Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Blocking Malware Updates, Printing, Video and internet access


  • This topic is locked This topic is locked
9 replies to this topic

#1 gpotts1636

gpotts1636

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 05 December 2017 - 01:47 PM

Please excuse the general topic but not technical enough to understand just what is going on.  I used you guys ma long time ago on a different computer and you were great!  Hopefully it is okay to come back.  And while the topic is not technical it says it all.  Seems like most of the problems come and go, but not updating malware bytes and sophos, preventing printing of email, most videos not playing regardless of website and my internet access is being blocked at times, displaying exclamation point and and saying no internet access when I am using it on other devices.  Any help would be appreciated and I have attched the logs.

 

Thanks so much for your consideration!

 

Greg

Attached Files



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:25 AM

Posted 06 December 2017 - 09:36 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove these programs in bold via the Control Panel > Programs > Programs and Features.
Cash Back Assistant (HKU\S-1-5-21-2471097063-1945811626-1650287918-1001\...\{644CF48B-61FE-43E4-8B2E-7EAE916B49C4}_is1) (Version: 2017.4.8.2 - Capital Intellect, Inc.)
InstallConverter (HKLM-x32\...\InstallConverter) (Version: 1.0 - InstallConverter)
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

(TechGuy, Inc.) C:\Users\Chuck\Downloads\SysInfo.exe
(TechGuy, Inc.) C:\Users\Chuck\Downloads\SysInfo.exe
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2471097063-1945811626-1650287918-1001\...\Run: [CVHP] => C:\Users\Chuck\AppData\Local\Programs\CouponViewer\Add-On\2017.4.8.2\CVHP.exe [500360 2017-09-13] (Capital Intellect, Inc.)
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Plugin HKU\S-1-5-21-2471097063-1945811626-1650287918-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
Task: {161C1DCA-D65F-4B2A-979D-9CD8988B9BAC} - System32\Tasks\{EDF1FD36-5B72-41A3-8E8E-2473A0D90E19} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.40.0.103/en/abandoninstall?page=tsMain
Task: {664DDD7E-B0BD-4D1A-9B41-AE07E32C0762} - System32\Tasks\{E35EE944-5E0C-4B41-B057-4833DEA024B8} => C:\windows\system32\pcalua.exe -a F:\Fix\HijackThis.exe -d F:\Fix
Task: C:\windows\Tasks\CouponViewer Toolbar.job => C:\Users\Chuck\AppData\Local\Programs\CouponViewer\Add-On\2017.4.8.2\CVHP.exe
C:|Windows\System32\Tasks\{EDF1FD36-5B72-41A3-8E8E-2473A0D90E19}
C:\Users\Chuck\Downloads\SysInfo.exe
C:\Users\Chuck\AppData\Local\Programs\CouponViewer\Add-On\2017.4.8.2

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
---

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

You can manually check your present version and update as recommended. (You need to check with Internet Explorer) <- Important.
https://www.java.com/en/download/installed.jsp

Be careful not to install malware posing as Java update!
Important read this blog.
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-poses-as-an-update-for-java-0-day-fix/

Quoted from the page.
"In light of the recent events surrounding Java, users must seriously consider their use of Java. Do they really need it? If yes, make sure that users follow the steps we recommended and get the security update directly from the official oracle website." at:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

How to disable Java in your browsers
http://www.infoworld.com/t/web-browsers/how-disable-java-in-your-browsers-210882

If still present after the update you can remove the old versions of Java via the Control Panel > Programs > Programs and Features.

or

If still present after these updates remove these old version(s) via the Control Panel > Programs > Programs and Features.
Java 8 Update 5 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
===

Please let me know what problem persists with this computer.

#3 gpotts1636

gpotts1636
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 06 December 2017 - 02:09 PM

Thank you for helping!  Current status is that I removed the two programs you identified and ran fixlist.  The fixlog is attached here. 

 

I have hit a roadblock with Java.  I followed the link you provided

 

In following the directions in the article on disabling Java, it instructs to find Java via the windows control panel and click on it and find the current version.  I am running Windows 7 and when I use control panel the only way I can see where a list of programs is presented is with the uninstall function, clicking on the Java link would uninstall Java not open the program.  Instead, I went through the start menu under programs and opened the link for Java.  In reviewing it presents that I have Java Version 8 Update 73 (build 1.8.0_73-b02).  Per the article I disabled the Java in the Java control panel.  The article referenced an older version of Java so I turned to the "or" part of the instructions.

 

-or-

 

I first selected Java Update 5 to uninstall and got an error message saying the module could not be found.  Should I just delete these files instead of uninstalling?  If I delete these two files, the only ones I found on my computer, does this delete Java from my computer?  From reading the recommended articles seems I should just delete and live without.  Is there any reason I would need it?

 

Thanks again for your help, your consideration is appreciated!

 

Greg

 

 

 

 

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:25 AM

Posted 07 December 2017 - 07:39 AM

Hi,

Java is required by some programs only. It's OK to delete the folders associated with it.
If ever a program you used needs it you will be prompted to install it. It's your call.

Any remaining issues?

#5 gpotts1636

gpotts1636
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 07 December 2017 - 11:03 AM

I removed the two java files.  On both deletes got error msg saying file could not be found, but when I went back to Windows Explorer and Control Panel the files no longer show up.  The only other problem that I see is the Internet Explorer is still freezing up when I open it. 

 

Thank you for your help!



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:25 AM

Posted 07 December 2017 - 02:10 PM

Hi,
 

The only other problem that I see is the Internet Explorer is still freezing up when I open it.


Follow some of the recommendations on this page.

http://www.thewindowsclub.com/repair-internet-explorer

Deep me posted on the results.

p.s.
Do not install any of the Windows 10 drivers.

#7 gpotts1636

gpotts1636
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 08 December 2017 - 11:11 AM

Following the instructions I attempted to do the Windows Update and it blocks me from doing so, with the following message.  I have tried restarting several times.

 

"Windows Update cannot currently check for updates, because the service is running.  you may need to restart your computer."



#8 gpotts1636

gpotts1636
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:25 AM

Posted 08 December 2017 - 11:26 AM

Excuse my typo:  "...because the service is not running."



#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:25 AM

Posted 08 December 2017 - 01:52 PM



Hi,

Try the suggested fixes on this page.

https://answers.microsoft.com/en-us/windows/forum/all/windows-update-service-is-not-running-even-when-i/7100a1c6-6113-4217-852a-03a9674b1b71?auth=1

===

Let me know of any error messages if not successful.

#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,955 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:25 AM

Posted 14 December 2017 - 07:33 AM

Are you still with me?

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users