|
Post by oakparkjohnny on Oct 22, 2014 8:18:41 GMT -8
My system is running much better now. The multiple dllhost.exe files are gone. Thank you. I ran AdwCleaner a couple days ago, before I began I dialog with you, hoping to fix the Powelik malware. This didn't work, although AdwCleaner did clean a bunch of other stuff. I'm attaching the report, AdwCleanerS0.txt. Per your instructions, I ran AdwCleaner again this morning and have attached the scan report, AdwCleanerR3.txt Attachment DeletedAttachment Deleted
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 22, 2014 16:24:12 GMT -8
Thank you telling us what you did and what is happening. Malwarebytes' Anti-MalwareI see that you have this installed on your system already. Please start the program and follow the steps below to run a scan. When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link Once the program has loaded and updated, select " Scan Now >>" to start the scan. The scan may take some time to finish, so please be patient. If any malware is found, you will be presented with a screen like the one below. Please click on the Export Log button and select the As text file from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop). After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that. Please attach the report file to a post here; I will review the file and script what needs to be removed.
|
|
|
Post by oakparkjohnny on Oct 22, 2014 19:56:43 GMT -8
I ran Malwarebytes a couple weeks ago, before I began speaking with you. I just ran it again. Here's the log. Not surprisingly, doesn't look like it found anything. Attachment Deleted
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 22, 2014 21:34:52 GMT -8
This next step may take a while (just to warn you) ..... ESET Online does not work with IE 11 (Internet Explorer) at the moment (a few weeks ago anyway) so if you have IE 11, Chrome or Firefox has to be used instead. ESET Online does work with IE 10 and earlier. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Stop and ask if you have any questions.Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.
Hold down Control key and click on the following link to open ESET OnlineScan in a new window. Link =>> ESET OnlineScan << Click the Run ESET Online Scanner located on the left side of the page (not the free trial). For browsers other than Internet Explorer only: (Microsoft Internet Explorer users can skip this step) Click on the esetsmartinstaller link in the popup window that opens. Save it to your desktop. Double click on the icon on your desktop. Check (accept) the Terms of Use. Click the START button. Accept any security warnings from your browser. Now in the Computer scan settings window that appears:- Make sure that the option Enable detection of potentially unwanted applications is selected. Now click on Advanced Settings and configure the options as follows: Remove found threats is Not checkedScan archives is checkedScan for potentially unsafe applications is checkedEnable Anti-Stealth Technology is checkedNow click on: StartESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. When the scan is finished, if any threats are found you will see the screen below. Click to view the found threats. At the bottom of the listed threats, there is an option to save the results to a text file. Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry). Once the log text file is saved, return to the Scan Finished screen by clicking "<<Back", then click on the uninstall button and click Finish. Attach the saved log file in your next reply please. Thanks.
|
|
|
Post by oakparkjohnny on Oct 23, 2014 8:03:07 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 14:28:17 GMT -8
I would advise you to delete this file: C:\Users\John\Downloads\FileOpenerSetup.exe . After that, run the following and please post the resulting log: We need to remove the tools we've used during cleaning your machine [/a] [*]Ensure the following is ticked: - Remove disinfection tools
- Activate UAC
- Create registry backup
- Purge system restore
Then click Run. The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. Once you have the log file saved, please reboot your system to complete the clean up process. [/ul]
|
|
|
Post by oakparkjohnny on Oct 23, 2014 16:20:53 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 23, 2014 20:19:49 GMT -8
Your system looks clean and your logs are fine. Unless Quads wants something else done, you are done and free to go.
Final word from me: Surf safely, and watch when installing or letting anything add itself to your system. Remember, the best security is not on your system but in the chair in front of it. Take care and thanks for sticking with us in this rushed time.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Oct 23, 2014 23:06:51 GMT -8
Do not use the tools like FRST unless you know what you are doing as they are able to do a lot more than you have seen here for other malware including rookits and bootkits
For that reason these tools can in the wrong hands (scripted wrong) hurt a system and sometimes on the odd occasion not repairable, yes sometimes people have given it a go and ripped Windows apart majorly.
They are not toys.
Quads
|
|
|
Post by oakparkjohnny on Oct 24, 2014 11:24:17 GMT -8
Quads and dbrisen - Thanks so much for your help.
|
|