Jump to content

Had Exploit:Jave/cve-2012-4681 don't think it's all gone


Recommended Posts

Ok, now I'm getting two messages:

1. Solve a problem with Java - it did run an update the other day with no problem and I confirmed the correct version was installed, but when I check this one it doesn't tell me what the problem is, just says it can't solve it and to check my internet connection. Not Java again!

2. Windows Backup has not been set up.

Also, could the antivirus, firewall be messing us up? I'm just trying to guess at it :-).

Link to post
Share on other sites
  • Replies 207
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Posted Images

I cannot see anything wrong with that key, this is just a puzzle within an enigma..... i honestly feel the best way forward is a repair install, you will not lose your user accounts, data, programs, and system drivers....

 

I remember you mentioned an external drive with valuable data, when the repair install completes comeback and let me know and we can check over that drive....

 

The full instructions for the the repair install are at the following link:  http://www.sevenforums.com/tutorials/3413-repair-install.html

 

Let me know how you progress...

 

Cheers,

 

Kevin...

Link to post
Share on other sites

Ok, now I'm nervous - I won't start that tonight; I'll work on it this weekend. Also, I believe the external hard drive will be infected. What WILL I lose - emails, files; just trying to figure out how I can save more of my stuff. If email is going to be gone, I will have to start forwarding them one by one to a different account. Thanks, Kevin :-)

Link to post
Share on other sites

Do not worry about the external HD we can easily scan that without any issues. Any normal Data should be OK, files, videos, pictures, programs, etc etc.... Regarding your emails that really depends on the client, many are web based so you can access them from amy PC...

 

Have a read of the instructions at the link I posted, they are more or less straightforward. Read them through a couple of times, make sure you are happy with the steps required. If you are not sure just post back, i`ll help if I can....

Link to post
Share on other sites

Ok, I'm reading through the instructions and it says I need an ISO?  What's that and why do I need it if I have the original installation disc?  Also, I'm running a quick scan with the Microsoft Security Scanner again because the computer started doing weird things today and I'm back to it just clicking if I try to access the security scanner.  I just wanted to see if that virus was back again somehow.

Link to post
Share on other sites

Oh good, so I don't need that.  Also, should I delete all the files we added (FRST, ESET, BFE, etc) before doing it?  I'm going to dump as much of my stuff as I can so I can maybe see better if anything is missing afterward.  Thanks!

Link to post
Share on other sites

Run Delfix, that will remove most of the stuff we`ve used....

 

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:



  •    
  • Remove disinfection tools



Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…
 

Link to post
Share on other sites

I read through the instructions again and they say in the which type of installation step that I should choose upgrade.  Won't that take me from Windows 7 to Windows 10?  I have enough problems without having to learn a new version right now :-).  I know the Win10 upgrade button is sitting in my tray now so won't they automatically use that?  Thanks!

Link to post
Share on other sites

No that is not what it means, those instructions have been listed prior to the conception of Windows 8, so Windows 10 was just a dream....i assume it means a later version of windows 7, more updated....

 

Why would you not consider Windows 10 anyway, it is like windows 7 and 8 combined. I`ve got it on all of my systems...... Far superior to W7

Link to post
Share on other sites

I guess just because I don't know how to use it :-).  I never tried 8, so I don't know how it works.  I would rather just repair 7, then worry about getting the upgrade for 10 afterwards.  Ok, here goes, crossing fingers!

Link to post
Share on other sites

No, it's a genuine retail (box and everything) version.  It has the 32 and 64 bit versions in the plastic case.  I used the 64 bit version.  That COMCTL32.dll file has been giving me error messages several times since I caught this virus.

Link to post
Share on other sites

Yes, that's the weird thing - everything seems nearly normal.  It boots a bit slowly, but everything is fine once I'm in except MBAE won't start and I'm back to not being able to access that Microsoft scanner page.  I just have this paranoid feeling that the virus is still in here hiding somewhere :-).

Link to post
Share on other sites

Can you run this for me...

