Even start window takes so long to open.
tijawani.DLL, zibipudo.DLL,govezamu.DLL. bogging down GF's dell i
Started by
elkski
, Sep 06 2014 12:07 PM
#31
Posted 11 September 2014 - 10:22 AM
Even start window takes so long to open.
#32
Posted 11 September 2014 - 11:24 AM
Ok, please post the logs when all the scans are finished. Also, please do not install any further updates or install any new software for the time being.
#33
Posted 11 September 2014 - 12:54 PM
Results of screen317's Security Check version 0.99.87
Windows XP Service Pack 3 x86
Internet Explorer 6 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Please wait while WMIC is being installed.d
i
s
p
l
a
y
N
a
m
e
ECHO is off.
S
y
m
a
n
t
e
c
ECHO is off.
E
n
d
p
o
i
n
t
ECHO is off.
P
r
o
t
e
c
t
i
o
n
ECHO is off.
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Java 2 Runtime Environment, SE v1.4.2_03
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.1.102.64 Flash Player out of Date!
Adobe Reader 7 Adobe Reader out of Date!
Mozilla Firefox (3.0.19) Firefox out of Date!
Google Chrome 37.0.2062.103
Google Chrome 37.0.2062.120
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# iexplore.exe=6.00.2900.5512 (xpsp.080413-2105)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ffcce1f1d5d10a4eab949cf743b4c566
# engine=20109
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-11 06:42:22
# local_time=2014-09-11 01:42:22 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=64740
# found=2
# cleaned=0
# scan_time=6931
sh=151429375F548A02D9C4BAA63DA04612595CAC45 ft=0 fh=0000000000000000 vn="Win32/Adware.Virtumonde.NEO application" ac=I fn="C:\WINDOWS\system32\ebigawap.ini"
sh=F0886BA91626B747B65231D9943B75FCA5F05C1F ft=0 fh=0000000000000000 vn="Win32/Adware.Virtumonde.NEO application" ac=I fn="C:\WINDOWS\system32\umazevog.ini"
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 9/11/2014
Scan Time: 9:32:12 AM
Logfile: MBAM.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.11.03
Rootkit Database: v2014.09.10.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: enkhmart
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321347
Time Elapsed: 38 min, 4 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
Malware.Trace, HKU\S-1-5-21-2987564195-3664300104-303828230-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\fias4051, Quarantined, [fe026488403bcf6766c5742960a337c9],
Registry Values: 2
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHAREDTASKSCHEDULER\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}, Quarantined, [c739b438cab10036b4e6892459a92ed2],
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHAREDTASKSCHEDULER|{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}, STS, Quarantined, [c739b438cab10036b4e6892459a92ed2]
Registry Data: 1
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Good: (0), Bad: (1),Replaced,[c43cdf0d0576cb6bc04ffafa1ce8758b]
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
#34
Posted 11 September 2014 - 07:30 PM
Thank you for the logs.
Ok, let's remove the 2 items that ESET found. Once this is finished, then we'll start working on updating your programs. After that is finished, due to the age of the machine, I'd like to have our hardware techs check it out.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.
Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.
Things I need to see in your next post:
Fixlog.txt Log
Ok, let's remove the 2 items that ESET found. Once this is finished, then we'll start working on updating your programs. After that is finished, due to the age of the machine, I'd like to have our hardware techs check it out.
- Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
- Right-click in the open notepad and select Paste).
- Save it on the desktop as fixlist.txt
Start
C:\WINDOWS\system32\ebigawap.ini
C:\WINDOWS\system32\umazevog.ini
End
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.
Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.
Things I need to see in your next post:
Fixlog.txt Log
#35
Posted 11 September 2014 - 08:22 PM
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-09-2014
Ran by enkhmart at 2014-09-11 21:19:47 Run:2
Running from C:\Documents and Settings\enkhmart\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
C:\WINDOWS\system32\ebigawap.ini
C:\WINDOWS\system32\umazevog.ini
End
*****************
C:\WINDOWS\system32\ebigawap.ini => Moved successfully.
C:\WINDOWS\system32\umazevog.ini => Moved successfully.
==== End of Fixlog ====
#36
Posted 11 September 2014 - 08:46 PM
Thank you for the log. Let's get your programs up to date.
Step 1: Update Java
A word about Java
Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.
For more information regarding this, see the two articles below:
Forbes: US Department of Homeland Security Calls on user do disable Java
US warns on Java software
Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.
If you do have software that requires it, then disable it until such time as it's needed by those programs.
Please click the link below for instructions to disable Java.
How to Disable Java in your Web Browser
If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.
Click the link below to go to the download page to get the tool.
JavaRa
Once you have downloaded JavaRa
Instructions for manually removing old versions of Java
Step 2: Update Adobe Reader and Adobe Flash
Updating Adobe Reader
Please update FireFox by clicking Help at the top of the browser and then selecting About Firefox. FireFox will automatically update itself.
Also, your hard drive will need defragging soon. But I would wait until you've updated these programs, and had the Hardware Techs check it out.
Step 4: Tool Removal and Creation of a Clean Restore Point
You can uninstall ESET Online Scanner at this time.
I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Please let me know when these steps are completed and please post the DelFix log in your next post.
Step 1: Update Java
A word about Java
Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.
For more information regarding this, see the two articles below:
Forbes: US Department of Homeland Security Calls on user do disable Java
US warns on Java software
Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.
If you do have software that requires it, then disable it until such time as it's needed by those programs.
Please click the link below for instructions to disable Java.
How to Disable Java in your Web Browser
If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.
- Click on this link Java Website and click Do I Have Java?
- Then click the Verify Java Version button. It will scan your current version and show you if you have the most current version.
Click the link below to go to the download page to get the tool.
JavaRa
Once you have downloaded JavaRa
- Unzip the files to the directory of your choice.
- Double click the JavaRa icon in the directory and choose your language preference.
- Click Remove Older Versions from the menu.
- Click Yes.
- If you get a warning that Internet Explorer needs to be closed, close it, then click ok.
- JavaRa will then search for and remove old versions of Java from your machine.
Instructions for manually removing old versions of Java
Step 2: Update Adobe Reader and Adobe Flash
Updating Adobe Reader
- Malware will exploit any vulnerabilities it can find in outdated software. If you are using Adobe Reader for reading pdf files, try using FoxIt Reader. It is a very capable alternative to Adobe.
- Please click here to download FoxIt Reader.
- If you wish to continue to use Adobe Reader, then please update it by clicking here.
- Please remember to uncheck the option to install the Google Toolbar and browser.
- Please update Adobe Flash Player by clicking here.
- Please remember to uncheck the box to install McAfee's Security Suite.
Please update FireFox by clicking Help at the top of the browser and then selecting About Firefox. FireFox will automatically update itself.
Also, your hard drive will need defragging soon. But I would wait until you've updated these programs, and had the Hardware Techs check it out.
Step 4: Tool Removal and Creation of a Clean Restore Point
- Download Delfix from here
- Ensure Remove disinfection tools is ticked
Also tick:- Create registry backup
- Purge system restore
- Click Run
You can uninstall ESET Online Scanner at this time.
I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.
Please let me know when these steps are completed and please post the DelFix log in your next post.
#37
Posted 14 September 2014 - 04:12 AM
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users