Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Mine is mild by Comparison no doubt
Message
<blockquote data-quote="Jack" data-source="post: 41310" data-attributes="member: 1"><p>There aren't any sings of active malicious files in your log however there are signs of residual damage and some crapware that you should remove/uninstall.</p><p></p><p><span style="font-size: 15px">Step 1: <strong>Run the OTL Fix</strong></span></p><p></p><ol> <li data-xf-list-type="ol">Under the <strong>Custom Scans/Fixes </strong> box at the bottom, copy and paste the contents of the following box:<br /> <br /> <br /> [code]:OTL<br /> O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.<br /> O3 - HKU\S-1-5-21-1189801336-2896965078-2594968202-1000\..\Toolbar\WebBrowser: (no name) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - No CLSID value found.<br /> O3 - HKU\S-1-5-21-1189801336-2896965078-2594968202-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.<br /> O3 - HKU\S-1-5-21-1189801336-2896965078-2594968202-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.<br /> O4 - HKLM..\Run: [] File not found<br /> O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)<br /> O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found<br /> O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76<br /> O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69FF1CA4-711D-49B6-971C-4FAF8CD49ECF}: DhcpNameServer = 75.75.75.75 75.75.76.76<br /> <br /> :Services<br /> <br /> :Reg<br /> <br /> :Files<br /> <br /> :Commands<br /> [RESETHOSTS]<br /> [purity]<br /> [emptytemp]<br /> [EMPTYFLASH]<br /> [Reboot][/code]<br /> <br /> </li> <li data-xf-list-type="ol">Then click the <strong>Run Fix</strong> button at the top</li> <li data-xf-list-type="ol">Let the program run unhindered, reboot the PC when it is done</li> <li data-xf-list-type="ol">Once you see a message box "<strong>Fix complete! Click OK to open the fix log.</strong>"</li> <li data-xf-list-type="ol">Click the <strong>OK</strong> button</li> <li data-xf-list-type="ol">The log will open in <strong>Notepad</strong> (your default text editor).</li> <li data-xf-list-type="ol">Save the log. <strong>Post a copy of that log in your next reply</strong>.<br /> <br /> <br /> <em>Note:</em> If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.<br /> <br /> If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start-All Programs-Accessories-Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the <em>C:\_OTL\MovedFiles</em> folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.</li> </ol><p></p><p><span style="font-size: 15px">Step 2 : <strong>Update Java</strong></span></p><p></p><p></p><p><strong><span style="color: #0000FF">Your Java is out of date.</span></strong> Older versions have vulnerabilities that malware can use to infect your system. <strong>Please follow these steps to remove older version Java components and update.</strong></p><p></p><p>Please follow these steps to remove older version Java components and update:</p><ul> <li data-xf-list-type="ul">Download the latest version of <a href="http://www.oracle.com/technetwork/java/javase/downloads/index.html" target="_blank">Java Runtime Environment (JRE) Version 7</a> and save it to your desktop.</li> <li data-xf-list-type="ul">Look for "<strong>Java Platform, Standard Edition</strong>".</li> <li data-xf-list-type="ul">Click the "<strong>Download JRE</strong>" button to the right.</li> <li data-xf-list-type="ul">Read the License Agreement, and then check the box that says: "<strong>Accept License Agreement</strong>".</li> <li data-xf-list-type="ul">From the list, <strong>select your OS and Platform</strong> (32-bit or 64-bit).</li> <li data-xf-list-type="ul">If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.</li> <li data-xf-list-type="ul">Close any programs you may have running - especially your web browser.</li> </ul><p></p><p>Go to Start > Control Panel, double-click on <em>Add/Remove Programs</em> or<em> Programs and Features <ul> <li data-xf-list-type="ul"> in Vista/Windows 7 and remove <strong>all</strong> older versions of Java.<ul> <li data-xf-list-type="ul">Check (highlight) any item with <strong>Java Runtime Environment (JRE or J2SE)</strong> in the name.</li> <li data-xf-list-type="ul">Click the <strong>Remove</strong> or <strong>Change/Remove</strong> button and follow the onscreen instructions for the Java uninstaller.</li> <li data-xf-list-type="ul">Repeat as many times as necessary to remove each Java versions.</li> <li data-xf-list-type="ul">Reboot your computer once all Java components are removed.</li> <li data-xf-list-type="ul">Then from your desktop double-click on <strong>jre-7u2-windows-i586.exe</strong> (or <strong>jre-7u2-windows-x64.exe</strong> for 64-bit) to install the newest version.</li> <li data-xf-list-type="ul">If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then <strong>Run As Administrator</strong>.</li> <li data-xf-list-type="ul">When the Java Setup - Welcome window opens, click the <strong>Install ></strong> button.</li> <li data-xf-list-type="ul">If offered to install a Toolbar, just <strong>uncheck</strong> the box before continuing unless you want it.<br /> The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.</li> </ul><br /> <em>Note:</em> The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. <br /> To disable the JQS service if you don't want to use it:<ul> <li data-xf-list-type="ul">Go to <em>Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.</em></li> <li data-xf-list-type="ul">Click Ok and reboot your computer.</li> </ul><br /> To test your Java Run-time, you may go to <a href="http://www.java.com/en/download/help/testvm.xml" target="_blank"><span style="color: #0000FF">this page</span></a><br /> <br /> <br /> <span style="font-size: 15px">Step 3 : <strong>Scan with ESET Online Scanner</strong></span><br /> <br /> <br /> You can start a online scan with ESET Online Scanner from <strong><a href="http://www.eset.eu/online-scanner" target="_blank">here</a></strong><br /> <br /> <strong>Note:</strong> You will need to use Internet Explorer for this scan.<ul> <li data-xf-list-type="ul">Tick the box next to <strong>YES, I accept the Terms of Use</strong>.</li> <li data-xf-list-type="ul">Click <strong>Start </strong></li> <li data-xf-list-type="ul">When asked, allow the activex control to install</li> <li data-xf-list-type="ul">Click <strong>Start </strong>.</li> <li data-xf-list-type="ul">Click <strong>Scan</strong>.</li> <li data-xf-list-type="ul">Wait for the scan to finish.</li> <li data-xf-list-type="ul">A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.</li> </ul><br /> Re-scan with OTL after this steps and <strong>post a fresh OTL log</strong>.</li> </ul><p></em></p></blockquote><p></p>
[QUOTE="Jack, post: 41310, member: 1"] There aren't any sings of active malicious files in your log however there are signs of residual damage and some crapware that you should remove/uninstall. [SIZE=4]Step 1: [b]Run the OTL Fix[/b][/SIZE] [list=1][*]Under the [b]Custom Scans/Fixes [/b] box at the bottom, copy and paste the contents of the following box: [code]:OTL O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1189801336-2896965078-2594968202-1000\..\Toolbar\WebBrowser: (no name) - {0457331D-8CA6-4F97-9C26-6A9EF2B2DBA8} - No CLSID value found. O3 - HKU\S-1-5-21-1189801336-2896965078-2594968202-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found. O3 - HKU\S-1-5-21-1189801336-2896965078-2594968202-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{69FF1CA4-711D-49B6-971C-4FAF8CD49ECF}: DhcpNameServer = 75.75.75.75 75.75.76.76 :Services :Reg :Files :Commands [RESETHOSTS] [purity] [emptytemp] [EMPTYFLASH] [Reboot][/code] [*]Then click the [b]Run Fix[/b] button at the top [*]Let the program run unhindered, reboot the PC when it is done [*]Once you see a message box "[b]Fix complete! Click OK to open the fix log.[/b]" [*]Click the [b]OK[/b] button [*]The log will open in [b]Notepad[/b] (your default text editor). [*]Save the log. [b]Post a copy of that log in your next reply[/b]. [i]Note:[/i] If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start-All Programs-Accessories-Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the [i]C:\_OTL\MovedFiles[/i] folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.[/list] [SIZE=4]Step 2 : [b]Update Java[/b][/SIZE] [b][color=#0000FF]Your Java is out of date.[/color][/b] Older versions have vulnerabilities that malware can use to infect your system. [b]Please follow these steps to remove older version Java components and update.[/b] Please follow these steps to remove older version Java components and update: [list][*]Download the latest version of [url=http://www.oracle.com/technetwork/java/javase/downloads/index.html]Java Runtime Environment (JRE) Version 7[/url] and save it to your desktop. [*]Look for "[b]Java Platform, Standard Edition[/b]". [*]Click the "[b]Download JRE[/b]" button to the right. [*]Read the License Agreement, and then check the box that says: "[b]Accept License Agreement[/b]". [*]From the list, [b]select your OS and Platform[/b] (32-bit or 64-bit). [*]If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop. [*]Close any programs you may have running - especially your web browser.[/list] Go to Start > Control Panel, double-click on [i]Add/Remove Programs[/i] or[i] Programs and Features[list][*] in Vista/Windows 7 and remove [b]all[/b] older versions of Java. [list][*]Check (highlight) any item with [b]Java Runtime Environment (JRE or J2SE)[/b] in the name. [*]Click the [b]Remove[/b] or [b]Change/Remove[/b] button and follow the onscreen instructions for the Java uninstaller. [*]Repeat as many times as necessary to remove each Java versions. [*]Reboot your computer once all Java components are removed. [*]Then from your desktop double-click on [b]jre-7u2-windows-i586.exe[/b] (or [b]jre-7u2-windows-x64.exe[/b] for 64-bit) to install the newest version. [*]If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then [b]Run As Administrator[/b]. [*]When the Java Setup - Welcome window opens, click the [b]Install >[/b] button. [*]If offered to install a Toolbar, just [b]uncheck[/b] the box before continuing unless you want it. The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.[/list] [i]Note:[/i] The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it: [list][*]Go to [i]Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.[/i] [*]Click Ok and reboot your computer.[/list] To test your Java Run-time, you may go to [url=http://www.java.com/en/download/help/testvm.xml][color=#0000FF]this page[/color][/url] [SIZE=4]Step 3 : [b]Scan with ESET Online Scanner[/b][/SIZE] You can start a online scan with ESET Online Scanner from [b][url=http://www.eset.eu/online-scanner]here[/url][/b] [b]Note:[/b] You will need to use Internet Explorer for this scan. [list] [*]Tick the box next to [b]YES, I accept the Terms of Use[/b]. [*]Click [b]Start [/b] [*]When asked, allow the activex control to install [*]Click [b]Start [/b]. [*]Click [b]Scan[/b]. [*]Wait for the scan to finish. [*]A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.[/list] Re-scan with OTL after this steps and [b]post a fresh OTL log[/b].[/list][/i] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
