Jump to content

i believe im infected

818dirtybird
 Share

Recommended Posts

  • Replies 69
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Let me get a new report on this please.

 

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!


 

Link to post
Share on other sites
818dirtybird

818dirtybird

Posted
  • Author
Posted
security check log:

 

 

Results of screen317's Security Check version 0.99.81  

 Windows Vista  x86 (UAC is enabled)  


 Internet Explorer 7 Out of date! 

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Disabled!  

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 CCleaner     

 Adobe Reader 8 Adobe Reader out of Date! 

 Google Chrome 34.0.1847.116  

````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbam.exe  

 AVG avgwdsvc.exe 

 AVG avgrsx.exe 

 AVG avgnsx.exe 

 AVG avgemc.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites
818dirtybird

818dirtybird

Posted
  • Author
Posted

i know we deleted java (cuz its bad right lol), is adobe ok to update when we are done here or should adobe be deleted as well?

 

internet explorer 7 was giving me that "go.microsoft.com" redirect if i update that will that comeback? can i just update to 8, 9, or even 10 for internet explorer?

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Yes, you actually need to get all those updates as they fix hundreds of issues.  But, be prepared for a LONG update process.  Some computers can take several hours to update the Service Pack.  It should be Service Pack 2 though, not 1

 

http://www.microsoft.com/en-us/download/details.aspx?id=16468

 

 

I would highly recommend that you disable your screen saver and your antivirus while Service Pack 2 is installing.  No matter what.  DO NOT shut off the computer no matter how long the update is taking as that can very easily corrupt it and then you'll not be able to start Windows period.

 

Once the Windows updates are done you can go to Adobe and get their updates.

Link to post
Share on other sites
818dirtybird

818dirtybird

Posted
  • Author
Posted

ok so did this update but it keeps sayind thats its available AFTER the update has been done. i let it do the update and said it was installed and left it alone i did nothing but check the WINDOWS UPDATE and there it was available again so i did and install of it again and this time i did a restart after and checked again and AGAIN the available install was there again, what do you make of that 

 

here are the details:

 

Windows Vista Service Pack 1 (KB936330)
 
Installation date: ‎4/‎16/‎2014 3:26 PM
 
Installation status: Successful
 
Update type: Important
 
Windows Vista Service Pack 1 (SP1) is an update to Windows Vista that addresses key feedback from our customers. Windows Vista SP1 addresses specific reliability and performance issues, supports new types of hardware and adds support for several emerging standards. After you install this item, you will have to restart your computer.
 
More information: 
 
More information: 
 
 
 
here are the details of the availability of it again:
 
Windows Vista Service Pack 1 (KB936330)
 
Download size: 1.9 MB
 
Update type: Important
 
Windows Vista Service Pack 1 (SP1) is an update to Windows Vista that addresses key feedback from our customers. Windows Vista SP1 addresses specific reliability and performance issues, supports new types of hardware and adds support for several emerging standards. After you install this item, you will have to restart your computer.
 
More information: 
 
More information: 
 
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

At this time there are no more signs of an infection on your system.
However if you are still seeing any signs of an infection please let me know.

Let's go ahead and remove the tools and logs we've used during this process.

Most of the tools used are potentially dangerous to use unsupervised or if ran at the wrong time.
They are often updated daily so if you went to use them again in the future they would be outdated anyways.

The following procedures will implement some cleanup procedures to remove these tools.
It will also reset your System Restore by flushing out previous restore points and create a new restore point.
It will also remove all the backups our tools may have created.

Uninstall ComboFix (if used):

  • Turn off all active protection software including your antivirus.
  • Push the "Windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • Please copy and past the following into the box ComboFix /Uninstall and click OK.
  • Note the space between the X and the /Uninstall, it needs to be there.

CF-Uninstall.png

 
Remove the rest of the tools used:
 
Please download
OTCleanIt
and save it to your Desktop. This tool will remove all the tools we used to clean your pc.

  • Double-click OTCleanIt.exe.
  • Click the CleanUp! button.
  • Select Yes when the "Begin cleanup Process?" prompt appears.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes, if not go ahead and delete it by yourself.
  • If asked to restart the computer, please do so


Note:

If you receive a warning from your firewall or other security programs regarding
OTCleanIt
attempting to contact the internet, please allow it to do so.


AdwCleaner Removal:
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes

ESET antivirus Removal:
  • This tool can be uninstalled via the Control Panel, Programs, Uninstall


 
 
If there are any other left over Folders, Files, Logs then you can delete them on your own.
 
Please visit the following link to see how to delete old System Restore Points. Please delete all of them and create a new one at this time.
How to Delete System Protection Restore Points in Windows 7 and Windows 8

Remove all but the most recent Restore Point on Windows XP


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.


If you're not currently using Malwarebytes PRO then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

Link to post
Share on other sites
818dirtybird

818dirtybird

Posted
  • Author
Posted

doing all the cleanup now. 

 

question, besides the system restore whats the best way to do a recovery, maybe even a recovery disc. seems like the original disc cant be found and the one copy hp lets create has already been done and cant be found either. 

 

just to clarify, WINDOWS DEFENDER should be off as well right? 

 

i did get the premium version of malwarebytes. ive had it for a while now, and just got it for my brother, with the 3 pcs. those can be any pcs right not just in the same home network right?

 

i really appreciate all your help and patience. thank you for everything 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Yes, the license provides use on any 3 computers for 1 year.

 

That is correct. Windows Defender should remain off when you have antivirus and MBAM

 

Please read the following which has resources for most of that stuff - but Vista is getting a bit old now.
 

Computer Resources for Repair and Management
 
http://www.windowsreinstall.com/winre/createrepairdisk
 
http://en.wikipedia.org/wiki/Recovery_disc

Link to post
Share on other sites
  • 3 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.