Successfully blocked access to a potentially malicious website

View previous topic View next topic Go down

Re: Successfully blocked access to a potentially malicious website

Post by Dr Jay on 24th August 2012, 5:28 pm

ESET Online Scan

Please run a free online scan with the [You must be registered and logged in to see this link.]

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install, or it will ask to download an installer. Please do so an install it.
  • Click Start or wait for the scanner to load.
  • Make sure that the options Remove found threats and the option Scan unwanted applications are checked.
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, there are a couple of things to keep in mind:
  • 1. If NO threats were found, allow the scanner to Uninstall on close and then close the Window.
  • 2. If threats WERE detected, click on List of Threats Found, Export to Text File...save it as ESET-Scan-Log.txt. Click the back button/link, put a checkmark to Uninstall Application on Close and then close the window.
  • Open the logfile from wherever you saved it
  • Copy and paste the contents in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Lazilion on 25th August 2012, 5:24 am

The log file

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined

Lazilion
Intermediate
Intermediate

Posts Posts : 74
Joined Joined : 2009-04-17
OS OS : Windows 7 Home Premium 64bit
Protection Protection : AVG Free
Points Points : 28359
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Lazilion on 25th August 2012, 12:18 pm

I was thinking of reinstalling windows. Do you think that this is a viable option or should I continue to attempt to recover the computer by other means?

Lazilion
Intermediate
Intermediate

Posts Posts : 74
Joined Joined : 2009-04-17
OS OS : Windows 7 Home Premium 64bit
Protection Protection : AVG Free
Points Points : 28359
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Dr Jay on 25th August 2012, 5:59 pm

It should be in good hands without restoring the computer. We should be about done.

Please download [You must be registered and logged in to see this link.] by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.


Last edited by DragonMaster Jay on 26th August 2012, 7:15 pm; edited 1 time in total


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Lazilion on 26th August 2012, 12:53 am

# AdwCleaner v1.801 - Logfile created 08/26/2012 at 10:52:46
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Sachin - SACHIN-PC
# Boot Mode : Normal
# Running from : C:\Users\Sachin\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Sachin\AppData\Local\APN
Folder Found : C:\Users\Sachin\AppData\Local\AVG Secure Search
Folder Found : C:\Users\Sachin\AppData\Local\Conduit
Folder Found : C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik
Folder Found : C:\Users\Sachin\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\Sachin\AppData\LocalLow\BitTorrentBar2
Folder Found : C:\Users\Sachin\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Sachin\AppData\LocalLow\Conduit
Folder Found : C:\Users\Sachin\AppData\LocalLow\WhiteSmoke_US
Folder Found : C:\Users\Sachin\AppData\Roaming\Babylon
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\WhiteSmoke_US
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
File Found : C:\user.js

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3045275
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3198785
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\PricePeep
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Google\Chrome\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik
Key Found : HKCU\Software\IGearSettings
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\BitTorrentBar2
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar2 Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_US Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\WhiteSmoke_US
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\PricePeep
[x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKCU\Software\AVG Secure Search
[x64] Key Found : HKCU\Software\Conduit
[x64] Key Found : HKCU\Software\Cr_Installer
[x64] Key Found : HKCU\Software\Google\Chrome\Extensions\ngmmcbedgcbfghamlghhpbpifnbhhpik
[x64] Key Found : HKCU\Software\IGearSettings
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[x64] Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[x64] Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
[x64] Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x64] Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x64] Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x64] Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{656461EF-40F6-4115-9FF1-BCED9812CCBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70B469C4-47B1-48BD-8149-D2749E4B8832}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E3CB8E43-F1A0-472F-9663-7D280B3219B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A9354E5-1832-44D0-BE1B-04C4892DC3FC}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E4F5C7C5-9B78-406F-A90F-FECC4811FF00}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{657793C0-8DEB-40F8-B7A1-B8C184DEFB30}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19A84CDE-532D-4138-BEE1-AABE5100B782}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{656461EF-40F6-4115-9FF1-BCED9812CCBB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{70B469C4-47B1-48BD-8149-D2749E4B8832}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E3CB8E43-F1A0-472F-9663-7D280B3219B2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{656461EF-40F6-4115-9FF1-BCED9812CCBB}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{656461EF-40F6-4115-9FF1-BCED9812CCBB}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CCE665DD-F6DD-4808-968E-EAEC971F70EF}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = [You must be registered and logged in to see this link.] 14:02:40&v=11.1.0.12&sap=hp

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Sachin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found : "description": "AVG Secure Search",
Found : "name": "AVG Secure Search",
Found : "description": "The fastest way to search the web.",
Found : "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...]
Found : "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...]
Found : "path": "plugins/ConduitChromeApiPlugin.dll",
Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT304527[...]

*************************

AdwCleaner[R1].txt - [12517 octets] - [26/08/2012 10:52:46]

########## EOF - C:\AdwCleaner[R1].txt - [12646 octets] ##########

Lazilion
Intermediate
Intermediate

Posts Posts : 74
Joined Joined : 2009-04-17
OS OS : Windows 7 Home Premium 64bit
Protection Protection : AVG Free
Points Points : 28359
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Dr Jay on 26th August 2012, 7:17 pm

Getting anymore alerts? How is the computer running altogether?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Lazilion on 28th August 2012, 2:37 am

There are no more alerts and the computer is running slightly faster. In general though most of my games and programs run at the same speed as after the virus infected my computer.

Thank You

Lazilion
Intermediate
Intermediate

Posts Posts : 74
Joined Joined : 2009-04-17
OS OS : Windows 7 Home Premium 64bit
Protection Protection : AVG Free
Points Points : 28359
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Dr Jay on 29th August 2012, 11:37 am

Hi! Your logs appear to be clean. If there are no more issues, then we shall clean up!

Clean up System Restore

Now, to get you off to a clean start, we will be creating a new Restore Point, then clearing the old ones to make sure you do not get reinfected, in case you need to "restore back."

To manually create a new Restore Point

  • Go to Control Panel and select System and Maintenance
  • Select System
  • On the left select Advance System Settings and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create
Now we can purge the infected ones
  • Go back to the System and Maintenance page
  • Select Performance Information and Tools
  • On the left select Open Disk Cleanup
  • Select Files from all users and accept the warning if you get one
  • In the drop down box select your main drive i.e. C
  • For a few moments the system will make some calculations:

  • Select the More Options tab

  • In the System Restore and Shadow Backups select Clean up

  • Select Delete on the pop up
  • Select OK
  • Select Delete


Run OTC to remove our tools

To remove all of the tools we used and the files and folders they created, please do the following:
Please download [You must be registered and logged in to see this link.] by OldTimer:
  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

Purge old temporary files

Download [You must be registered and logged in to see this link.] and save it to your Desktop - [You must be registered and logged in to see this link.]

When the file has been saved, go to your Desktop and double-click on ccsetupxxx_slim.exe
Follow the prompts to install the program.

* Double-click the CCleaner shortcut on the desktop to start the program.
* Click on the Options block on the left, then choose Cookies.
* Under Cookies to Delete, highlight any cookies you would like to retain permanently
* Click the right arrow > to move them to the Cookies to Keep window.
* Go into Options > Advanced & uncheck Only delete files in Windows Temp folders older than 48 hours
* Click Cleaner on the left then Run Cleaner on the right to run the program.
* Important: Make sure that ALL browser windows are closed before selecting Run Cleaner

Caution: Only use the Registry feature if you are very familiar with the registry.
Always back up your registry before making any changes. Exit CCleaner after it has completed it's process.

Security Check

Please download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Tell me in your next reply, if you have completed these tasks:
  • Cleaned System Restore
  • Ran OTC
  • Ran CCleaner
  • Ran Security Check

Also, let me know how your computer is running, and don't forget to post the contents of the Security Check log.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Lazilion on 31st August 2012, 9:36 am

There's no visible change to the system.

Here's the log


Results of screen317's Security Check version 0.99.49
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG Internet Security 2012
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
AVG PC Tuneup
JavaFX 2.1.1
Java(TM) 7 Update 5
Java version out of Date!
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Adobe Reader X (10.1.4)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````

Lazilion
Intermediate
Intermediate

Posts Posts : 74
Joined Joined : 2009-04-17
OS OS : Windows 7 Home Premium 64bit
Protection Protection : AVG Free
Points Points : 28359
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Dr Jay on 31st August 2012, 11:47 am

What do you mean no physical change?

Adobe Flash Player Update!

Please download the newest version of Adobe Flash Player from [You must be registered and logged in to see this link.]

Before installing: it is important to remove older versions of Flash Player since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Adobe Flash Player. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.



Update Java

Please download the newest version of Java from [You must be registered and logged in to see this link.].

Before installing: it is important to remove older versions of Java since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs (Programs and Features in Vista/7).
Search in the list for all previous installed versions of Java. (J2SE Runtime Environment). Please uninstall/remove each of them.

Once old versions are gone, please install the newest version.

[You must be registered and logged in to see this link.]


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Lazilion on 2nd September 2012, 1:02 am

Yeah it's working much better now. There's definitely an improvement. It's still not as good as it used to be, at least I don't think it is, but it's working fine at the moment.

Thanks for all the help. You've really saved me a lot of time and effort. I'm pretty clueless about computers so it would have taken at least 6months to get it fixed. Thanks again, I really appreciate the help.

Lazilion
Intermediate
Intermediate

Posts Posts : 74
Joined Joined : 2009-04-17
OS OS : Windows 7 Home Premium 64bit
Protection Protection : AVG Free
Points Points : 28359
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Successfully blocked access to a potentially malicious website

Post by Dr Jay on 2nd September 2012, 10:32 pm

You're welcome.

Personal Tips on Preventing Malware

See [You must be registered and logged in to see this link.] for more info about malware and prevention.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum