn't know how good the Windows 8 Firewall is.

I suggest reading the following article on Firewalls. 
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/?p=2475503
 

What do I do now?

Try stopping and restarting the scan. 
If the scan still does not complete within a timely manner, try this alternative scan. 
 
Please let me know how the PC is performing afterwards. 
 
3GlqbMn.png HitmanPro

  • Please download HitmanPro (x64) and save the file to your Desktop.
  • Right-Click HitmanPro_x64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Next, and agree to the End User License Agreement (EULA) if prompted. 
  • Place a checkmark next to No, I only want to perform a one-time scan to check this computer.
  • Click Next.
  • The scan will start, and will typically take no longer than 2-3 minutes.
  • Upon completion, click on the drop-down menu of the found entries (if any) and select: Apply to all => Ignore <=.
  • Click Next.
  • Click Save Log, and select your Desktop as the location. Copy the contents of the log and paste in your next reply.

Note: If a drop-down menu is not present after the scan is complete, please do not delete the detected items. Close the HitmanPro window. Navigate to C:\ProgramData\HitmanPro\Logs, open the log, copy the contents and paste in your next reply.

Link to post
Share on other sites
Guest SherlockTAS

 

Try stopping and restarting the scan.

 

I rebooted the computer and ran it again.  Took over three hours and had to run it again because I forgot to uncheck "Remove items found".  Second scan took over 2 hours.

 

Did HitmanPro scan as well and it found very little.

 

Computer is currently working like it's brand new.

 

Here are the logs.

 

You don't know of a way to remove two entries from the Windows 8 Services do you? 

 

I had to use a removal tool for McAfee because some of it remained behind when I uninstalled it from this laptop.  At the end of using the tool, I got a window with a message like "Uninstalling Incomplete". The two services have apparently been removed as they are gone now from the Task Manager, but their entries remain in the Services list. 

 

I assume to get rid of the entries I need to find something in the registry?  The entries are McAfee Firewall Core Service and McAfee Validation Trust Protection Service.

 

The descriptions say <Failed to Read Description.  Error Code: 2>

HitmanPro_20141212_0328.log

MyEsetScan.txt

Link to post
Share on other sites
  • Staff

Hello Troy, 
 

Computer is currently working like it's brand new.

Excellent. 
 

You don't know of a way to remove two entries from the Windows 8 Services do you?

Yes, we can remove these. 
 
Please run a fresh FRST scan first. 
 
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
Link to post
Share on other sites
  • Staff

Hi Troy, 
 
Please do the following. 
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    startCloseProcesses:C:\Program Files (x86)\Common Files\Common dictionary\node\conf.jsC:\Users\Lauren\Desktop\revosetup.exeC:\Users\Lauren\Downloads\ccsetup418.exeC:\$Recycle.Bin\S-1-5-21-4180364761-169256126-1362377442-1001\$R72XHAD.exeC:\$Recycle.Bin\S-1-5-21-4180364761-169256126-1362377442-1001\$RQQYEZ9.exeC:\ProgramData\InstallSightSDKC:\ProgramData\eBiQOtKELfS3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)C:\Windows\system32\DRIVERS\mfencrk.sysS3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]CMD: ipconfig /flushdnsEmptyTemp:end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
YjhLJro.png SystemLook

  • Please download SystemLook (x64) and save the file to your Desktop.
  • Right-Click SystemLook_x64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Copy the entire contents of the codebox below and paste into the textfield.
    :filefind*McAfee*:folderfind​*McAfee*:regfindMcAfee
  • Click the Ji0XpU4.png button to start the scan.
  • Upon completion, a log (SystemLook.txt) will open. Copy the contents of the log and paste in your next reply.
  • Click the OCFv7xc.png button. 
     

======================================================
 
STEP 3
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Fixlog.txt
  • SystemLook.txt
Link to post
Share on other sites
Guest SherlockTAS

Don't be surprised by the results in the Fixlog.txt.  I stumbled across the Downloads folder on the laptop and deleted the .exe files that were in there figuring they were just a waste of space.  I intend to securely delete them using Ccleaner if that's ok.

 

I was shocked by the results of the SystemLook.

Fixlog.txt

SystemLook.txt

Link to post
Share on other sites
Guest SherlockTAS

Hello Troy, 

 

Which McAfee removal tool did you run? 

 

Which version of McAfee did you have installed?

 

According to the online Specs for the laptop, this is what I have here.  http://h10025.www1.hp.com/ewfrf/wc/document?docname=c04272271&tmp_task=prodinfoCategory&cc=us&dlc=en〈=en&lc=en&product=7124129

 

It says it came with a Free 30-day Trial of McAfee LiveSafe service included.  

 

Had to look for the tool again.  The laptop / notebook for some reason emptied the recycle bin on it's own.  

 

I probably ran this.  http://www.majorgeeks.com/files/details/mcafee_consumer_product_removal_tool.html

Link to post
Share on other sites
  • Staff

Hi Troy, 
 
Nothing significant that's related to McAfee has been left over. 
So I wouldn't worry any about it. 
 
Lets update the vulnerable software to reduce the risk of reinfection. 
 
STEP 1
CXrghb6.png Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

STEP 2
oxliOQk.png Security Check

  • Please download SecurityCheck and save the file to your Desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your Desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • checkup.txt
  • How is your computer performing? Are there any outstanding issues?
Link to post
Share on other sites
Guest SherlockTAS

Adobe Shockwave Player and Google Chrome updated.  Installed 1 critical update on Windows Update.  It claims there are 3 optional ones available.  All three have generic descriptions as usual.  Here are links to info on these three optional updates.  What's your opinion of them, because I don't understand this Windows 8 very well yet.

 

http://support.microsoft.com/kb/3000850

http://support.microsoft.com/kb/3013769

http://support.microsoft.com/kb/3013816

 

Here is the log.  I may uninstall Bitdefender.  It may be one of the best Antivirus programs out there, but the interface is blunt and not user-friendly at all.  It told me it detected some things and I am still not sure if I found a list yet, beyond the lousy description in the logs.  Avira free seemed too plain and lacked features, so I passed on it.  Everything I've looked at so far makes me prefer Comodo.

 

 Results of screen317's Security Check version 0.99.93  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Bitdefender Antivirus Free Edition   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 MVPS Hosts File  
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 Bitdefender Antivirus Free Edition gzserv.exe  
 Bitdefender Antivirus Free Edition gziface.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
So far the computer is functioning very well.  No problems to report as I sort out things on the computer to make it more user-friendly.  Installed Classic Shell so it would have a start menu again.  Am I free to delete all the programs we downloaded yet?  
 
I have to create a "Recovery set" yet so the exclamation mark goes away from the HP Support Assistant.  
 
What exactly is OneDrive sync and can it be disabled?  It always says files can't sync and I understand that this is a common problem, but I don't know what it's for.  I understand it has something to do with sharing files in the cloud, but I know nothing about how that works nor why my friend's daughter would be likely to use it.
Link to post
Share on other sites
  • Staff

Hi Troy, 
 

It claims there are 3 optional ones available.  All three have generic descriptions as usual.  Here are links to info on these three optional updates.  What's your opinion of them, because I don't understand this Windows 8 very well yet.

I would go ahead and install the optional updates. There's no harm in doing so. 
 

It may be one of the best Antivirus programs out there

Have a read of the following article on picking an Anti-Virus:
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/?p=2316629
 

Am I free to delete all the programs we downloaded yet?  

Instructions on how to do so below. 
 

What exactly is OneDrive sync and can it be disabled?

OneDrive (from Microsoft) is free online storage solution across multiple platforms (PC, tablet, mobile device, etc).
OneDrive will sync files stored to all devices connected, allowing seamless accessibility no matter what device you're using.
 
If OneDrive is not used, it can be disabled.  
 
----------------
 
At this stage, I think we're just about all set. 
 
All Clean!
Congratulations, your computer appears clean! :)
I no longer see signs of malware on your computer, and feel satisfied that our work here is done. The steps below will remove the tools we have used, and reset any settings changed. I have also provided a list of resources and tools that you may find useful
 
My help will always be free. But if you are happy with the help provided, and would like to support my fight against malware and/or buy me a beer, please consider a donation. YSCcjW7.png
 
AFZxnZc.jpg DelFix

  • Please download DelFix and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset system settings
  • Click the Run button.

-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
 
======================================================
 
I have compiled below a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet.

The following programmes come highly recommended in the security community.

  • xKsUqI5A.png.pagespeed.ic.vn1Hlvqi8h.jpg AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
  • E8I37RF.pngCryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware. 
  • EG85Vjt.png Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
  • x6YRrgUC.png.pagespeed.ic.HjgFxjvw2Z.jpg Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
  • xjv4nhMJ.png.pagespeed.ic.A5YbWn1eDO.png NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
  • 3O8r9Uq.png Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
  • DgW1XL2.png.pagespeed.ce.v1OlJl_ZAS.png Secunia PSI will scan your computer for vulnerable software that is outdatedand automatically find the latest update for you.
  • xj1OLIec.png.pagespeed.ic.k6hhwopU0q.jpg SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
  • xJEP5iWI.png.pagespeed.ic.4tmM1lM7DQ.png Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.

-- Please feel free to ask if you have any questions or concerns on computer security or the programmes above.
 
======================================================
 
Please confirm you have no outstanding issues, and are happy with the state of your computer. Once I have confirmation things are in order, we can wrap things up and I will close this thread. 
 
Thank you for using Malwarebytes.
 
Safe Surfing. :)
Adam

Link to post
Share on other sites
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.