Help with System Tools virus

[hazel312001a]

Can you please run the ESET scan as described in Reply # 18 and post the log?

I think your forgetting Dave...ESET won't run either...that's how I got into this mess. It keeps asking me about a proxy...see reply #31.

gina

[SuperDave]

I think your forgetting Dave...ESET won't run either...that's how I got into this mess. It keeps asking me about a proxy...see reply #31.

No. I didn't forget. I was wondering if it was fixed yet. Could you please try running the F-Secure online scanner as described in Reply # 24 to see if that will work?

[hazel312001a]

No. I didn't forget. I was wondering if it was fixed yet. Could you please try running the F-Secure online scanner as described in Reply # 24 to see if that will work?

How long does the F-Secure scan take? I don't know if it's working. There is just this circle going round and round...Is that normal?

Thanx!
gina

[SuperDave]

It's been almost 24 hrs. since you posted. If it won't run, please try the Kaspersky scan in Reply  # 22

[hazel312001a]

It's been almost 24 hrs. since you posted. If it won't run, please try the Kaspersky scan in Reply  # 22


Yeah ..it didn't work..it got hung up on the java check/activex...running Kaspersky now.

Thanx SuperDave...your awesome!
gina

[hazel312001a]

No go SuperDave...After Kaspersky checked my system it came back with " Kasersky Online Scanner 7.0 download and operation require Java framework version 1.5 or later."

It's like Java is there...but it's not. Grrrrr...

I premptively ran security check again...just in case you ask to prove Java is installed. lol

 Results of screen317's Security Check version 0.99.8 
 Windows XP Service Pack 3 
 Internet Explorer 8 
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Disabled! 
 ESET Online Scanner v3   
 Online Armor 4.5   
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 CCleaner     
 Java(TM) 6 Update 23 
 Adobe Flash Player   
Adobe Reader 9.4.1 MUI
Out of date Adobe Reader installed!
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 Norton ccSvcHst.exe
 Tall Emu Online Armor OAcat.exe
``````````End of Log````````````


Are you sure I'm not getting on your nerves yet? 
gina

PS. I swore I updated Adobe already.

[hazel312001a]

Ok...good news and bad news...

Good News: I fixed Java! Score one for the newbie!! It was the "enable next gen plugin" stopping Java from working.

Bad news:  1. I did this after I tried running Kaspersy again because system requirements include a working Java RE.  It was about 5000kbs from updating the data base and it stalled out and gave me some error about intermittent internet connection. I have not been able to run again. I keep getting the same error.

                   2. ESET keeps telling me "is proxy configured?"
                   3. F-Secure online scanner needed a working Java RE (that's why the circle just kept spinning) It passed the check but the window that opened, presumably to run the scan , said "web page not found!!??

                   4. I did update Adobe..but from 8 to 9. Tried to update to X and I got an error about proxy settings!!   

Oh and I also did these things:
  Uninstalled Norton Internet Security for Netbooks (piece of junk!) and installed Avast.(I love this product!!) Ran a full system scan..came back clean. Found a worm on my memory stick and blasted it off there (maybe the offending culprit that brought us together!)
  Unistalled Online Armor...I found out that my router has an installed firewall and thought that maybe the 2 were conflicting. I will reinstall if you suggest it.

As you can see I have been very busy!!   But i have learned a ton and for that I am grateful this mess happened!

Just need to know how we can get this little netbook a clean bill of health?! Any other tools we can use for a scan?

I am so grateful for your help SuperDave!!! I never would have gotten this far without you!
gina
 

[SuperDave]

Did you ever have any luck getting Firefox to run? Please try this:

Run the BitDefender Online Scanner.

Agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files.

Once Bitdefender completes the scan:
Click-on the Detected Problems tab.
Then select Click here to export the scan report.

When the window comes up to save the report, change the Save as type: box to:
Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click Save.

This will save a file named bdscan.txt. I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later).
This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to us.

Post the bdscan.txt file as an Attachment.

[hazel312001a]

Hey SuperDave...I have more good news!! After I uninstalled Norton and downloaded Avast I went back and ran ESET..and guess what??  IT WORKED!!! It just got done and there were NO THREATS DETECTED!!

Is that a clean bill of health?

Thanx! gina

[SuperDave]

Is that a clean bill of health?

Hi Gina. That is really good news. Let's do some cleanup

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

***********************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
**************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

[hazel312001a]

Hi Gina. That is really good news. Let's do some cleanup

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

***********************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
**************************************************
Use the Secunia Software Inspector to check for out of date software.

•Click Start Now

•Check the box next to Enable thorough system inspection.

•Click Start

•Allow the scan to finish and scroll down to see if any updates are needed.
•Update anything listed.
.
----------

Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Almost there aren't we SuperDave?! I'm so excited!!
I did everything except the Spyware stuff because I have a question. Am I supposed to install both or just one of the reccommended products?
Thanx!
gina

[eri]

Please do not hijack someone else's thread. If you need help, please go to this link and follow the directions and post the required logs. Please post your logs in this link.

[SuperDave]

I did everything except the Spyware stuff because I have a question. Am I supposed to install both or just one of the reccommended products?

It wouldn't hurt to have them, if you have the space.

[hazel312001a]

It wouldn't hurt to have them, if you have the space.

Ok I got the Spybot...what now?

PS.Thanx for protecting my thread! 

gina

[SuperDave]

Ok I got the Spybot...what now?

That's it. You can keep SAS and MBAM on your computer, if you wish. Update them and run them on a regular basis. Good Luck!