Jump to content

Vista system in a mess - Help


Recommended Posts

Looks good. Let's see what programs of yours need updating:

 

Please download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Link to post
Share on other sites

  • Replies 125
  • Created
  • Last Reply

Top Posters In This Topic

Google Chrome no longer can download -

Notice I recived: Download was transfered to "Free download manager" Please use back button to go back

 

Right clicking in this window does not provide the paste command in Firefox - I must use ctrl key + v to  paste

 

 Results of screen317's Security Check version 0.99.71  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
AVG update module   
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 CCleaner     
 Java 7 Update 25  
 Adobe Flash Player     11.7.700.224  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox 21.0 Firefox out of Date!  
 Google Chrome 27.0.1453.110  
 Google Chrome 28.0.1500.72  
 Google Chrome Plugins...  
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled!
 AVG avgrsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````
 

See Google Notice attached

post-8710-0-82615300-1375329382_thumb.pn

Link to post
Share on other sites

That stupid download manager is still there it seems. Let's try again to get rid of it once and for all:

 

Please download and install Revo Uninstaller (Freeware) from here. Then please run Revo Uninstaller and select Free Download Manager.

Please click Uninstall icon to uninstall the selected program.
2ev563d.gif

Please choose Advanced.
aubbd2.gif

Then click Next and follow the prompts.

Please click Select All (1.) and Delete (2.)
2hdphqf.gif
to delete all registry items, folders and files listed by Revo.

If asked to restart the computer, please do so immediately.

Link to post
Share on other sites

Running Now:

Uninstall Dos Box opened:

File"C\program Files\Free Download Manager\unins000.dat" does not exist. Cannot uninstall.

 

I clicked OK, and it continued.  Now in the registry there are some special instructions in the Found leftover Registry items screen

 

Note: Please carefully verify the bolded items! Only check bolded items and their subitems will be deleted!

 

Wow 59 items - ad only two folders appeared in the trash can (recycle bin).  There was no restart urgent command.  

 

Doing a restart now, as I type this on another system...

 

--

 

Should i try combofix now?

Link to post
Share on other sites

Things look good. Judging by your last few logs, I'd say your system is clean. :)

Before we move on, please take the time to install the following updates. Program updates are a critical part of your computer's safety net, as outdated applications leave you vulnerable to malware.

 

---------

Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:

  • Download the latest version of Adobe Reader and save it to your desktop.
  • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  • Click the download button at the bottom.
  • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
    If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  • Then from your desktop double-click on Adobe Reader to install the newest version.
    If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the "Adobe Setup - Welcome" window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

---------

 

Firefox is out of date.  Using an outdated version of a web browser leaves you extremely vulnerable to malware!
Please visit Mozilla site  and update it to the latest version.

 

---------

 

Please let me know how the updates went, as failed updates may be due to malware.

Link to post
Share on other sites

Yes. I'll help you remove that below ;).

 

Unless there are any other issues, I will now provide you with some steps to better protect your computer.

First, we need to remove ComboFix.

The following will implement some cleanup procedures as well as reset System Restore points:

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /Uninstall

-------------------

Let's remove OTL and the other tools we used as well:

  • Reopen otlicon.png on your desktop.
  • Click on cleanup.png
  • You will be prompted to reboot your system. Please do so.


-------------------

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future. :)

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

-------------------

It is really dangerous to go online without an antivirus. Without one, you are extremely likely to get infected and the consequences could be even worse next time. All of the following are excellent free antiviruses. Be sure to only install one.

avast!.
AntiVir
AVG
Microsoft Security Essentials

-------------------

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features if you don't have the resident part of another anti-spyware program running.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for real-time protection against spyware and hijackers may be found here.

-------------------

Please, consider maintaining a firewall with HIPS (Host Intrusion Prevention Systems). Firewalls are extremely important and are the first part of your computer's defense. HIPS stops malware by monitoring its behavior and it's very important, too.
A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet.
If you are using the Windows Firewall please note that it doesn't monitor or block outbound traffic and is therefore less effective than other free alternatives.

These firewalls are good and do have free versions available


A tutorial on understanding and using firewalls may be found here.

-------------------

Please keep your security programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time.

-------------------

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:

http://www.spywarewa...nti-spyware.htm

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

-------------------

Please consider using an alternate browser. Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScripts, can make it even more secure. Opera is another good option.
If you are interested, Firefox may be downloaded from here
Opera is available here: http://www.opera.com/download/

-------------------

For more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.

-------------------

I would grateful if you could reply to this post so that I know you have read it and, if you have no other questions, the thread can then be closed.

I will leave the thread open for a few more days. If you need anything, just come back here and let me know. After that time you will have to send me a PM.


---------------------------------------------------------



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against malware, then click here:
paypal.gif
Every little bit helps. smile.png

-DFB
 

Link to post
Share on other sites

Yes, there is no way to get a run box in combofix.  before we created a script, and I drug the saved script into the combofix icon and it started.  This time I start and there is no pause combofix just runs and then never finishes or nor paused for me to copy and paste "combofic/uninstall". I must not understand,and am doing something wrong.

 

I will shut down system so i can follow your instruction, combofix is not going to finish again.  Can I uninstall in safe mode?

Link to post
Share on other sites

OK, now what?  On vista I press Windows key, and the R Key to get a run window. Using the command "Combofix/Uninstall" in the run box, Dos windows appears: can not find Combofix/Uninstall...

 

Since it is on the desktop do I need to provide a path in the run box?  Or is this system still infected and we do not have windows running correctly?

 

Renaming they Icon as "Uninstall" it becomes Uninstall.exe and still can not be found by windows.  Just running the renamed Icon by double clicking it just runs combofix and stops @ 50 and sits there with no disk activity on this laptop...

Link to post
Share on other sites

No, don't go through the ComboFix/Uninstall procedure through the Run thing...

 

 

I'll provide more detailed instructions:

 

Locate your copy of ComboFix.exe (should be on your Desktop).

 

Right-click on it- select Rename. Type Uninstall.exe

 

Double-click on that.

 

Does it uninstall now?

Link to post
Share on other sites

No, that is what i tried to explain earlier.  It is on the desktop as you requested.

 

Double clicking the Icon runs combofix, named combofix.exe or Uninstall.exe and reaches 50 and sits there for as long as I allow the inactive program to sit on my desktop screen doing nothing..  

 

Does not mater the name!!!  The old one this happened and now the newer downloaded software is the same...

Link to post
Share on other sites

Hmm, I've never seen this before.

 

For now,

  • Reopen otlicon.png on your desktop.
  • Click on cleanup.png
  • You will be prompted to reboot your system. Please do so.

 

After you've done that, navigate to the C: drive. Do you see a folder titled Qoobox there? If so, let me know.

Link to post
Share on other sites

OK, Combofix is gone using Olt, and there is no longer a Qoobox listing on the C:drive

 

But I have a few other programs on the desktop that did not disappear...

 

Norton Removable tool

Security Check

Revo Setup & Uninstaller (two Icons)

JRT

 

Only Revo Uninstaller is listed in control center (Programs and Features)

Link to post
Share on other sites

 

 

D. Fred-Brown,

 

Sorry for not responding sooner.  Thank you, & please consider this a job well done.  

 

The system purrs like a kitten, unfortunately the computer is long in the tooth, and is one of the Nvidia out of specification Video chip systems, that could fail at any time.  I can not believe Nividia was allowed to continue as a viable company knowingly shipping millions of bad video chips to OEM, that costs billions in failed computers to consumers with no recourse.  

 

Again thank you for the assistance, I hope she will use the computer without worry until the hardware fails...

 

JR

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.