Create an Account Login to Account

#16 sempai Posted 01 July 2011 - 10:30 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
Let's reset IE to the default settings, follow the instructions below please.

1. Restore Internet Explorer default settings.
• Open Internet Explorer
• Go to Tools > Internet Options
• Under "Reset Internet Explorer setting", click the Reset Tab.
• Put a check mark on Delete Personal Settings.
• Click Apply > OK.
Note: Putting a check mark on Delete Personal Settings will reset your "Home page, Search providers and Accelerators" to default setting.

2. Click Start > Run > copy-paste the bolded text below > press Enter. A text file will pop up, please post the contents of that file.

"C:\Qoobox\Add-Remove Programs.txt" > uninstall.txt& start uninstall.txt

• 0

#17 jhnb Posted 02 July 2011 - 08:10 AM

jhnb

Member

• Member
• 17 posts
ok, that seems to have ie back to normal now, thanks. here is the log:

3Connect
7-Zip 4.65
Agere Systems AC'97 Modem
AlphaZIP
Apple Application Support
Apple Software Update
avast! Free Antivirus
Conduit Engine
DivX Setup
DVDVideoSoft Toolbar
Evrsoft First Page 2006
Free Studio version 5.0.9
GIMP 2.6.8
Hitman Pro 3.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hotspot_Shield Toolbar
Intel® Extreme Graphics 2 Driver
Java Auto Updater
Java™ 6 Update 23
K-Meleon 1.5.4 en-US (remove only)
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Miro
Mozilla Firefox (3.6.17)
MSXML 4.0 SP2 (KB973688)
Nero Suite
NirSoft VideoCacheView
QuickTime
RealPlayer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Sophos Anti-Rootkit 1.5.4
SUPERAntiSpyware
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB978207)
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.0.1
WebFldrs XP
Windows Internet Explorer 8
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
ZTE_1.2059.0.8
• 0

#18 jhnb Posted 02 July 2011 - 08:27 AM

jhnb

Member

• Member
• 17 posts
i probably should have mentioned this before, although i don't think it's down to any malware, but my mbam isn't working properly. it won't update anymore and it won't uninstall either so i am unable to do much about it. when the virus first started causing problems again it wouldn't enable it to get online and i couldn't update so i went into town with a flash and DLed mbam onto the flash and then tried to transfer it onto my system. this didn't seem to work as i'd hoped and i have had this problem ever since. do you know any other way i could remove it, it has been a pretty handy program in the past so i would like to keep a working copy if possible.

when i try to remove it, whether through the mbam uninstall or through add/remove i just get a box appear saying:

Runtime Error (at -1:0):

Cannot Import dll:F:\mbam\Malwarebytes' Anti-Malware\mbam.dll

Edited by jhnb, 02 July 2011 - 08:28 AM.

• 0

#19 sempai Posted 02 July 2011 - 09:03 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
You can try the free version of Revo Uninstaller to remove MBAM.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

• Please go here to run the scan.

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close, but make sure you copy the logfile first.
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
• 0

#20 jhnb Posted 03 July 2011 - 09:34 AM

jhnb

Member

• Member
• 17 posts
the eset scanner found 4 infections, here's the log:

all ok
Can not read file from internet.esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
esets_scanner_update returned -1 esets_gle=1
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-06-04 12:56:47
# local_time=2011-06-04 10:56:47 (+1000, AUS Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 36869388 36869388 0 0
# compatibility_mode=1024 16777215 100 0 36452971 36452971 0 0
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=4352 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 769437 769437 0 0
# scanned=70384
# found=2
# cleaned=2
# scan_time=7941
C:\Documents and Settings\jhn barrett\My Documents\Downloads\HSS-1.41-install-anchorfree-76-conduit.exe a variant of Win32/HotSpotShield application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\jhn barrett\My Documents\My Videos\Miro\Miro_Installer.exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C
all ok
DLL:pipe not connected. attempts=120
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-07-02 07:40:32
# local_time=2011-07-03 05:40:32 (+1000, AUS Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777215 100 0 39313550 39313550 0 0
# compatibility_mode=1024 16777215 100 0 38893533 38893533 0 0
# compatibility_mode=1280 16777215 100 0 0 0 0 0
# compatibility_mode=4352 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 3209999 3209999 0 0
# scanned=73955
# found=4
# cleaned=0
# scan_time=7219
C:\Documents and Settings\jhn barrett\Desktop\installers\produkey.zip Win32/PSWTool.ProductKey application (unable to clean) 00000000000000000000000000000000 I
C:\Program Files\Evrsoft First Page 2006\Iscripts\Games\games-scripts.izs JS/BadJoke.KillFiles.A application (unable to clean) 00000000000000000000000000000000 I
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
C:\System Volume Information\_restore{B1345870-9C57-4F74-84F2-0A7BFF5F33FC}\RP280\A0203691.dll a variant of Win32/Adware.Yontoo.B application (unable to clean) 00000000000000000000000000000000 I
• 0

#21 sempai Posted 04 July 2011 - 07:05 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
How's the computer running now?

• Copy and Paste the following code into the Custom Scan/Fixes text box.

```:Files
C:\Documents and Settings\jhn barrett\Desktop\installers\produkey.zip
C:\Program Files\Evrsoft First Page 2006\Iscripts\Games\games-scripts.izs
```
• Push the Run Fix button.
• A massage box "Fix complete! Click OK to open the fix log." will pop-up.
• Click the OK button and a report will open.

2. Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
• Look for "JDK 6 Update 26 (JDK or JRE).

• Select "Windows x86 Offline" and click on jre-6u26-windows-i586.exe
• Save it to your desktop
• Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).
• Reboot your computer once all Java components are removed.

3. Update Adobe Reader so you will not become vulnerable for infections.

• 0

#22 jhnb Posted 05 July 2011 - 09:11 AM

jhnb

Member

• Member
• 17 posts
i hope this is right, that is all the otl log produced:

========== FILES ==========
C:\Documents and Settings\jhn barrett\Desktop\installers\produkey.zip moved successfully.
C:\Program Files\Evrsoft First Page 2006\Iscripts\Games\games-scripts.izs moved successfully.

OTL by OldTimer - Version 3.2.4.1 log created on 07052011_012604

both jre and adobe reader have been uninstalled and reinstalled. i have been able to get online a lot better now, although the computer itself still seems very slow, keeps hanging while i type and i get 'not responding' in ff now and then. it is a pretty old computer tho so i wouldn't expect it to be too quick. if i see how things go for now and i get back to you if any problems re-occur. would it be possible to keep this thread open for say a week just in case? the thing is it's hard to tell as the problem has never been constant, rather it tends to come and go.

edit: i now seem to have no adobe acrobat. just to clarify, adobe acrobat and adobe reader are the same thing yes? as in adobe acrobat reader. i'm now wondering if i uninstalled the wrong thing and re-installed something else. the download i got seemed to install as a ff extention. i just tried to open a pdf online and it had no option for a pdf reader to see it and now i notice that pdf files i have on the computer are showing the unknown file format icon. have i got this wrong or what?

Edited by jhnb, 05 July 2011 - 12:32 PM.

• 0

#23 sempai Posted 06 July 2011 - 03:48 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
• 0

#24 jhnb Posted 06 July 2011 - 11:42 AM

jhnb

Member

• Member
• 17 posts
i just worked it out, when i open the link in ff it opens a different page to what it did when i opened it in kmeleon. see the difference in the file size in these screenshots. the first is kmeleon and the second and third are ff and shows the screen that it takes you to when you click to DL while in ff. when i clicked the button in kmeleon it opened the DL window and didn't open that page at all. i don't know if it was just me but i thought it might be worth looking into it so you can let people know.

• 0

#25 sempai Posted 07 July 2011 - 08:07 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
Good job and thanks for letting me know. How's the PC running?
• 0
<

#26 jhnb Posted 07 July 2011 - 09:48 AM

jhnb

Member

• Member
• 17 posts
it seems ok'ish, no problems getting and staying online but the computer does still seem a lot slower than normal. i have managed to locate a new screen for my other laptop so i can live with this until i get that one fixed up now, this is still handy to keep as a spare if needed tho. the main problem that is worrying me at the moment tho is with mbam, i uninstalled with the program you recommended and then i re-installed. but i still cannot get it to update which is the problem i had with it before, so i'm thinking it is something on my system that is causing the problem. when i try to update it goes to start then a window opens with this:

an error occured. please report the following error code to the mbam support team.

error code:732(0,0)

i don't know if you have any suggestions. i can live with it for now tho, so i will get back if it causes any major problems. i just like to have mbam on here as its been very helpful in the past.

thanks so much for your help tho
• 0

#27 sempai Posted 08 July 2011 - 05:55 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
Hi,

• C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref
• C:\WINDOWS\system32\drivers\mbam.sys
• C:\WINDOWS\system32\drivers\mbamswissarmy.sys
• C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
• C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

If you don't know how to exclude them then please refer to this topic, it is in post #2 (post by Bluesman).

==========================

Try this please and check if the PC speed improves.

1. Please check volume for errors.
• To check the volume for errors:
• Click start and then My Computer.
• Right click the drive C and select Properties.
• Under Tools tab press Check Now...
• Put a check mark in both items and press start.
• If you get a message click Yes to schedule the disk check and click OK and then restart your computer to start the disk check. Please be patient and let the system run. In some cases it might take a couple of hours and you don't have to sit there the whole time.

2. Please go to this link -> http://www.bleepingc...tutorial55.html and follow the steps to perform a Disk Defragmentation.
• 0

#28 sempai Posted 14 July 2011 - 05:56 AM

sempai

Trusted Helper

• Malware Removal
• 785 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
• 0