Author Topic: [Resolved] Redirected Searches, Delays in typing, System Slowed  (Read 16234 times)

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [Resolved] Redirected Searches, Delays in typing, System Slowed
« Reply #75 on: January 06, 2012, 03:25:39 PM »
I have files in the quarantined folder from when i ran the scan. but i cannot find the log from the correct date. should i run the scan again?
« Last Edit: January 17, 2012, 01:02:32 AM by Bear »

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #76 on: January 06, 2012, 04:32:14 PM »
Hi Adam

Yes run it again, but I would like to know what, if anything, it removed on the last run.
Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #77 on: January 07, 2012, 01:00:32 AM »
I ran the scan again. It said nothing found, but i still cannot find the log files. These are the names of the files in the quarantine folder with the date 1/5/12

EEAD86EE62DF6210F12AFB24A2111E5FA8ECF8A9.NDF
EEAD86EE62DF6210F12AFB24A2111E5FA8ECF8A9.NQF
INFO.NQI

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #78 on: January 07, 2012, 02:32:54 AM »
Hi Adam

It's not under quarantine.  It's under ESET Online Scanner.  It's called Log.txt.
Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #79 on: January 08, 2012, 09:42:42 PM »
That's where i looked first. The only file called log.txt is an old one.

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #80 on: January 08, 2012, 11:25:02 PM »
i ran the scan a third time. the log file is still the one from 12/24/11

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #81 on: January 09, 2012, 12:45:01 AM »
Hi Adam


1.  Since your Java installation is infected, you need to uninstall it.  Click Start.  Select Control Panel.  Select Programs.  Click Programs and Features.  Uninstall all Java programs.

2.  Now go to this site Java and reinstall Java.

3.  Download CCleaner (remove the checkmark from the Yahoo toolbar unless you want it).  Before first use, select Options / Advanced and uncheck "Only delete files in Windows Temp folder older than 48 hours" Then select the following:

In the Windows Tab:
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.

In the Applications Tab:
Check all in the Firefox/Mozilla section.
Check all in the Applications section.
Check Sun Java in the Internet section.
Check all in the Multimedia section.
Check any others you choose.

Click the "Run Cleaner" button.  A pop up box will appear advising this process will permanently delete files from your system. Click OK.  Click exit when done.

4.  Disable all Anti-virus, Anti-spyware programs as instructed earlier.  Do not forget to re-enable them before you reply to this post.

5.  I'd like you to run ComboFix once again with some changes.  Open Notepad, click on Format and be sure Word Wrap is NOT checked.  Then copy the text in the code box below and paste it into the Notepad window.  Now name this file CFScript.txt and save it to your Desktop.

Code: [Select]

KILLALL::

ClearJavaCache::

RegLock::

File::

Folder::

Registry::

Driver::

Firefox::

dirlook::
C:\Users\Adam\Documents
C:\Users\Adam\Desktop
C:\Users\Adam\AppData\Local\temp

FCopy::

DDS::


6. Close all open browsers.



7. Referring to the picture above, drag CFScript.txt onto the ComboFix.exe icon.  ComboFix will run and produce a report.  This report will be saved at C:\ComboFix.txt.
Note: Do not mouseclick combofix's window while it is running. That may cause it to stall.  Reboot your computer.

Remember to be sure Word Wrap is NOT turned on in any Notepad files you post and to be sure and check that all the data you entered was posted. 

Now please post the following to me as a reply to this post:
ComboFix.txt
Let me know how your computer and browser are operating
If you have any other questions or problems, let me know that as well


Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #82 on: January 10, 2012, 03:37:40 AM »
I seem to be unable to the log in a reply. it says my computer may be infected by a trojan... :m

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #83 on: January 10, 2012, 12:45:49 PM »
Hi Adam

Are you getting that response from the site or from your browser?  I have never seen this before.
Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #84 on: January 10, 2012, 01:36:11 PM »
Hi Adam

After a bit of research, I found out the site has a bug in the spam filter that causes sporatic problems of that nature.  To work around it, just zip the files and post them as attachments to your next post.  It is not your PC that is causing it.  Sorry for the inconvenience and frustration.
Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #85 on: January 12, 2012, 04:03:46 PM »
...

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #86 on: January 13, 2012, 01:53:19 AM »
Hi Adam

I need to know how your computer and browser are operating.
Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte

Offline adammedonca

  • Bronze Member
  • Posts: 51
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #87 on: January 13, 2012, 01:08:33 PM »
everything seems to be running fine

Offline Bear

  • Malware Removal Mentors
  • Global Moderator
  • Gold Member
  • Posts: 2829
Re: [In Progress] Redirected Searches, Delays in typing, System Slowed
« Reply #88 on: January 13, 2012, 01:34:45 PM »
Hi Adam

Your system looks clean of malware and I think we're good to go.  Just some clean up and hardening against future infection.

1.  Uninstall ComboFix as follows:  Copy the code in the code box below.

Code: [Select]

combofix /uninstall


Now click on start/run and paste the copied code into the input box.
Click OK.  Reboot your PC.

2.  Next disable and Enable System Restore.  Go to Start/Control Panel/System and Security.  Then click on System.  Next click on Advanced system settings in the left panel.  Click on the System Protection tab.   Click on Disk C: and then click Configure.  Click on Delete, then Continue and OK.

Now go back to the System Protection tab (as above) and click on Create to make a restore point.

3.  Download OTC to your desktop and run it.

Click Yes to beginning the Cleanup process and yes to remove these components, including this application.  You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
This will remove all the malware tools we have used.

4.   MOST IMPORTANT : Windows, IE and any other software you have that connects to the net, needs to be kept updated.  I recommend running Secunia PSI.  It will monitor the software you have installed and let you know when something needs to be updated.

5.  Go to Start/Windows Update and install all recommended updates.  You may have to do this more than once to get your operating system and Internet Explorer up to date.

6.  Click on Start/Programs and launch the Adobe Reader program.  Click on Help and Check for Updates and install all updates available.

7.  Now some tips for prevention of further infections:

Always use an updated anti-virus program. Make sure you update this weekly, if not more often. This is critical.

Keep Malwarebytes' Anti-Malware up to date as well.  Unless you have the paid version (which you can schedule), be sure to run scans several times per week.

Always use your firewall.  Learn how to use your firewall.   Only programs that need it should have access to the net.  But these are specific to the firewall you use, so you will need to learn how.  Check your firewall provider's web site for more information on making your firewall secure. 

8.  Go to WOT download and install this program.  It will help keep you safe on the internet.

Never run two Antivirus programs or two Firewalls at the same time.

NEVER use P2P or file sharing software.  Many P2P file sharing programs contain bundled spyware.  But all these programs expose you to risks because of the very nature of the P2P file sharing process.  Many very malicious worms and trojans target and spread across P2P file sharing networks.

Before downloading, installing or using any malware detection/removal software check Rogue/Suspeckt Spyware List andRogue Applications List.  That way you will know if the program you are considering is safe.  If you want to know how it rates against other programs check out SpywareWarrior.

We have a good guide on how to prevent malware infections here at SpywareHammer.  You might want to peruse this and follow the recommendations Prevent Infection.

Let us know if you have any more problems, either new or old.  The internet is a wonderful tool for work and fun, but always be safe.

I would appreciate if after a couple of days of using your computer you let me know if everything is running fine so that I can close this post. 





Never interrupt your enemy when he is making a mistake.
- Napoleon Bonaparte