My husband’s computer has started really giving him problems. He is getting constant notifications from AVAST of threats, even when IE is not open. Computer running very, very slow and keeps freezing up. I tried running Malwarebytes and found several PUPS which I cleaned and hoped that would take care of things, but it didn’t. Found this site and have tried to do what it said to do. Am attaching new Malwarebytes log and FRST log and addition. Have tried to run aswMBR.exe, but it has been scanning the Temporary Internet files for over an hour - worried that was not normal, so am posting what I have.
Could you let me know how the computer is after this
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
HKU\S-1-5-21-1731450356-882550384-3352479838-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks! SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {85A78607-08E6-45B2-B40E-CB2746BDD490} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File CustomCLSID: HKU\S-1-5-21-1731450356-882550384-3352479838-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks? EmptyTemp: CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Download and run farbar service scanner
https://dl.dropboxusercontent.com/u/73555776/fssscan.JPG
Tick “All” options.
Press “Scan”.
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.
Thank you - things are already running much faster. Here are the logs.
Are you experiencing any other problems at all ?
Not that I’m noticing. Moved around a bit on the internet, opened a few files on my hard drive - everything seems to be working smoothly. Thank you so much for your help! My hubby will think I’m a miracle worker - LOL!
Subject to no further problems
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Remove tools
Download and run Delfix
https://dl.dropboxusercontent.com/u/73555776/delfix.JPG
: Keep Java Updated :
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
CryptoPrevent install this programme to lock down and prevent crypto ransome ware
https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG
Update and run weekly to keep your system clean
Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe
I downloaded all of the suggested programs. However, I went to the Control Panel to disable Java as instructed, but there is no file titled Java. Does this mean that Java is not on his machine?
You are showing this version : Java 7 Update 25
If you cannot find it then download and run this small programme (you can delete it once done)
https://singularlabs.com/download/10306/
Select the Remove JRE option
Great! Thank you for all of your help. I will monitor his computer for the next day and let you know if anything acts weird.
My pleasure