Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

win 8.1 do I still have a virus or something?


  • Please log in to reply
5 replies to this topic

#1 kshan

kshan

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 22 February 2015 - 05:17 PM

malwarebytes instantly started giving an error " not fully protected - malicious website protection disabled" when I clicked on a picture in a forum on Accurate Shooter. I would click the radio button to enable but it would be unchecked again. Stopped malwarebytes and restarted same thing, rebooted computer same thing. It would also uncheck "enable self protection early start"

 

I downloaded Roguekiller and ran it, It deleted a couple of files and on reboot by roguekiller malwarebytes works normally now. I don't know where the log files are for them. I only have the paid version of malware bytes and do not have an antivirus. Malwarebytes does not find anything now. Is there a recomended antivirus for 8.1

 

As I do most everything on this computer, can I still have an infection? should I run anything else?

 

thanks for your help,

K



BC AdBot (Login to Remove)

 


m

#2 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:19 AM

Posted 22 February 2015 - 05:22 PM

Run a scan using Eset Online Scanner. It will take more than an hour usually. Then run a scan using AdwCleaner. Post both results.

 

Hold down Control and click on this link to open ESET OnlineScan in a new window. (Eset can take more than an hour to run so plan accordingly)

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 22 February 2015 - 07:45 PM

Eset found no infections

 

Adware cleaner file:

 

# AdwCleaner v4.111 - Logfile created 22/02/2015 at 19:39:48
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Karl - KS8
# Running from : C:\Users\Karl\Downloads\AdwCleaner(1).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Karl\AppData\Local\Temp\ConstaSurf
Folder Deleted : C:\Program Files\002
File Deleted : C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Karl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKCU\Software\APN PIP
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v40.0.2214.115


*************************

AdwCleaner[R0].txt - [1634 bytes] - [22/02/2015 19:29:17]
AdwCleaner[S0].txt - [1538 bytes] - [22/02/2015 19:39:48]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1597  bytes] ##########
 



#4 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:19 AM

Posted 22 February 2015 - 08:15 PM

Did you install olark Live Chat intentionally?

 

I would say whatever was interfering with MBAM is not around anymore. Not much found by AdwCleaner. 

 

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download


Edited by buddy215, 22 February 2015 - 08:19 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:10:19 AM

Posted 22 February 2015 - 09:22 PM

The only live chat I have done on this computer is with Microsoft Support through their web site ( they want to charge you for their free stuff)

 

Here is the JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Karl on Sun 02/22/2015 at 20:33:10.19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/22/2015 at 20:36:03.13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

What you think ?



#6 buddy215

buddy215

  • BC Advisor
  • 12,616 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:19 AM

Posted 23 February 2015 - 04:41 AM

If you are not seeing any signs of malware, you are good to go.

 

You can avoid being infected by just visiting a site or clicking on an image by using the two most popular add-ons for Firefox...NoScript and Adblock Plus. 

There are script blockers for Google Chrome and Adblock Plus works in Google Chrome, too. If you install Adblock Plus you should click on its icon

and under Filter Preferences UNcheck allow some non-intrusive ads. Adblock Plus is a no-brainer....NoScript requires a bit of learning to use as intended.

 

Happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users