|
Post by tigergrad on Jan 27, 2015 2:35:48 GMT -8
I have not noticed any system restore points at any time...
List of found threats...
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application C:\FRST\Quarantine\C\Program Files (x86)\somototoolbar\dtband.dll a variant of Win32/Toolbar.Visicom.A potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\somototoolbar\vmntemplateX.dll a variant of Win32/Toolbar.Visicom.B potentially unwanted application C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application C:\Program Files (x86)\FLVPlayer4Free\videodownloadtoolbar-toolbar-setup.exe Win32/Somoto.F potentially unwanted application C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\44e211d3-310de604 multiple threats C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\1effbf43-17cd656d a variant of Java/Exploit.Agent.RGC trojan C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4c27a333-587ae8bc multiple threats C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5a708d73-4a9b7453 multiple threats
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 27, 2015 15:20:05 GMT -8
Press the + R Keys on your keyboard at the same time. Type notepad and click OK. Copy the entire content of the codebox below and paste into the notepad (Including start and end) start C:\Program Files (x86)\FLVPlayer4Free\videodownloadtoolbar-toolbar-setup.exe C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\44e211d3-310de604 C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\1effbf43-17cd656d C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4c27a333-587ae8bc C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5a708d73-4a9b7453 end Click File, Save As and type fixlist (.txt may be seen on the end depending on the system setup) as the File Name. Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
Right-click on icon and select Run as Administrator to start FRST. (XP users click run after receipt of Windows Security Warning - Open File). Press the button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop, called Fixlog.txt. To paste or attach back here Quads
|
|
|
Post by tigergrad on Jan 27, 2015 15:31:38 GMT -8
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01 Ran by 4Elmores at 2015-01-27 18:31:04 Run:2 Running from C:\Users\4Elmores\Desktop Loaded Profiles: 4Elmores (Available profiles: 4Elmores) Boot Mode: Normal ==============================================
Content of fixlist: ***************** start C:\Program Files (x86)\FLVPlayer4Free\videodownloadtoolbar-toolbar-setup.exe C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\44e211d3-310de604 C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\1effbf43-17cd656d C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4c27a333-587ae8bc C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5a708d73-4a9b7453 end *****************
C:\Program Files (x86)\FLVPlayer4Free\videodownloadtoolbar-toolbar-setup.exe => Moved successfully. C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\44e211d3-310de604 => Moved successfully. C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\1effbf43-17cd656d => Moved successfully. C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4c27a333-587ae8bc => Moved successfully. C:\Users\4Elmores\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\5a708d73-4a9b7453 => Moved successfully.
==== End of Fixlog 18:31:04 ====
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 27, 2015 16:04:08 GMT -8
The TEMP folders and caches. (use the tool linked below) Download TFC www.bleepingcomputer.com/download/tfc/ the instrctions are on that page below the blue download button and screenshots. Quads
|
|
|
Post by tigergrad on Jan 27, 2015 16:20:40 GMT -8
Completed.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 27, 2015 16:31:09 GMT -8
Tools and Quarantines we used to be removed Please download DelFix by Xplode to your Desktop. toolslib.net/downloads/viewdownload/2-delfix/Double-click to run the program; Note: Windows Vista/7/8 users right-click and choose Run as administratorMake sure the Remove Disinfection tools is ticked / selected in the list Click RunA log will be opened after the operation is finished Copy and Paste it in your next reply
|
|
|
Post by tigergrad on Jan 27, 2015 16:34:03 GMT -8
# DelFix v10.8 - Logfile created 27/01/2015 at 19:33:52 # Updated 29/07/2014 by Xplode # Username : 4Elmores - 4ELMORES-PC # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\Users\4Elmores\Desktop\Addition.txt Deleted : C:\Users\4Elmores\Desktop\AdwCleaner.exe Deleted : C:\Users\4Elmores\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\4Elmores\Desktop\Fixlog.txt Deleted : C:\Users\4Elmores\Desktop\FRST.txt Deleted : C:\Users\4Elmores\Desktop\FRST64.exe Deleted : C:\Users\4Elmores\Desktop\TFC.exe Deleted : HKLM\SOFTWARE\OldTimer Tools Deleted : HKLM\SOFTWARE\AdwCleaner
########## - EOF - ##########
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 27, 2015 16:35:21 GMT -8
You are free to go on your merry way. You are now fixed / Solved.
Quads
|
|
|
Post by tigergrad on Jan 27, 2015 16:38:29 GMT -8
THANK YOU! Any suggestions in regards to settings for Norton and scans to run routinely?
Again, THANKS!
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Jan 27, 2015 16:41:22 GMT -8
The one thing that could be done is as soon as a system / user connects to the net, make sure the security programs (AV) gets the latest definitions and updates before starting to do other things.
Quads
|
|