Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible Virus.. Need some help.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Possible Virus.. Need some help.

Unread postby queenoftheflock » June 29th, 2011, 10:07 pm

1. Did you have any problems carrying out the instructions?

I found the Ask Toolbar and removed it but even with the Revo, I still did not find the Java Auto Updater.

2. OTL Log:

All processes killed
========== PROCESSES ==========
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: SplishSplash
->Temp folder emptied: 608416 bytes
->Temporary Internet Files folder emptied: 291736 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 109920149 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1594 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20761000 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes
RecycleBin emptied: 16619296 bytes

Total Files Cleaned = 141.00 mb

Error creating restore point.

OTL by OldTimer - Version 3.2.24.1 log created on 06292011_215623

Files\Folders moved on Reboot...
C:\Users\SplishSplash\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


3. How is the computer now running?

It seems to be running pretty nicely. I haven't picked up on any issues specifically.
queenoftheflock
Active Member
 
Posts: 10
Joined: June 9th, 2011, 9:59 pm
Advertisement
Register to Remove

Re: Possible Virus.. Need some help.

Unread postby Scolabar » July 1st, 2011, 8:38 am

Hi queenoftheflock,

queenoftheflock wrote:3. How is the computer now running?

It seems to be running pretty nicely. I haven't picked up on any issues specifically.
Congratulations and well done! I can confirm that your latest logs now appear to be clean. :thumbright:

Step 1:
Housekeeping

It's now time for some housekeeping. Please follow the instructions below to remove the tools we have used to clean up your computer.

    OTL - Cleanup

    1. Double-click OTL.exe to start the program. This will remove most, if not all, of the tools we used to clean your PC.
    2. Close all other programs apart from OTL as this step will require a reboot.
    3. On the OTL main screen, press the CleanUp! button.
    4. Click on the Yes button at the prompt and then allow the program to reboot your computer.

    Remove Tools Used

    You can now safely delete the tools used in cleaning up the infection. Please remove the following tools from your system along with any related .zip files.

      aswMBR.exe
      tdsskiller.exe

    Also, whichever of the following Rkill programs you downloaded:

      rkill.com
      rkill.pif
      rkill.exe

    Please Note: These tools are updated on a regular basis and so, if required in future, should be downloaded afresh under supervision.

Step 2:
Security Vulnerabilities

    Outdated Adobe Reader

    It is strongly recommended that you update to the current version of Adobe Reader X - 10.1.
    Older versions of Adobe Reader are known to have vunerabilities that can be exploited by malware to infect your system.

    1. Downloaded the latest available version from here.
    2. Before proceeding any further uninstall all previous versions of Adobe Reader.
    3. Then run the newly downloaded Adobe Reader installer.
      Please Note: Remember to Uncheck the Free McAfee® Security Scan Plus if you do not want or need it.

      Alternative PDF Reader:
      Adobe Reader is a large program and if you prefer a smaller program you can get Foxit Reader instead from here.
      If you do decide to install Foxit Reader instead of Adobe, during Foxit's Setup/Installation process:

      Remember to Uncheck the following options:
      • I accept the License Terms and want to install Foxit Toolbar.
      • Make Ask.com my default search.
      • Create desktop, quick launch and start menu icon to eBay.

    Windows 7 Not Up-To-Date

    Your Windows 7 Operating System is not up-to-date. You need to install Windows 7 Service Pack 1 and all subsequent critical system and security updates to bring your system fully up-to-date. Because of the security and reliability fixes you should install this update. Keeping your Windows Operating System up-to-date with the latest security and critical fixes is the first line of defense against malware infections!!

    You can learn how to install Windows 7 Service Pack 1 Here.

    Internet Explorer Not Up-To-Date

    The installed version of Internet Explorer - version 8 - is not the latest available version for your Operating System. It is advisable to install Internet Explorer 9.

    You can find out more information about Internet Explorer 9 and download the installer from Here.

Step 3:
Advisory - Anti-virus Software

AVG 2011 is a bit of a resource hog running 9 separate processes to provide its protection. I personally would uninstall AVG 2011 straight away and would suggest you install one of the free Anti-virus products recommended below instead. It is for you to decide.

    Unistalling AVG 2011
    If you decide to go ahead with the removal of AVG 2011, please follow the instructions below.

    1. Select Start > Control Panel > Programs > Programs and Features.
    2. Under the Programs heading, click on Uninstall a program.
    3. Scroll down the list of installed programs and locate the following program:

        AVG 2011

    4. Right-click on Uninstall to uninstall it.
    5. When finished Close the Control Panel window.
    6. Next download and save AVG Removal Tool to your Desktop.
    7. Double-click avgremover.exe to run the program to completely remove AVG 2011.
      Vista - W7 users: Right-click on avgremover.exe and select "Run As Administrator" to launch the program. If you receive a UAC prompt, please allow it.
    8. Restart the computer to complete removal of the program.

    Install Alternative Anti-virus Product
    Select one of the recommended free products below:

    1. avast! Free Antivirus - Excellent detection, the freeware version includes email scanning.
    2. Microsoft Security Essentials ** - From Microsoft, with email scanning, easy to install, easy to use.
      ** Your PC must run a genuine version of the Windows OS to install Microsoft Security Essentials.

    1. Download the new Anti-virus product to your Desktop.
    2. Save any work. Close all applications, especially your Internet connection.
    3. Install the new Anti-virus product following the installation instructions. You may be asked to reboot the computer to complete the installation. Please do so, if asked.
    4. Check for updates to the new Anti-virus product, if not done during install setup.
    5. Run a full scan of your computer.

    Please Note: You should run only one Anti-virus program at a time. Having more than one Anti-virus program active in memory uses additional resources and results in program conflicts and false virus alerts.

Step 4:
Improve Your Computer's Security

MalwareBytes' AntiMalware
It is worth keeping MalwareBytes' AntiMalware on your system. Updating the program and running a scan once every couple of weeks will help you to keep malware free.

Below are some additional (free) programs, that can help improve your computer's security.
Many feel that having a "layered" protection scheme is beneficial, you'll have to decide what works best for your situation. You may like to give them a try. :)

    Install SpywareBlaster
    Download and install Javacools SpywareBlaster from Here.
    SpywareBlaster adds a list of ActiveX controls, tracking cookies and sites which will be blocked in either Internet Explorer or Firefox browsers. You need to manually check for updates regularly.

    Install SiteAdvisor
    SiteAdvisor is a toolbar for Microsoft Internet Explorer and Mozilla Firefox which alerts you if you're about to enter a potentially dangerous website.
    You can find more information and download it from Here .

    WinPatrol
    Download it from Copyright © BillP Studios.
    Information about how WinPatrol works, is available here.
    (The free version of WinPatrol provides limited real-time protection.)

    MVPS Hosts
    For added protection you may also like to add a hosts file. A simple explanation of what a Hosts file does is provided here.
    Install MVPS Hosts File from here.
    The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
    You can read the Tutorial here.

Step 5:
Further Guidelines

Please follow these simple guidelines in order to help keep your computer more secure:


Please confirm that you have completed the cleanup steps and reviewed the rest of the post.
Once your reply has been received, unless there are other malware questions or concerns, this topic will be closed as resolved.


Stay Safe! :cheers:
Scolabar
---------------------------------------------------
No Reply Within 3 Days Will Result In Your Topic Being Closed
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Possible Virus.. Need some help.

Unread postby queenoftheflock » July 2nd, 2011, 12:08 am

Thank you so very much! I have made the updates. I will probably come back and do some of the other stuff too but I have completed Step 1 and Step 2.

Thank you again! I really appreciate all of your help!
queenoftheflock
Active Member
 
Posts: 10
Joined: June 9th, 2011, 9:59 pm

Re: Possible Virus.. Need some help.

Unread postby Scolabar » July 2nd, 2011, 12:43 am

You're very welcome. :)

Scolabar
User avatar
Scolabar
MRU Honors Grad Emeritus
 
Posts: 1172
Joined: April 22nd, 2009, 3:10 pm

Re: Possible Virus.. Need some help.

Unread postby deltalima » July 2nd, 2011, 10:30 am

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 294 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware