Solved Am I infected?
- Thread starter Mac14
- Start date
Broni
Posts: 56,041 +516
You may have some other issues which are causing the slowness....video card, overheating, etc but for that you'll have to create new topic in Windows forum.
Here.....
Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus
NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.
Update your Java version here: https://www.techspot.com/downloads/6463-java-se.html
Alternate download: http://www.java.com/en/download/manual.jsp
Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.
Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
=================================================
Your computer is clean
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
12. Please, let me know, how your computer is doing.
Here.....
Make sure you UN-check Yes, install McAfee Security Scan Plus
NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.
Alternate download: http://www.java.com/en/download/manual.jsp
Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.
Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.
=================================================
Your computer is clean
1. This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download
Double-click Delfix.exe to start the tool.
Make sure the following items are checked:
- Activate UAC (optional; some users prefer to keep it off)
- Remove disinfection tools
- Create registry backup
- Purge System Restore
- Reset system settings
Once finished a logfile will be created. You don't have to attach it to your next reply.
2. Make sure Windows Updates are current.
3. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")
5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.
6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.
7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly (you need to redownload these tools since they were removed by DelFix).
8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.
9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.
10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.
11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs) which change your browser settings: http://www.bleepingcomputer.com/for...curity-questions-best-practices/#entry3187642
12. Please, let me know, how your computer is doing.
Mac14
Posts: 31 +0
I have updated Java from 7.55 to 8.25.
When I go to Start > Control Panel > Java > Advanced > Miscellaneous the is no item for Java Quick Starter. The only options under miscellaneous are
[] Place Java icon in system tray
[] Suppress sponsor offers when updating or installing Java
How do I proceed if, as you suggest, I don't want to run another extra service please?
When I go to Start > Control Panel > Java > Advanced > Miscellaneous the is no item for Java Quick Starter. The only options under miscellaneous are
[] Place Java icon in system tray
[] Suppress sponsor offers when updating or installing Java
How do I proceed if, as you suggest, I don't want to run another extra service please?
Mac14
Posts: 31 +0
Thank-you for that information Broni.
I have assumed that I should go through your steps above in the exact sequence you have listed them and have got to:
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")
I have used https://browsercheck.qualys.com/ and it listed four items and advised just one of them to be fixed, viz Adobe Acrobat 11.0.8 was an insecure version. I clicked on "Fix It" and followed the process and ran AdbeRdrUpd10113.msp. Ultimately a "windows Installer" window advised,
"The upgrade patch cannot be installed by the Windows Installer service because the program may be upgraded or missing, or the upgrade patch may update a different version of the program. Verify that the program to be upgraded exists on your computer and that you have the correct upgrade patch."
In Control Panel > Programs and Features, the following are listed:
Acrobat.com
Adobe AIR
Adobe Flash Player 16 Active X
Adobe Reader XI (11.0.08)
As per your upgrade step(s), earlier today I uninstalled "Adobe Flash Player 13 Active X" and "Adobe Flash Player 14 Plugin" and installed "Flash Player 16 Active X".
How should I resolve Qualys BrowserCheck's identification of Adobe Acrobat 11.0.8 being an insecure version please?
I have assumed that I should go through your steps above in the exact sequence you have listed them and have got to:
4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Scan without installing plugin" and then on "Scan now")
I have used https://browsercheck.qualys.com/ and it listed four items and advised just one of them to be fixed, viz Adobe Acrobat 11.0.8 was an insecure version. I clicked on "Fix It" and followed the process and ran AdbeRdrUpd10113.msp. Ultimately a "windows Installer" window advised,
"The upgrade patch cannot be installed by the Windows Installer service because the program may be upgraded or missing, or the upgrade patch may update a different version of the program. Verify that the program to be upgraded exists on your computer and that you have the correct upgrade patch."
In Control Panel > Programs and Features, the following are listed:
Acrobat.com
Adobe AIR
Adobe Flash Player 16 Active X
Adobe Reader XI (11.0.08)
As per your upgrade step(s), earlier today I uninstalled "Adobe Flash Player 13 Active X" and "Adobe Flash Player 14 Plugin" and installed "Flash Player 16 Active X".
How should I resolve Qualys BrowserCheck's identification of Adobe Acrobat 11.0.8 being an insecure version please?
Broni
Posts: 56,041 +516
It looks like 11.0.10 is the latest version.
Get it here: http://get.adobe.com/reader/
Make sure to uncheck "Yes, install the free McAfee Security Scan Plus"
Get it here: http://get.adobe.com/reader/
Make sure to uncheck "Yes, install the free McAfee Security Scan Plus"
Mac14
Posts: 31 +0
Thanks Broni,
When I use that link in Chrome, absolutely nothing loads.
When I use that link in Internet Explorer, the page shows the version to be downloaded is Version X (10.1.4) and it has optional offers to (a) install Google Chrome as my default browser,and (b) install Google Toolbar for Internet Explorer, yet nothing for McAfee.
Is that the right download??
When I use that link in Chrome, absolutely nothing loads.
When I use that link in Internet Explorer, the page shows the version to be downloaded is Version X (10.1.4) and it has optional offers to (a) install Google Chrome as my default browser,and (b) install Google Toolbar for Internet Explorer, yet nothing for McAfee.
Is that the right download??
Mac14
Posts: 31 +0
Now I'm even more confused! ;-)
Control panel seems to tell me I've currently got 11.0.8. Where have I misunderstood that please? Do I have the wrong type for my OS?
https://browsercheck.qualys.com/ says even 11.0.8 is insecure.
Thanking you in advance again for your kind patience and understanding.
Control panel seems to tell me I've currently got 11.0.8. Where have I misunderstood that please? Do I have the wrong type for my OS?
https://browsercheck.qualys.com/ says even 11.0.8 is insecure.
Thanking you in advance again for your kind patience and understanding.
Broni
Posts: 56,041 +516
I'm not sure what's going on.
If you go here: http://get.adobe.com/reader/otherversions/ 10.1.4 is the latest for Vista.
If you go here: http://get.adobe.com/reader/otherversions/ 10.1.4 is the latest for Vista.
Mac14
Posts: 31 +0
I understand what you're saying. It's my PC I don't understand! ;-)
When I open Adobe Reader directly, it's definitely Adobe Reader XI 11.0.08. From within there if I click on Check For Updates it says no updates are available.
Does this oddity account for anything and what should I do please?
When I open Adobe Reader directly, it's definitely Adobe Reader XI 11.0.08. From within there if I click on Check For Updates it says no updates are available.
Does this oddity account for anything and what should I do please?
Mac14
Posts: 31 +0
OK Broni, thank-you for your advice to leave Adobe Reader as-is.
I have my Chrome browser set to open to four favourite tabs and to run on start-up. Now on start-up it opens the browser, and the four tabs, but they don't load the pages. Instead I get a message window entitled "Pages(s) Unresponsive" saying "The following page(s) have become unresponsive. You can wait for them to become responsive or kill them". Then there is a box to list the pages but in my case it just has one bullet point, "Untitled". At the bottom of this message window there are then two buttons, [Kill pages] and [Wait] but neither seem to respond when I click them. Instead I have to close the browser completely and open it again, whereupon the pages load fine.
Also when the browser is running, and just as before, sometimes a page will seem to have loaded but still shows in the tab as loading, sometimes this techspot.com/community site is a good example - when the bar at the bottom of the browser says it is "waiting for ping.chartbeat.net" or "waiting for api.vglink.com" (perhaps in-turn waiting for some script to run, maybe on that page or maybe on another chrome tab page).
Are these likely symptoms of some adware or similar running in the background?
As always, I'd be most grateful for any prognosis please?
I have my Chrome browser set to open to four favourite tabs and to run on start-up. Now on start-up it opens the browser, and the four tabs, but they don't load the pages. Instead I get a message window entitled "Pages(s) Unresponsive" saying "The following page(s) have become unresponsive. You can wait for them to become responsive or kill them". Then there is a box to list the pages but in my case it just has one bullet point, "Untitled". At the bottom of this message window there are then two buttons, [Kill pages] and [Wait] but neither seem to respond when I click them. Instead I have to close the browser completely and open it again, whereupon the pages load fine.
Also when the browser is running, and just as before, sometimes a page will seem to have loaded but still shows in the tab as loading, sometimes this techspot.com/community site is a good example - when the bar at the bottom of the browser says it is "waiting for ping.chartbeat.net" or "waiting for api.vglink.com" (perhaps in-turn waiting for some script to run, maybe on that page or maybe on another chrome tab page).
Are these likely symptoms of some adware or similar running in the background?
As always, I'd be most grateful for any prognosis please?
Broni
Posts: 56,041 +516
Judging from Google search it looks like Chrome issue.
Your computer is definitely clean.
Reset Chrome...
Click on "Customize and control Google Chrome":
Click "Settings" then "Show advanced settings" at the bottom of the screen.
Click "Reset browser settings" button.
Restart Chrome.
If the above didn't help....
Reinstall Chrome...
If you want to save your bookmarks...
How to Backup Bookmarks in Google Chrome
If you want to save your passwords as well see here: http://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/
Your computer is definitely clean.
Reset Chrome...
Click on "Customize and control Google Chrome":
Click "Settings" then "Show advanced settings" at the bottom of the screen.
Click "Reset browser settings" button.
Restart Chrome.
If the above didn't help....
Reinstall Chrome...
If you want to save your bookmarks...
How to Backup Bookmarks in Google Chrome
If you want to save your passwords as well see here: http://www.intowindows.com/how-to-backup-saved-passwords-in-google-chrome-browser/
- Close all Chrome windows and tabs.
- Go to the Start menu > Control Panel. (Windows 8 users: Learn how to access the Control Panel)
- Click Programs and Features.
- Double-click Google Chrome.
- Click Uninstall from the confirmation dialog. Delete your user profile information, like your browser preferences, bookmarks, and history, by selecting the "Also delete your browsing data" checkbox.
Mac14
Posts: 31 +0
Many thanks Broni, I tried a Chrome "Reset browser settings" earlier this month and it didn't seem to make any difference. Therefore, I think I'll need to reinstall Chrome. Your tips are, as always, exceedingly helpful and I have now backed-up my bookmarks and copied my passwords (to somewhere safe). What is the best address from which to install Chrome from scratch please?
Just before I do, though, I've noticed more about my Adobe Reader version. Lately, in Chrome, whenever I click on a web page to open a pdf file Chrome advises, "Adobe Reader blocked because it was out of date" and offers two options, [update plug-in] and [Run this time]. I had got into the habit of simply clicking [Run this time] and I was happy with that. However, now more curious, today when it next happened I instead clicked on [update plug-in] which led get.adobe.com/uk/reader/ offering version x 10.1.4 and the (dreaded) "McAfee Security Scan Plus" offer you mentioned.
I know you previously said leave Adobe Reader as-is, but in the light of my additional information above, and If I'm going to reinstall Chrome, should I actually sort out the Adobe Reader version first? If so, is 'updating' it from Chrome as per my previous paragraph the way to go or is there a better way (maybe completely removing it first)?
Just before I do, though, I've noticed more about my Adobe Reader version. Lately, in Chrome, whenever I click on a web page to open a pdf file Chrome advises, "Adobe Reader blocked because it was out of date" and offers two options, [update plug-in] and [Run this time]. I had got into the habit of simply clicking [Run this time] and I was happy with that. However, now more curious, today when it next happened I instead clicked on [update plug-in] which led get.adobe.com/uk/reader/ offering version x 10.1.4 and the (dreaded) "McAfee Security Scan Plus" offer you mentioned.
I know you previously said leave Adobe Reader as-is, but in the light of my additional information above, and If I'm going to reinstall Chrome, should I actually sort out the Adobe Reader version first? If so, is 'updating' it from Chrome as per my previous paragraph the way to go or is there a better way (maybe completely removing it first)?
Broni
Posts: 56,041 +516
Download Chrome from here: https://www.google.com/chrome/browser/desktop/
Get Adobe Reader from the source: http://get.adobe.com/uk/reader/?PID=6146978
Get Adobe Reader from the source: http://get.adobe.com/uk/reader/?PID=6146978
Mac14
Posts: 31 +0
Both.
Should I manually remove the incumbent version of Chrome through Windows control panel, or reinstall/update it some other way?
Should I manually remove the incumbent version of Adobe Reader through control panel or reinstall/update to correct, lower version some other way?
Does it matter in which sequence I do this, I.e. Chrome or Adobe Reader first?
What is the best sequence of (re)installation please (for Chrome and Adobe Reader), I.e. which first?
Many thanks.
Should I manually remove the incumbent version of Chrome through Windows control panel, or reinstall/update it some other way?
Should I manually remove the incumbent version of Adobe Reader through control panel or reinstall/update to correct, lower version some other way?
Does it matter in which sequence I do this, I.e. Chrome or Adobe Reader first?
What is the best sequence of (re)installation please (for Chrome and Adobe Reader), I.e. which first?
Many thanks.
Mac14
Posts: 31 +0
I removed Adobe Reader first and replaced it with the version X 10.1.4 OK.
I then opened-up Chrome again (just to sort out a couple of things before removing Chrome) and still Chrome advised, "Adobe Reader blocked because it was out of date"!
I have just re-installed Chrome and it's probably one of the quickest and easiest programme to install. I'm glad I saved my bookmarks in html format because that saved a lot of time!
I just need to use Chrome a bit now to see if it seems to run any better.
So far so good, although even when a page seems to me to be completely loaded the Chrome tab indicator says it's still loading (something) and if I hover my mouse pointer at the bottom of the window I can see it running through all sorts of things to load, e.g. on this techspot page it says, waiting for adserver, waiting for googleads etc.
Streaming simple low-quality audio on one tab using the BBC Radio Player can still causes terrible delays, and stuttering, when loading another page. I've had to turn that off to see how Chrome runs without it. A different stream, e.g. Beat Blender, doesn't seem so bad and doesn't stutter but can cause delays in typing (elsewhere) in the browser. Is this sort of thing usual or symptomatic of anything specific please?
As you kindly instructed, I selected "Also delete your browsing data" when uninstalling the previous Chrome. However, when I now go to some (favourite) pages that require a log-on those pages remember my username and password. How can that happen please?
Completely unconnected with its performance, the laptop and I will be temporarily separated for the next couple of weeks or so and therefore, unfortunately, I will be temporarily unable to report/act on its performance during that time.
I then opened-up Chrome again (just to sort out a couple of things before removing Chrome) and still Chrome advised, "Adobe Reader blocked because it was out of date"!
I have just re-installed Chrome and it's probably one of the quickest and easiest programme to install. I'm glad I saved my bookmarks in html format because that saved a lot of time!
I just need to use Chrome a bit now to see if it seems to run any better.
So far so good, although even when a page seems to me to be completely loaded the Chrome tab indicator says it's still loading (something) and if I hover my mouse pointer at the bottom of the window I can see it running through all sorts of things to load, e.g. on this techspot page it says, waiting for adserver, waiting for googleads etc.
Streaming simple low-quality audio on one tab using the BBC Radio Player can still causes terrible delays, and stuttering, when loading another page. I've had to turn that off to see how Chrome runs without it. A different stream, e.g. Beat Blender, doesn't seem so bad and doesn't stutter but can cause delays in typing (elsewhere) in the browser. Is this sort of thing usual or symptomatic of anything specific please?
As you kindly instructed, I selected "Also delete your browsing data" when uninstalling the previous Chrome. However, when I now go to some (favourite) pages that require a log-on those pages remember my username and password. How can that happen please?
Completely unconnected with its performance, the laptop and I will be temporarily separated for the next couple of weeks or so and therefore, unfortunately, I will be temporarily unable to report/act on its performance during that time.
