Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: AV Security infected computer; seems clean, need help for prevention

16 Nov 2011   #21
BinkerNate

Windows 7
 
 

Quote   Quote: Originally Posted by DBone View Post
Sounds like you're on the right track. SUPERAntiSpyware (SAS) has recently changed their online scanner to a portable scanner, and I didn't realize that in my first post, sorry about that. SAS free edition would be my next weapon ( SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware! ) followed by Trend Micro HouseCall ( HouseCall - Free Online Virus Scan - Trend Micro USA ). You can't rely on just one or two scanners once your machine is infected, use them all! Please report back after those two scans.
Okay, Sandbox is installed. Housecall found nothing, while SUPERAnti found 277 threats including Startnow Toolbar.

Quote:
edit: Once you run the two above scanners you can run Norton Power Eraser ( Norton Rescue Tools ) .............BEFORE YOU DELETE ANYTHING FOUND DURING THE NPE SCAN, REPORT BACK HERE FIRST!! NPE IS VERY AGGRESSIVE, AND CAN FIND FALSE POSITIVES.
Did so, and it found no risks. It did ask if I should let it restart for rootkits. I didn't accept that, but I wanted to ask if I should've.

Is this a sign of so far so good? What else?

Also, what about sweeper (relation to my previous question about it) and adobe might being the culprit or not?


My System SpecsSystem Spec
.
16 Nov 2011   #22
DBone

Windows 7 Home Premium x64 SP1
 
 

SAS finding 277 threats tells me you need to do some house keeping, by using CCleaner to delete some tracking cookies from your browsers. Be advised though, that when you remove cookies to say this site for example, and you have it set to log you in automatically, then you'll have to re-enter your user name and password, so be ready for that. Also, delete all internet temp and windows temp files as well.

NPE wanted to scan for root kits that's why it asked for a reboot. You could scan again, it won't hurt anything until you select remove. As for Adobe, you could remove all versions via programs and features and then reinstall again. Filehippo has the Adobe exe's for download ( Browsers and Plugins Downloads - FileHippo.com ) just choose the Flash player that you need (32bit, 64bit, IE, Non-IE).

If you need help with Sandboxie you could PM me your phone # and I could talk you through set up if you want.
My System SpecsSystem Spec
16 Nov 2011   #23
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

You also need to clean out all temporary files and Update your Java.

Download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Info in 'quote box'...

Quote:
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. It also cleans out the %systemroot%\temp folder and checks for .tmp files in the %systemdrive% root folder, %systemroot%, and the system32 folder (both 32bit and 64bit on 64bit OSs). It shows the amount removed for each location found (in bytes) and the total removed (in MB). Before running, it will stop Explorer and all other running apps. When finished, if a reboot is required the user must reboot to finish clearing any in-use temp files.

TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail. TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
Next,
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6.
    Java SE Downloads
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u29 allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u29-windows-i586-p.exe to install the newest version.
My System SpecsSystem Spec
.

17 Nov 2011   #24
BinkerNate

Windows 7
 
 

Quote:
by using CCleaner to delete some tracking cookies from your browsers. Be advised though, that when you remove cookies to say this site for example, and you have it set to log you in automatically, then you'll have to re-enter your user name and password, so be ready for that. Also, delete all internet temp and windows temp files as well.
I think that's the cleaner I was talking about that was on my old computer! Yeah, I know what to expect. But, could you post a link to it so that I will know it's the right one and not fake one, just in case?

Quote:
NPE wanted to scan for root kits that's why it asked for a reboot. You could scan again, it won't hurt anything until you select remove.
So I shoul scan again, this time with the reboot option, right?

Quote:
If you need help with Sandboxie you could PM me your phone # and I could talk you through set up if you want.
There's more to do? I though it was ready.

P.S. I'll did uninstalled adobe as requested.

Quote:
Download the latest version of Java Runtime Environment (JRE) 6.
Scroll down to where it says "Java Runtime Environment (JRE) 6u29 allows end-users to run Java applications".
I don't see that, I only see 7. Is this the right link?
My System SpecsSystem Spec
17 Nov 2011   #25
DBone

Windows 7 Home Premium x64 SP1
 
 

FileHippo.com - Download Free Software is a great place to download software, and then keep your software updated. Adobe Flash, Java, CCleaner ect.. are all available there. MajorGeeks.com - Download Freeware and Shareware Computer Utilities. is also great.

Yes, you can scan again with NPE and this time do a root kit scan.

Sandboxie needs to be set up just a bit, nothing big though.
My System SpecsSystem Spec
17 Nov 2011   #26
BinkerNate

Windows 7
 
 

@Jacee: how long does TCE last? I only ask because it seemed to had frozed and there wasn't anything I do but close it.

EDIT: Actually, should I do CCleaner first? And this is for DBone; what exactly am I suppose to check for CCleaner to clean out?
My System SpecsSystem Spec
17 Nov 2011   #27
DBone

Windows 7 Home Premium x64 SP1
 
 

Default settings are good, and I would add all options for all of your browsers except for passwords. Also, look at what other applications that you have (Adobe Flash, Foxit Reader, Adobe Acrobat, ect..) and you can select those too. You can hit analyze first, and then double click any result to view it more in depth. CCleaner is really safe, so just add the browser options to IE, FireFox and Chrome (if you have them) and you're good to go.
My System SpecsSystem Spec
17 Nov 2011   #28
BinkerNate

Windows 7
 
 

I accidently unchecked everything in the Windows tab. Applications is fine. So if I follow your advice; everything under Internet Explorer, Windows Explorer, and System should be checked except for saved passwords under Internet and network passwords under Windows, right?Don't touch Advanced?

UPDATE: Norton Safelite installed. I still need help in checking what for CCleaner as described above, as well as the TFC and Java help from Jacee.
My System SpecsSystem Spec
17 Nov 2011   #29
DBone

Windows 7 Home Premium x64 SP1
 
 

Regarding CCleaner, in Windows Explorer, everything is checked from default except "network passwords". In system you can safely check everything for your first clean, then uncheck the bottom 3 for everyday maintenance. Nothing in advanced should be checked.
My System SpecsSystem Spec
19 Nov 2011   #30
BinkerNate

Windows 7
 
 

STATUS:
CCleaner removed 256GB of memory that was cluttered, let's say. Wow! (referring to the GB memory increase).

TFC:
Unlike last time; TFC worked out and seems fine after the reboot.

Quote:
Download the latest version of Java Runtime Environment (JRE) 6.
Java SE Downloads
Scroll down to where it says "Java Runtime Environment (JRE) 6u29 allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u29-windows-i586-p.exe to install the newest version.
I'm so sorry, Jacee. But I'am following the instructions above, and I just can't find what you're saying. I even copied what I'm suppose to read on the "find" tab, with no luck. I don't know what to do other than ask you again. Are you sure this site wasn't rewritten or something? I'm sorry to ask again.

Perhaps a snapshot to help me out?
My System SpecsSystem Spec
Reply

 AV Security infected computer; seems clean, need help for prevention




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Can i scan a virus infected computer with a clean one?
I have one computer with several viruses and one that is clean and up to date. Is there a way to connect them with a usb cable or something and scan the infected one with the clean one? The infected one will not allow me to install an AV program.
System Security
Your Computer Is Infected!
Colby Vieirra: Your computer is infected!
Chillout Room
infected pcs barred from getting security updates
People infected with ROOTKIT called Alureon will unable to receive / install Microsoft's latest security updates the software giant took preventative action because similar updates issued in February caused computers the repeatedly crash :confused:
Windows Updates & Activation
MS's security chief suggests 'Net tax to clean computer
Microsoft's security chief suggests 'Net tax to clean computers Source - Microsoft's security chief suggests 'Net tax to clean computers
News
I think my computer is infected what do I do now?
This is something i found in Guidance and advice - Learn more about malware - Microsoft Malware Protection Center thought of posting it becasue lot of them have this question. I think my computer is infected – what do I do now? Depending on the malware or spyware behavior,...
System Security
Data Execution Prevention Security Feature
Please help me! The Data Execution Prevention Security Feature is really starting to stress me out. I can't access sites that I need for uni eg Hopfield Network Applet How do I turn the stupid thing off?!!! Please help! :cry:
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 13:04.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App