 

Please download SystemLook from the following link below and save it to your Desktop. Use the correct version 32bit or 64bit.

http://jpshortstuff.247fixes.com/SystemLook_x64.exe     <<-   64 bit….

http://images.malwareremoval.com/jpshortstuff/SystemLook.exe   <<-  32 bit

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :filefindCOMCTL32.dll
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.



Note: The log can also be found on your Desktop entitled SystemLook.txt
 

Link to post
Share on other sites

Ok, here are the results:

SystemLook 30.07.11 by jpshortstuff

Log created at 18:46 on 24/01/2016 by Patricia

Administrator - Elevation successful

========== filefind ==========

Searching for "COMCTL32.dll"

C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.10586.0_none_396e892957c7fb25\comctl32.dll --a---- 679776 bytes [07:09 30/10/2015] [07:09 30/10/2015] (Unable to calculate MD5)

C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22\comctl32.dll --a---- 2555744 bytes [07:09 30/10/2015] [07:09 30/10/2015] (Unable to calculate MD5)

C:\Windows\System32\comctl32.dll --a---- 633856 bytes [13:32 10/06/2015] [18:17 24/04/2015] 51F89CE2D0FEC66070354504E6C4C3E4

C:\Windows\SysWOW64\comctl32.dll --a---- 530432 bytes [13:32 10/06/2015] [17:56 24/04/2015] 58788565442368B0615DDAF1D452B843

C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll --a---- 633856 bytes [03:24 21/11/2010] [03:24 21/11/2010] 14DFDEAF4E589ED3F1FF187A86B9408C

C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_97c9d703ee91c7f1\comctl32.dll --a---- 633856 bytes [19:59 09/10/2013] [12:50 04/07/2013] 9028D1621C43DF8DFBD1C76860412A11

C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18837_none_97af745feea4a2b8\comctl32.dll --a---- 633856 bytes [13:32 10/06/2015] [18:17 24/04/2015] 51F89CE2D0FEC66070354504E6C4C3E4

C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_980cc5cd07e3aa05\comctl32.dll --a---- 633856 bytes [19:59 09/10/2013] [12:10 04/07/2013] 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2

C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_983ae9e107c0a872\comctl32.dll --a---- 633856 bytes [13:32 10/06/2015] [18:23 24/04/2015] 8B2DB34CCD937CD4ADF7DE62C9E79069

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll --a---- 633856 bytes [03:24 21/11/2010] [03:24 21/11/2010] 14DFDEAF4E589ED3F1FF187A86B9408C

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll --a---- 633856 bytes [19:59 09/10/2013] [12:50 04/07/2013] 9028D1621C43DF8DFBD1C76860412A11

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_a6ba9bf96e3dcd13\comctl32.dll --a---- 633856 bytes [19:59 09/10/2013] [12:10 04/07/2013] 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.23039_none_a6b7fbc96e401250\comctl32.dll --a---- 633856 bytes [13:32 10/06/2015] [18:23 24/04/2015] 8B2DB34CCD937CD4ADF7DE62C9E79069

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll --a---- 2030080 bytes [03:23 21/11/2010] [03:23 21/11/2010] 7FA8FDC2C2A27817FD0F624E78D3B50C

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52\comctl32.dll --a---- 2030592 bytes [11:44 13/05/2015] [03:15 30/03/2015] 4AE5551E961CC766CC1488A7A7E1A68F

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll --a---- 2030592 bytes [13:32 10/06/2015] [18:12 24/04/2015] 271DC9A33422D9A85E3790A0AF0A91EF

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23011_none_e36c02c33101d537\comctl32.dll --a---- 2030592 bytes [11:44 13/05/2015] [03:15 30/03/2015] 47B2383EF858719225311A4A259A4CD6

C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23039_none_e36d4d173100d4ed\comctl32.dll --a---- 2030592 bytes [13:32 10/06/2015] [18:15 24/04/2015] E6FD06E7948B35B604CF188B554E9760

C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll --a---- 530432 bytes [03:23 21/11/2010] [03:23 21/11/2010] BDAC1AA64495D0F7E1FF810EBBF1F018

C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_3bab3b80363456bb\comctl32.dll --a---- 530432 bytes [19:59 09/10/2013] [11:50 04/07/2013] 75F5E1FE8D55CF8E577E0EC5F2290D3F

C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18837_none_3b90d8dc36473182\comctl32.dll --a---- 530432 bytes [13:32 10/06/2015] [17:56 24/04/2015] 58788565442368B0615DDAF1D452B843

C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_3bee2a494f8638cf\comctl32.dll --a---- 530432 bytes [19:59 09/10/2013] [11:54 04/07/2013] 700BD5A6AA5381D1D8ADC4045149DBF6

C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_3c1c4e5d4f63373c\comctl32.dll --a---- 530432 bytes [13:32 10/06/2015] [18:00 24/04/2015] 71DD9528DD7D36EB853020401D66089D

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll --a---- 530432 bytes [03:24 21/11/2010] [03:24 21/11/2010] BDAC1AA64495D0F7E1FF810EBBF1F018

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll --a---- 530432 bytes [19:59 09/10/2013] [11:50 04/07/2013] 75F5E1FE8D55CF8E577E0EC5F2290D3F

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll --a---- 530432 bytes [13:32 10/06/2015] [17:56 24/04/2015] 58788565442368B0615DDAF1D452B843

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_ee67d2d082b9f619\comctl32.dll --a---- 530432 bytes [19:59 09/10/2013] [11:54 04/07/2013] 700BD5A6AA5381D1D8ADC4045149DBF6

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.23039_none_ee6532a082bc3b56\comctl32.dll --a---- 530432 bytes [13:32 10/06/2015] [18:00 24/04/2015] 71DD9528DD7D36EB853020401D66089D

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll --a---- 1680896 bytes [03:23 21/11/2010] [03:23 21/11/2010] 352B3DC62A0D259A82A052238425C872

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458\comctl32.dll --a---- 1680896 bytes [11:44 13/05/2015] [03:02 30/03/2015] 346DAA8204508A44B7211CC28B830CC5

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll --a---- 1680896 bytes [13:32 10/06/2015] [17:54 24/04/2015] 885E18B2D0A445FB637850282530EB72

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23011_none_2b19399a457dfe3d\comctl32.dll --a---- 1680896 bytes [11:44 13/05/2015] [03:00 30/03/2015] 791206E0343AD8E61826E063F2E4C885

C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23039_none_2b1a83ee457cfdf3\comctl32.dll --a---- 1680896 bytes [13:32 10/06/2015] [17:57 24/04/2015] F7F754DDAA6AF9D3F3549F7013BFDF70

-= EOF =-

Link to post
Share on other sites

I assume FRST is still on your Desktop..... If so run the following:

 

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Open the following Link: https://support.microsoft.com/en-gb/mats/windows_firewall_diagnostic Run the Fixit then re-boot your system.....

 

When the system has re-boot can you run FSS again and post the log...

 

 

Fixlist.txt

Link to post
Share on other sites

I didn't still have it; I ran that program to delete everything we did so I downloaded it again:

Fix result of Farbar Recovery Scan Tool (x64) Version:24-01-2016

Ran by Patricia (2016-01-24 19:43:51) Run:1

Running from C:\Users\Patricia\Desktop

Loaded Profiles: Patricia (Available Profiles: Patricia)

Boot Mode: Normal

==============================================

fixlist content:

*****************

Start

Replace: C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_983ae9e107c0a872\comctl32.dll C:\Windows\System32\comctl32.dll

Replace: C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_3c1c4e5d4f63373c\comctl32.dll C:\Windows\SysWOW64\comctl32.dll

end

*****************

C:\Windows\System32\comctl32.dll => moved successfully

C:\Windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_983ae9e107c0a872\comctl32.dll copied successfully to C:\Windows\System32\comctl32.dll

C:\Windows\SysWOW64\comctl32.dll => moved successfully

C:\Windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_3c1c4e5d4f63373c\comctl32.dll copied successfully to C:\Windows\SysWOW64\comctl32.dll

==== End of Fixlog 19:43:51 ====

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.