Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

IE Crashing, random redirects and frozen screens [Solved]


  • This topic is locked This topic is locked
42 replies to this topic

#31 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 21 August 2014 - 07:45 PM

OK. Delete what you've just downloaded. Visit this website. Click the blue Run ESET Online Scanner, and follow the prompts (as instructed above). 

 

Let me know how you get on. If you're still having issues with the scan, we'll try a different one.


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

    Advertisements

Register to Remove


#32 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 21 August 2014 - 08:03 PM

I'll be heading off for the night now, Gavin. I assume you've managed to get the scan up and running. If not, please let me know now so I can provide alternative instructions before I switch off.


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#33 MacFhearguis

MacFhearguis

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 21 August 2014 - 10:15 PM

No threats were found using Eset and no log was generated.


Edited by MacFhearguis, 21 August 2014 - 10:17 PM.


#34 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 August 2014 - 06:00 AM

Hi Gavin,
 

No threats were found using Eset and no log was generated.

Excellent. 
 
Here are the links in case you're interested in downloading and installing Chrome or Firefox. Any IE browser data can be imported into either browser. Chrome and Firefox are both considered securer and faster.

Lets update/remove vulnerable software from your computer. 
 
STEP 1
xCXrghb6.png.pagespeed.ic.GoiQhwxA2B.png Update Outdated Software

Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below.

STEP 2
xEtQetiM.png.pagespeed.ic.6601abWTTy.jpg Remove Outdated Software

  • Press the Windows Key xpdKOQKY.png.pagespeed.ic.tmAgS1-k6q.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall one at a time.
    • Adobe Reader X (10.1.11)
    • Adobe Shockwave Player 11.5 
  • Follow the prompts and reboot if necessary.
     

STEP 3
xzANS9oB.png.pagespeed.ic.nXxwTg2de3.png Disable Java in Your Browser
Due to frequent exploits we recommend you disable Java in your browser. For information on Java vulnerabilities, please read the following article (point #7).

  • Click the Windows Start Button x29Fou9c.jpg.pagespeed.ic.BYzVp8c_Mk.jpg and type Java Control Panel (or javacpl) in the search bar. 
  • Click on the Java Control Panel. Once opened, click the Security tab.
  • Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser. 
  • Click Apply. When the Windows User Account Control (UAC) xAVOiBNU.jpg.pagespeed.ic.H5HC6LkiJX.jpg appears, allow permissions to make the changes. 
  • Click OK in the Java Plug-in confirmation window.
  • Restart your browser(s) for changes to take effect.
  • More information can be found here and here.
     

STEP 4
oxliOQk.png.pagespeed.ce.C25V2YBM3k.png Security Check

  • Please download SecurityCheck and save the file to your Desktop.
  • Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.
  • A log (checkup.txt) will automatically open on your desktop.
  • Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 5
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • checkup.txt
  • How is your computer performing? Any outstanding issues?

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#35 MacFhearguis

MacFhearguis

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 22 August 2014 - 08:14 AM

The only issue I ran in to is that Adobe Reader would not install. I tried several times and this is the error that I got:

Error 1301. Error writing to file C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AGM.dll. Verify that you have access to that directory.
 

Also, Adobe Reader did not appear on the uninstall screen.

 

Here is the log:
 Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Webroot SecureAnywhere  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0   
 Java 7 Update 67 
 Adobe Flash Player 14.0.0.145 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
 windows defender MpCmdRun.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````

 


 



#36 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 August 2014 - 08:43 AM

Hi Gavin, 
 
Can you check if you can see Adobe Reader in Revo please? Let me know if you can. 
 
If not, please download and run the Acrobat/Reader Cleaner. Once Adobe Reader has been removed, please visit the Adobe Reader download link (in my previous post) and install the software (if you still want the programme).


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#37 MacFhearguis

MacFhearguis

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 22 August 2014 - 09:43 AM

Adobe Reader did not show up in Revo. I used the AR Cleaner for 10.x and later versions.

 

I then followed the previous instructions, and the install went to 94% complete and failed with this error:

 

Error 1310. Error writing to file: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\multimedia.api. Verify that you have access to that directory.

 



#38 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 August 2014 - 10:14 AM

It doesn't look like it wants to cooperate. Lets try the following.

  • Go to the download page again, and download the update file.
  • This time, save the file to your Desktop.
  • Right-click the file and click Run as administrator
  • See if the programme successfully updates. 
  • If not, please try GrantPerms below. 
     

2clB88W.png.pagespeed.ce.1fiOo5GFrK.png GrantPerms

  • Please download GrantPerms (x64) and save the file to your desktop.
  • Unzip the file and launch the programme. 
  • Copy the entire contents of the codebox below and paste into the textfield.
    • C:\Program Files (x86)\Adobe\Reader 11.0
  • Click Unlock. When it is done click OK.
  • Click List Permissions.
  • A log (Perms.txt) will be created on your desktopCopy the contents of the log and paste in your next reply.
  • Attempt the update, and let me know.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#39 MacFhearguis

MacFhearguis

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 22 August 2014 - 10:30 AM

After running the GrantPerms, the install worked.

 

Here is the log:
 

GrantPerms by Farbar
Ran by Owner (administrator) at 2014-08-22 09:25:34

===============================================
ERROR: Parsing the SD of <?C:\Program Files (x86)\Adobe\Reader 11.0> failed with: The filename, directory name, or volume label syntax is incorrect.

Operating system error message: The filename, directory name, or volume label syntax is incorrect.

================ End Of List ================


 



#40 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 August 2014 - 10:44 AM

Hi Gavin, 
 
I believe that was coincidental, as the operation didn't seem to work. Either way, the issue (most likely a corrupt installation) appears to be resolved. 
 
STEP 1
xAFZxnZc.jpg.pagespeed.ic.8db6OVtjOI.png DelFix

  • Please download DelFix and save the file to your Desktop.
  • Double-click DelFix.exe to run the programme.
  • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Create system restore
    • Reset system settings
  • Click the Run button.

-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
 
--- Malwarebytes Anti-Malware will still be present on your computer. I recommend keeping this programme, updating and scanning with it once a week to maintain security on your computer. If you do not wish to keep this programme on your computer, you can uninstall it by pressing the Windows Key xpdKOQKY.png.pagespeed.ic.tmAgS1-k6q.png + r on your keyboard at the same time, typing appwiz.cpl, clicking OK and searching for Malwarebytes.
 
======================================================
 
All Clean!
Congratulations, your computer appears clean!  xthumbup.gif.pagespeed.ic.7aXFW0A4z_.png
I no longer see signs of malware on your computer, and feel satisfied that our work here is done. Below I have compiled a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet.

The following security/maintenance programmes come highly recommended in the security community.

  • 16x16xKsUqI5A.png.pagespeed.ic.vn1Hlvqi8 AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
  • 16x16x7D2ig3K.png.pagespeed.ic.x4TC1AK8O Emsisoft Antimalware (free) acts as an additional on-demand scanner, and can be used in conjunction with your Anti-Virus. 
  • xEG85Vjt.png.pagespeed.ic.3itacBrobj.jpg Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
  • 16x16x6YRrgUC.png.pagespeed.ic.HjgFxjvw2 Malwarebytes Anti-Malware Premium (MBAM) incorporates real-time protection and is designed to run alongside your Anti-Virus. 
  • 16x16xjv4nhMJ.png.pagespeed.ic.A5YbWn1eD NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology. 
  • 3O8r9Uq.png.pagespeed.ce.0ubSznu3ZV.png Sandboxie isolates programmes of your choice, preventing files from writing to your HDD unless you approve the file. 
  • DgW1XL2.png.pagespeed.ce.v1OlJl_ZAS.png Secuina PSI will scan your computer for vulnerable software that is outdatedand automatically find the latest update for you.
  • 16x16xj1OLIec.png.pagespeed.ic.k6hhwopU0 SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
  • 16x16xsHjS79L.png.pagespeed.ic.n4Sk8_GzZ Unchecky automatically removes checkmarks for additional software in programme installers, helping you avoid adware and PUPs. 
  • 16x16xJEP5iWI.png.pagespeed.ic.4tmM1lM7D Web of Trust (WOT) is a browser add-on designed to alert the user before interacting with a potentially malicious website. 
     

Wary of a particular file/website? Need a second opinion? Scan the file/URL using these free online scanner services:

-- Please feel free to ask if you have any questions or concerns on computer security or the programmes above.
 
======================================================
 
Please confirm you have no outstanding issues, and are happy with the state of your computer. Once I have confirmation things are in order, we can wrap things up and I will close this thread. 
 
Thank you for using WhatTheTech.
 
Safe Surfing.  xthumbup.gif.pagespeed.ic.7aXFW0A4z_.png
Adam (LiquidTension).


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

    Advertisements

Register to Remove


#41 MacFhearguis

MacFhearguis

    Authentic Member

  • Authentic Member
  • PipPip
  • 27 posts

Posted 22 August 2014 - 11:43 AM

The computer is running fine now, and I will look at the security links to see what else I need to do to further protect my system.

 

Once DelFix was run, I still have TweakingRegistryBackup, GrantPerms, regfix.reg, and Revo on my Desktop. Should these remain?

 

Thank you for all the help on this.



#42 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 August 2014 - 12:08 PM

Hi Gavin, 
 
You can manually delete GrantPerms and regfix.reg (right-click + delete). I suggest keeping TweakingRegistryBackup and Revo - you may find they come in handy in the future. If not, the programmes can be uninstalled by pressing the Windows Key pdKOQKY.png + r on your keyboard at the same time, typing appwiz.cpl, clicking OK and searching for the programmes. 
 

Thank you for all the help on this.

You are more than welcome. :) I will close this thread now. Should you discover any additional problems please be sure to send me a message.


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#43 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 22 August 2014 - 12:09 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users