Win Def Offline - no access to results, no log created

Page 2 of 6 FirstFirst 1234 ... LastLast

  1. Posts : 25,847
    Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64
       #11

    UberGoober I recommend following Jacee's instruction.
    She is one of our security experts.
      My Computer


  2. Posts : 44
    Windows 7 Pro 64 bit
    Thread Starter
       #12

    Thanks so much for that link, Jacee! Gonna do it now. I'll mark the thread solved if it succeeds.

    LB, those 3 brain cells are some powerful! Could I borrow one? Thanks for hanging in here with me.

    UG
    Last edited by UberGoober; 04 Nov 2015 at 20:25. Reason: To thank both helpers in one post
      My Computer


  3. Posts : 44
    Windows 7 Pro 64 bit
    Thread Starter
       #13

    Doggone it, ESET didn't work either. Tried it 3 times, and this is the screen that comes up immediately after double-clicking the exe icon.

    Win Def Offline - no access to results, no log created-eset.png

    Here are the 3 log files. Does this tool really do its work in a millisecond?

    Any other suggestions?

    Thanks again, UG
    Win Def Offline - no access to results, no log created Attached Files
      My Computer


  4. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #14

    I'd like you to scan your machine with ESET OnlineScan
    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Push the Start button.
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, push
    11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Push the button.
    13. Push
      My Computer


  5. Posts : 44
    Windows 7 Pro 64 bit
    Thread Starter
       #15

    OK...ESET OnlineScan came up "No threats found", so there was no "List of found threats" button to push. I could not complete steps 10 - 13.

    If a log exists anyway, I'll zip it up and send it if you can tell me where it is.

    Thanks so much, Jacee

    UG
    Last edited by UberGoober; 05 Nov 2015 at 18:46. Reason: give more info
      My Computer


  6. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #16

    Okay, let's run AdwCleaner:

    Download AdwCleaner by Xplode and save to your Desktop.




    Step 1
    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
    Step 2
    Using AdwCleaner: Scan & Clean

    This time click on the Clean button.
    Press OK when asked to close all programs and follow the onscreen prompts.
    Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
    Copy and paste the contents of that logfile in your next reply.
    A copy of that logfile will also be saved in the C:\AdwCleaner folder

    ******Post both .txt logs
      My Computer


  7. Posts : 44
    Windows 7 Pro 64 bit
    Thread Starter
       #17

    AdwCleaner scan ran for less than 1 minute.

    LOG:
    # AdwCleaner v5.018 - Logfile created 06/11/2015 at 07:12:00
    # Updated 05/11/2015 by Xplode
    # Database : 2015-11-03.2 [Server]
    # Operating system : Windows 7 Professional Service Pack 1 (x64)
    # Username : A - A-PC
    # Running from : C:\Users\A\Desktop\AdwCleaner.exe
    # Option : Scan
    # Support : Forum - ToolsLib

    ***** [ Services ] *****


    ***** [ Folders ] *****


    ***** [ Files ] *****


    ***** [ DLL ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****


    ***** [ Web browsers ] *****

    [C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\ht2l8yt0.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename.US", "Ixquick - English");
    [C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\ht2l8yt0.default\prefs.js] [Preference] Found : user_pref("browser.startup.homepage", "hxxps://ixquick.com/do/mypage.pl?prf=487259a80fb2c3b412bd42d2dab01976");

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [957 bytes] ##########

    Nothing to keep, but I'd love to block all syncing. I don't want a roaming profile even when the PC gets back to normal. This malware installs on whatever machine I'm using if I log onto my ISP webmail.

    I wonder if I was presented a substitute by the malware - there wasn't a "Report" button.

    Win Def Offline - no access to results, no log created-noreportbutton.png

    Oh, and I found the ESET log. The scanner never appeared to run - think these times are bogus.

    ESETSmartInstaller@High as downloader log:
    all ok
    # product=EOS
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # EOSSerial=918e60685d3fde40b3d6a8be7889f5dc
    # end=init
    # utc_time=2015-11-05 07:00:15
    # local_time=2015-11-05 02:00:15 (-0500, Eastern Standard Time)
    # country="United States"
    # osver=6.1.7601 NT Service Pack 1
    Update Init
    Update Download
    Update Finalize
    Updated modules version: 26584
    # product=EOS
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # EOSSerial=918e60685d3fde40b3d6a8be7889f5dc
    # end=updated
    # utc_time=2015-11-05 07:02:38
    # local_time=2015-11-05 02:02:38 (-0500, Eastern Standard Time)
    # country="United States"
    # osver=6.1.7601 NT Service Pack 1
    # product=EOS
    # version=8
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.7777
    # api_version=3.1.1
    # EOSSerial=918e60685d3fde40b3d6a8be7889f5dc
    # engine=26584
    # end=finished
    # remove_checked=true
    # archives_checked=true
    # unwanted_checked=true
    # unsafe_checked=true
    # antistealth_checked=true
    # utc_time=2015-11-05 07:34:14
    # local_time=2015-11-05 02:34:14 (-0500, Eastern Standard Time)
    # country="United States"
    # lang=1033
    # osver=6.1.7601 NT Service Pack 1
    # compatibility_mode_1=''
    # compatibility_mode=5893 16776573 100 94 0 198295504 0 0
    # scanned=102169
    # found=0
    # cleaned=0
    # scan_time=1896

    Sending this on since I've done it and the PC has to restart, so I'd have a do-over. Cleaning log to follow.
    Last edited by UberGoober; 06 Nov 2015 at 07:56. Reason: additional info
      My Computer


  8. Posts : 44
    Windows 7 Pro 64 bit
    Thread Starter
       #18

    Cleaning log

    # AdwCleaner v5.018 - Logfile created 06/11/2015 at 07:41:48
    # Updated 05/11/2015 by Xplode
    # Database : 2015-11-03.2 [Server]
    # Operating system : Windows 7 Professional Service Pack 1 (x64)
    # Username : A - A-PC
    # Running from : C:\Users\A\Desktop\AdwCleaner.exe
    # Option : Cleaning
    # Support : Forum - ToolsLib

    ***** [ Services ] *****


    ***** [ Folders ] *****


    ***** [ Files ] *****


    ***** [ DLLs ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****


    ***** [ Web browsers ] *****

    [-] [C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\ht2l8yt0.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename.US", "Ixquick - English");
    [-] [C:\Users\A\AppDAtA\RoAming\MozillA\Firefox\Profiles\ht2l8yt0.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxps://ixquick.com/do/mypage.pl?prf=487259a80fb2c3b412bd42d2dab01976");

    *************************

    :: "Tracing" keys removed
    :: Winsock settings cleared

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1061 bytes] ##########

    I got hijacked back to the Mozilla Start page as Home from IXQuick. I see "/do/" in lots of URLs, which change from what I type in.

    Appreciate all your help so much, Jacee! UG
      My Computer


  9. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #19

    Okay good, now download TFC by Old Timer TFC - Temp File Cleaner by OldTimer Download - Geeks to Go Forum and save it to your desktop.
    Save any unsaved work. TFC will close ALL open programs including your browser! This will also hide all desktop shortcuts, so just be aware! They will come back after rebooting.

    Using Vista/Windows 7 right-click on the file and choose Run As Administrator.
    Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

    Important! Manually reboot the machine to ensure a complete clean.

    Tell me how your computer is acting now.
      My Computer


  10. Posts : 44
    Windows 7 Pro 64 bit
    Thread Starter
       #20

    TFC never hid the desktop icons. Here's what it showed it cleaned.

    TempFileCleanerLog.txt

    I ran it a second time after restarting because I wanted you to see there wasn't a "Restart" button presented after the scan in the log, and this is what it looked like.

    Win Def Offline - no access to results, no log created-tfcbyot.png

    I'll have to spend some time using the PC in the morning to report its behavior. UG
    Last edited by UberGoober; 06 Nov 2015 at 18:09. Reason: clarify
      My Computer


 
Page 2 of 6 FirstFirst 1234 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:40.
Find Us