Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Assistance needed to remove malware from my computer. Thanks

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Assistance needed to remove malware from my computer. Th

Unread postby Gizzy » February 4th, 2011, 2:22 pm

Hi spcvrm,

Update Adobe Reader
Your version of Adobe Reader is out of date,
Older versions have vulnerabilities that can be used to infect your system, It is strongly suggested that you update to the current version. Adobe Reader X (10)
You can download it from: http://get.adobe.com/reader/

Install it, then go to Add/Remove Programs and remove all older versions that may remain.


Update Java
You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason it's extremely important that you keep the program up to date and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 23.

  1. Go Here
  2. Click the Windows 7/XP/Vista/2000/2003/2008 Offline link to download it, Save this to a convenient location.
  3. Go to Start > Control Panel > Add or Remove Programs
  4. Uninstall all old versions of Java (Java 2 Runtime Environment JRE or JSE)
  5. Reboot your computer
  6. Delete the folder C:\Program Files\Java if present
  7. Install the new version by double-clicking the downloaded file jre-6u23-windows-i586-s.exe and follow the on-screen instructions.
  8. Reboot your computer


TFC (Temp File Cleaner)
  1. Please download TFC from here and save it to your desktop.
  2. Double-click TFC.exe to run the program.
  3. Click the Start button in the bottom left of TFC
  4. If prompted, click Yes to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes, and may only take a few seconds. Only if needed will you be prompted to reboot.


Disable Avira anti-virus
  1. Please navigate to the system tray on the bottom right hand corner and look for an open white umbrella on red background (looks to this: Image )
  2. right click it-> untick the option AntiVir Guard enable.
  3. You should now see a closed, white umbrella on a red background (looks to this: Image )
  4. Note: Don't forget to re-enable it after the below scan.


ESET Online Scanner
Note: You can use either Internet Explorer or Mozilla Firefox for this scan.

  1. Please go here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  2. Select the option YES, I accept the Terms of Use then click on: Image
  3. When prompted allow the Add-On/Active X to install.
  4. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  5. Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  6. Now click on: Image
  7. The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  8. When completed the Online Scan will begin automatically, Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  9. When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  10. Now click on: Image
  11. Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  12. Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


Please reply with:
  • Eset log
User avatar
Gizzy
Retired Graduate
 
Posts: 1101
Joined: December 30th, 2008, 9:54 pm
Location: NJ, USA
Advertisement
Register to Remove

Re: Assistance needed to remove malware from my computer. Th

Unread postby spcvrm » February 6th, 2011, 1:04 am

Below is the log from the ESET scan. I'm sure I unchecked the
top box remove threats & checked the scan system box, but when the scan said finish it said it removed 4 threats. Also when I downloaded the Adobe update I also received a McAfee download. Do I need this?

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - delete file error:The process cannot access the file because it is being used by another process.

OnlineScanner.ocx - copy file error :The process cannot access the file because it is being used by another process.

OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=b3482f281a172c458a3b45a68fde36c5
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-02-06 12:05:54
# local_time=2011-02-05 07:05:54 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 2940252 2940252 0 0
# compatibility_mode=1797 16775141 100 93 0 32539849 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=122137
# found=4
# cleaned=0
# scan_time=4262
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP831\A0080446.dll a variant of Win32/Olmarik.AMA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP831\A0080447.dll a variant of Win32/Olmarik.AMA trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP857\A0086943.dll a variant of Win32/Kryptik.JWO trojan (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP857\A0086944.exe a variant of Win32/Kryptik.JWP trojan (unable to clean) 00000000000000000000000000000000 I
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=b3482f281a172c458a3b45a68fde36c5
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-02-06 04:41:19
# local_time=2011-02-05 11:41:19 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1024 16777215 100 0 2956723 2956723 0 0
# compatibility_mode=1797 16775141 100 93 0 32556320 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=122947
# found=4
# cleaned=4
# scan_time=4315
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP831\A0080446.dll a variant of Win32/Olmarik.AMA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP831\A0080447.dll a variant of Win32/Olmarik.AMA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP857\A0086943.dll a variant of Win32/Kryptik.JWO trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{39C571A2-5C6A-433B-8AC6-DBD815F09639}\RP857\A0086944.exe a variant of Win32/Kryptik.JWP trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
spcvrm
Regular Member
 
Posts: 20
Joined: January 5th, 2011, 7:36 pm

Re: Assistance needed to remove malware from my computer. Th

Unread postby Gizzy » February 6th, 2011, 2:05 pm

Hi spcvrm,

spcvrm wrote:Also when I downloaded the Adobe update I also received a McAfee download. Do I need this?
No you don't need that, Uninstall McAfee Security Scan Plus from Add/Remove programs.

Congratulations your machine appears to be clean! :cheers:
Now that you are clean, please follow these simple steps in order to keep your computer clean and secure.

Remove Tools
Let's remove the programs we've been using to clean up your computer, They are not suitable for general malware removal and could cause damage if used inappropriately.

The following steps will remove the tools and logs we used to clean your computer.
Any left over merely delete yourself and empty the Recycle Bin.

Uninstall ComboFix
  1. Click on Start > Run
  2. Type ComboFix /Uninstall into the box and click OK
  3. Note the space between the x and /Uninstall it needs to be there.

CleanUp with OTM
  1. Double-click OTM to start the program.
  2. Close all other programs as this step will require a reboot
  3. On the OTM main screen, press the CleanUp! button.
  4. Click Yes to the prompt and then allow the program to reboot your computer.

TFC and Malwarebytes' Anti-Malware are great tools for you to keep and use on a regular basis.


Keep your programs up to date
Vulnerabilities are sometimes found in programs that can be used to infect your computer,
So it's a good idea to always use the most up to date version of programs,
Below are 2 sites that can be used to check if any of your installed programs are in need of updates.
Secunia Software Inspector
F-secure Health Check


Keep your system updated
Microsoft releases patches for Windows and other products regularly:

  1. I advise you visit: http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us
  2. Install the Active X
  3. Once installed it will advise you set Auto-Updates if not set and you then will be able to manually check for updates also via:
  4. Start > All Programs > Microsoft Updates


Below are some free programs I recommend that could help you improve your computer's security.

Spyware Blaster
Download it from Here
Find a tutorial on how to use Spyware Blaster Here

WinPatrol
Download it from Here
You can find information about how WinPatrol works Here

Update all these programs regularly
Make sure you update all the programs I have listed regularly, Without regular updates you will NOT be protected when new malicious programs are released.


Here is a great guide I recommend you read - COMPUTER SECURITY - a short guide to staying safer online

I'd be grateful if you could reply to this post so that I know you have read it, and if you have no other questions, the thread can be closed.

Happy surfing and stay clean! :thumbright:
User avatar
Gizzy
Retired Graduate
 
Posts: 1101
Joined: December 30th, 2008, 9:54 pm
Location: NJ, USA

Re: Assistance needed to remove malware from my computer. Th

Unread postby Cypher » February 7th, 2011, 1:58 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 130 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware