Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Trojan?

Unread postby Dakeyras » March 9th, 2014, 5:46 am

Hi. :)

Downloading norman atm, quick question. Why is the download so big for a scanning tool? Is it a full featured AV?

Not quite no but more comprehensive than that, further information can be read here.

I would also like to use chrome instead if possible for ESET.

Fair play it appears you opted to run the scan with IE I am surmisng; for intrest sake this is how you would run the scan using Chrome...

ESET Online Scanner:

Note: The below instructions relate to running the scan with Google Chrome only. You will need to disable your current installed Anti-Virus for the duration of the online scan, how to do so can be read here.

Windows 7 users: You will need to to right-click on the either the Google Chrome icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Please go here to run the scan...
  • In the window that now appears called Launch ESET Online Scanner
  • Double-click on esetsmartinstaller_enu.exe to download the ESET Smart Installer
  • Then in the lower left hand corner of the browser window double click on Image >> follow the prompts
  • In the new window that appears select the option YES, I accept the Terms of Use then click on Start
  • Now in the Computer scan settings window that appears:-
  • Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Start
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do nottouch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Finish
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

Just one of the variations based upon my other set of instructions created for Chrome that can be adjusted to suit the situation/actual operating system etc.

Next:

Now from a Anti-Malware point of view all looking fine so far so lets run a few checks pertaining to the actual Operating System itself as follows...

Run Windows 7 SRD:

Boot you machine up using the Windows 7 Startup Repair Disk you created.

  • If not sure how to, a very good tutorial can be read here.
  • You will have to answer a few basic questions then select the option Repair your computer
  • At the the System Recovery Options screen click Windows 7 to highlight then Next>
  • Now click on/select Startup Repair
  • If prompted to use System Restore, select Cancel.
  • The same if prompted to Send information about this problem (recommended), select Don't send.
  • Click Finish when Startup Repair has completed, run it again another two times.
  • Upon completion of the third run, remove the SRD disc and then click on Restart
Note: Even if states nothing detected/repaired running it three times consecutively can at times implement some repairs even if not apparent etc.

Windows 7 - System File Checker:

  • Click on Start(Windows 7 Orb).
  • Then click on All Programs >> Accessories
  • Right click on Command Prompt and select Run as Administrator.
  • Click on Continue in the UAC prompt.
  • At the Command Prompt C:\Windows\System32> type in the following exactly:
  • cd c:\
  • Then depress the Enter/Return key, then type in the following exactly:
  • sfc /scannow
  • Then depress the Enter/Return key.
Note: This may take awhile to finish. When completed close the Administrator Command Prompt window, via typing Exit then depress the Enter/Return key.

Next:

Let myself know when completed the above and we will then go from there, thank you.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Advertisement
Register to Remove

Re: Trojan?

Unread postby pcparadise » March 9th, 2014, 9:26 am

Hey again.
Startup repair done, didn't seem to find anything but completed. Command prompt scan done, "Windows Resource Protection did not find any integrity violations.
pcparadise
Regular Member
 
Posts: 16
Joined: March 6th, 2014, 11:40 pm

Re: Trojan?

Unread postby Dakeyras » March 9th, 2014, 3:54 pm

Hi. :)

Startup repair done, didn't seem to find anything but completed. Command prompt scan done, "Windows Resource Protection did not find any integrity violations.

Good....Congratulations your computer appears to be malware free!

Clean-Up with DelFix:

Please download DelFix to your desktop

  • Right-click on delfix.exe and select Run as Administrator to launch the application.
  • Referring to the image below, select all available options:
Image
  • Then click on Run.
  • Once it has finished processing, a notepad file named DelFix.txt will open. Post the contents in your next reply for my review.
  • The log can also be located at the root of the system drive, C:\DelFix.txt.
  • After you have posted the aforementioned DelFix.txt, delete it and empty the Recycle Bin.
Now some advice for on-line safety:

The below is worth reading/bookmarking for future reference:

Computer Security - a short guide to staying safer online

Next:

Any questions? Feel free to ask, if not stay safe!
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Trojan?

Unread postby pcparadise » March 9th, 2014, 9:11 pm

Thanks for all of your help!

One quick question, how can I use netstat -a in cmd to look if there is people accessing my computer? Is there any definitive giveaways for that which means someone is? :)
pcparadise
Regular Member
 
Posts: 16
Joined: March 6th, 2014, 11:40 pm

Re: Trojan?

Unread postby Dakeyras » March 10th, 2014, 5:24 am

Hi. :)

Thanks for all of your help!

You're most welcome! Have you still got a copy of DelFix.txt for(if available) my review please ?

how can I use netstat -a in cmd to look if there is people accessing my computer? Is there any definitive giveaways for that which means someone is? :)

The CMD netstat -r or netstat -fport would probably provide more pertinent information since your machine is behind a router. Though the use of TCPView is a much easier option all told.

Plus you can actually log into your Router's settings and physically check the Security Log(s). The use of safe on-line practices and running regular scans with Security Software coupled with keeping Windows and all Software installed updated will go a long way to ensuring the overall security of your machine.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Trojan?

Unread postby pcparadise » March 10th, 2014, 10:25 am

Oops! Sorry about that.

# DelFix v10.6 - Logfile created 09/03/2014 at 19:23:30
# Updated 11/11/2013 by Xplode
# Username : Alex - ALEX-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #76 [Windows Update | 03/04/2014 08:52:03]
Deleted : RP #77 [Installed RuneScape Launcher 1.2.3 | 03/06/2014 23:14:22]
Deleted : RP #78 [Windows Update | 03/07/2014 14:34:38]
Deleted : RP #79 [OTL Restore Point - 3/7/2014 5:32:04 PM | 03/07/2014 22:32:04]
Deleted : RP #80 [Installed Microsoft Fix it 50906 | 03/08/2014 01:30:11]
Deleted : RP #81 [OTL Restore Point - 3/7/2014 8:33:41 PM | 03/08/2014 01:33:43]
Deleted : RP #82 [Installed WOT for Internet Explorer | 03/08/2014 19:33:01]
Deleted : RP #83 [Removed WOT for Internet Explorer | 03/08/2014 19:34:33]

New restore point created !

########## - EOF - ##########


If something is highlighted red in TCPView for a second, what's that mean? Or green or yellow? Thanks!
pcparadise
Regular Member
 
Posts: 16
Joined: March 6th, 2014, 11:40 pm

Re: Trojan?

Unread postby Dakeyras » March 10th, 2014, 11:24 am

Hi. :)

Oops! Sorry about that.

Not a problem, feel free to delete the file now if you have not already done so.

If something is highlighted red in TCPView for a second, what's that mean? Or green or yellow?

Merely denotes the range of probes/connections and or attempted connections via levels of priority. Red ones have been terminated, yellow has been updated and green denotes new ones etc.

For the most part even those in red unless sustained attempts would not be a cause for real concern as they have been terminated and if the need you can always use the whois feature to see what is it for example. Or even merely close out the entry from the GUI. End of the day there are always going to be unsolicited attempts/packets floating around the internet and even seemingly innocuous TCP hooks can be sometimes flagged in red. Long as you follow my prior advice re online security you should be fine.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Trojan?

Unread postby pcparadise » March 10th, 2014, 5:41 pm

Okay :)
You've been a wonderful help, take this gingerbread man!

_____
.' ' . EDIT: Sorry for my poor ascii skills :(
| a a | EDIT2: OMG it didn't turn out as it did in the text box. http://imgur.com/L5VY8NM if you want to see the screenshot XD
' . ~ . '
. ____/ (>o<) \___ .
(____. ____)
; ;
; ;
/ ___ \
/ / \ \
.;'___/ \___,.'
pcparadise
Regular Member
 
Posts: 16
Joined: March 6th, 2014, 11:40 pm

Re: Trojan?

Unread postby Dakeyras » March 11th, 2014, 5:59 am

You're most welcome!(thank you also re the GB-MAN :lol:) :)
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Trojan?

Unread postby Cypher » March 11th, 2014, 6:21 am

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 114 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware