Stubborn infected file plus other random symptoms - Page 3
Page 3 of 3 FirstFirst 123
Results 31 to 43 of 43

Thread: Stubborn infected file plus other random symptoms

  1. #31
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Update your Firefox.

    Update Adobe Reader

    You can download it from http://www.adobe.com/products/acrobat/readstep2.html
    After installing the latest Adobe Reader, uninstall all previous versions.
    Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

    Alternatively, you can uninstall Adobe Reader (33.5 MB), download and install Foxit PDF Reader(3.5MB) from HERE.
    It's a much smaller file to download and uses a lot less resources than Adobe Reader.
    Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or other garbage.
    On this page:



    make sure, you have both boxes UN-checked AND (important!) click on Decline button

  2. #32
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66

    ESET Scan log

    C:\Users\Michelle\Downloads\iPhone RingTone Maker v.2\iPhoneRingToneMaker v2.1.3\iPhone-Ringtone-Maker-2.1.3-Setup_NSIS.exe NSIS/TrojanDownloader.Agent.NBS.Gen trojan
    C:\Users\Michelle\Downloads\Nero 7.10.1.0\Nero-7.10.1.0_eng_full.exe Win32/Toolbar.AskSBar application

  3. #33
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66
    Phew, thats been a long day of scanning! =D

  4. #34
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Make sure, you delete this:
    - C:\Users\Michelle\Downloads\iPhone RingTone Maker v.2
    Empty recycle bin.

    If you intend to install Nero:
    - C:\Users\Michelle\Downloads\Nero 7.10.1.0\Nero-7.10.1.0_eng_full.exe, make sure, you decline AskSBar toolbar installation.

    =================================================================

    Your computer is clean

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:


    Code:
    :OTL
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.


    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.


    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. Run defrag at your convenience.

    11. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    12. Please, let me know, how is your computer doing.

  5. #35
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66

    Question...

    I have updated Firefox, deinstalled Adobe Reader and installed FoxIt as recommended. I have also deleted the infected iPhone ringtone maker folder etc.

    Nero 7 is actually already installed on my pc (i think) - but i am sure i would of declined the toolbar offer - i HATE all those toolbar offers so, will the installed Nero 7 software be okay?

    Rightio, i am off to do all the other clean-up jobs you have prescribed and i will pop back after tp let you know how we are doing.

    Broni - thank you SO much for your time and help... you are my 'Genius of the Week'

  6. #36
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66

    OTL Run log

    All processes killed
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Michelle
    ->Temp folder emptied: 66041 bytes
    ->Temporary Internet Files folder emptied: 25978077 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 15077825 bytes
    ->Flash cache emptied: 766 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 49523 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 39.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Michelle
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb



    OTL by OldTimer - Version 3.2.14.1 log created on 09262010_203849

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...

  7. #37
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    will the installed Nero 7 software be okay?
    Yes.

    When you're done, give me some final word about your computer behavior.

  8. #38
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66
    [QUOTE=Broni;1339007]
    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    Sorry - did i have a Trojan infection?

  9. #39
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    No. Your computer was pretty much clean

  10. #40
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66

    Thumbs up JOB DONE

    Right, all the cleaning tools have now been removed, Windows Updates are updated, WOT is installed (althoough the site recommendations seem to be different to Norton360's recommendations!) defrag told me it didnt need running and i shall run Malwarebytes and TFC as recommended.

    I also installed and ran PSI... it says i have to sort out 7 insecure programs!

    But other than that my computer is now running fine, the stubborn file is long gone, i am happy and you, good sir, are a genius.

    T H A N K Y O U
    Attached Images Attached Images

  11. #41
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You're very welcome

    Good luck and stay safe

    I wouldn't worry too much about Norton's recommendations

  12. #42
    Join Date
    Sep 2010
    Location
    United Kingdom
    Posts
    66

    Any recommendation?

    My Norton360 subscription is coming to an end soon - is there any replacement software you would recommend?

  13. #43
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    If I were you, I'd be very happy to release Norton from its duties

    If it comes to uninstalling, make sure, you use Norton Removal Tool: http://us.norton.com/support/kb/web_...080710133834EN

    Your free alternatives....

    - Avast! free antivirus: http://www.avast.com/eng/download-avast-home.html
    - Avira free antivirus: http://www.free-av.com/en/download/1...antivirus.html

    - free Comodo Internet Security (firewall + AV): http://www.personalfirewall.comodo.com/
    NOTE. During installation, Comodo will also allow you to install AV only, or firewall only, if you prefer to combine one Comodo product with some other product.

    If you decide to install Avast, or Avira, make sure, Windows firewall is turned on, or use Comodo firewall..
    If you decide to install Comodo Internet Security, or just Comodo firewall, make sure, Windows firewall is turned off.

    IMPORTANT! Make sure, you use only ONE antivirus, and ONE firewall.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •