I have contracted a Virus that shows many Ads

Page 16 of 17 FirstFirst ... 614151617 LastLast

  1. Posts : 174
    Windows 10 Version 1709 as of 01-21-218
    Thread Starter
       #151

    For @simrick & @lx07

    It's 11:20 am EST. I just completed the two assignments for this morning and, you'll be happy to hear, they both worked.

    Disabling the file:
    Yes Task Plugin Bus Microsoft Corporation C:\WINDOWS\system32\rundll32.exe "C:\Users\User\AppData\Local\Plugin Bus\xBin\PluginBus.dll",#3
    in CCleaner > Scheduled Tasks was effective in disappearing the DLL Error message on Reboot;

    and by adding a file to the Registry, Defender was reactivated. I used Option 2 because I likely have the Home Version.

    I'll run a full Scan with Defender now.

    On another matter: I received a notification both yesterday and this morning that "Adobe Acrobat Reader DC" was available for Download. I think this is the one that started my problems back on November 9.

    At this point, it looks like everything is "ship-shape." I am, of course, greatly indebted to the bloggers at Windows Ten Forums, and I'll try to be more careful about what I click on in the future. If I have any more problems or concerns with Windows 10, I'll know where I can go for support.

    Thanks a million, guys!
      My Computer


  2. Posts : 16,325
    W10Prox64
       #152

    Writer said:
    For @simrick & @lx07

    It's 11:20 am EST. I just completed the two assignments for this morning and, you'll be happy to hear, they both worked.
    HURRAH!!

    Writer said:
    Disabling the file: in CCleaner > Scheduled Tasks was effective in disappearing the DLL Error message on Reboot;

    and by adding a file to the Registry, Defender was reactivated. I used Option 2 because I likely have the Home Version.
    Excellent news! Another malware infestation fully recovered!!

    Writer said:
    I'll run a full Scan with Defender now.
    Excellent. I would recommend, when your free trial of Malwarebytes Anti-malware is finished, that you seriously consider purchasing that program. MBAM Pro + Defender is a good defense, and with the Anit-Exploit+CryptoPrevent+ Firefox with security tweaks, you should be in a very safe environment. BUT, user awareness is always the key!

    Writer said:
    On another matter: I received a notification both yesterday and this morning that "Adobe Acrobat Reader DC" was available for Download. I think this is the one that started my problems back on November 9.
    Here's how you proceed:
    Open Ccleaner, and go to uninstall programs. Select Adobe Reader and uninstall it. Reboot the system, and go here for the download:

    Adobe Acrobat Reader DC Install for all versions

    Be sure to UNCHECK the optional offer in the middle section of the page.

    Writer said:
    At this point, it looks like everything is "ship-shape." I am, of course, greatly indebted to the bloggers at Windows Ten Forums, and I'll try to be more careful about what I click on in the future. If I have any more problems or concerns with Windows 10, I'll know where I can go for support.

    Thanks a million, guys!
    You are quite welcome! So glad we got everything sorted! That was a really good one! Now you are the malware fighter and I can retire.

    p.s. in the future, infections must be dealt with immediately, before they spiral out of control....
      My Computer


  3. Posts : 174
    Windows 10 Version 1709 as of 01-21-218
    Thread Starter
       #153

    For @simrick and @lx07

    This is a follow-up that I'm sure will interest you:

    The Defender Full-Scan finished; I was surprised at the results:
    658,530 items were scanned.

    It found two severe threats:

    Trojan:Win32/startpage.xw

    Trojan:Win32/Varpes.J!plock
    The Alert Level was Severe
    Status: Succeeded

    Of course, I deleted the two threats immediately.

    Out of curiosity, I clicked on History: Two items were listed as Quarantined: The Alert Level was High:

    SoftwareBundler:Win32/InstallMonetizer 11-09-2015 4:36 pm

    SoftwareBundler:Win32/SBInstaller 11-09-2015 4:22 pm
    Category: Software Bundler

    Description: This program may install other potentially unwanted software.

    Recommended Action: Remove this software immediately.
    I deleted both of them.

    What is of note here is that I did not activate Defender on Nov. 9; I didn't know how. It must have detected a problem and automatically activated itself whereby it flagged the two Software Bundler files. This occurred just about two hours after the initial infection which occurred on November 9 at about 2:00 pm. This means that Defender was not immediately disabled by the viruses. It evidently took some time for the infection to become stronger as more malware was downloaded to my computer.

    I appears the Defender is very effective Anti-Virus software.
      My Computer


  4. Posts : 16,325
    W10Prox64
       #154

    Writer said:
    For @simrick and @lx07

    This is a follow-up that I'm sure will interest you:

    The Defender Full-Scan finished; I was surprised at the results:
    658,530 items were scanned.
    It found two severe threats:
    Trojan:Win32/startpage.xw
    Trojan:Win32/Varpes.J!plock
    The Alert Level was Severe
    Status: Succeeded

    Of course, I deleted the two threats immediately.

    Out of curiosity, I clicked on History: Two items were listed as Quarantined: The Alert Level was High:
    SoftwareBundler:Win32/InstallMonetizer 11-09-2015 4:36 pm

    SoftwareBundler:Win32/SBInstaller 11-09-2015 4:22 pm


    Category: Software Bundler

    Description: This program may install other potentially unwanted software.

    Recommended Action: Remove this software immediately.

    I deleted both of them.
    Yes, leftovers...you may find that for a little while, but nothing is active, and it could be that it even found them in a quarantine file (which renders them harmless). Good though, that we see Defender working properly!

    Writer said:
    What is of note here is that I did not activate Defender on Nov. 9; I didn't know how. It must have detected a problem and automatically activated itself whereby it flagged the two Software Bundler files. This occurred just about two hours after the initial infection which occurred on November 9 at about 2:00 pm. This means that Defender was not immediately disabled by the viruses. It evidently took some time for the infection to become stronger as more malware was downloaded to my computer.

    I appears the Defender is very effective Anti-Virus software.
    Well, interesting. You don't have to "activate" Defender, per se, as it should always be running in the background, and performing automatic scans without any interaction from you. So, Defender was doing its job, until something downloaded which turned it off using group policy commands. Having Malwarebytes Antimalware Pro running would prevent this from happening again.

    Almost all of the malware we removed was located in your hidden AppData folder. This is a typical location for malware. The CryptoPrevent program is designed to prevent malicious files from running in the AppData folder. Malwarebytes Anti-Exploit also watches for "suspicious behaviour" of questionable executables and prevents them from running, or at least asks you if something should really be allowed to run or not.

    Coupled with the security modifications added to the Firefox browser, this layered protection we put in place for you should be quite robust. However, there's always the possibility of user error. Clicking on a malicious download and telling the file to run/install, may send up flags now for you, but *you* have final say - and if you tell it to go ahead and install, the computer will do what you say, and install it.

    So, be careful opening emails and attachments, be sure of the source when downloading programs, always scan your downloads before opening them (right-click on the file and select Scan with Malwarebytes Antimalware), stay away from "toolbars", and never use torrent programs.

    Have fun with Windows 10!
      My Computer


  5. Posts : 131
    Windows 10
       #155

    After all you've gone thru now is the time to make a good restore point and a system image.
      My Computer


  6. Posts : 39,803
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition, Win 11 Pro
       #156

    Good suggestion. You can find the tutorial here on making a system image. Keep the images on a external HDD/FD that you don't have connected to the PC at all times. Keep several prior images archived in case you inadvertently make one with a virus.

    System Image - Create in Windows 10 - Windows 10 Forums

    A system image is an exact copy of a drive or partition which can be used to restore your PC to the state it was in at the time the image was made. By default, a system image only includes the drives that Windows requires to run, including Windows 10 itself, your system settings, programs, and files. You may also include any other drive in the image if you wish. When you restore your computer from a system image it is a complete restoration, you cannot choose individual items to restore and all of your current programs, system settings, and files are replaced with the contents of the system image.

    This tutorial will show you how to create a system image backup in Windows 10 to be able to use to restore the contents of your computer back to the state it was in when the system image was created if your hard drive fails or your computer ever encounters problems.
      My Computer


  7. Posts : 174
    Windows 10 Version 1709 as of 01-21-218
    Thread Starter
       #157

    For @Borg 386 and @KACI

    Thanks for the tips concerning creating another Restore Point and doing a System Image; I'll do both.
      My Computer


  8. Posts : 16,325
    W10Prox64
       #158

    Writer said:
    For @Borg 386 and @KACI

    Thanks for the tips concerning creating another Restore Point and doing a System Image; I'll do both.
    Good idea.
    And, when you're sure everything is working well, you can go ahead and delete all the quarantined items in Malwarebytes Antimalware and SuperAntiSpyware too.
      My Computer


  9. Posts : 174
    Windows 10 Version 1709 as of 01-21-218
    Thread Starter
       #159

    For @simrick

    There were about 30 or 40 quarantined files in Malwarebytes AM which I removed, and there were none in SuperAntiSpyware.

    Thanks for the rep, by the way. I'm probably the only guy who has ever gotten a rep for following instructions.
      My Computer


  10. Posts : 16,325
    W10Prox64
       #160

    Writer said:
    For @simrick

    There were about 30 or 40 quarantined files in Malwarebytes AM which I removed, and there were none in SuperAntiSpyware.
    Okay great! :)

    Writer said:
    Thanks for the rep, by the way. I'm probably the only guy who has ever gotten a rep for following instructions.
    Actually, no, you're not. You're the second person.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 22:58.
Find Us




Windows 10 Forums