Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

tijawani.DLL, zibipudo.DLL,govezamu.DLL. bogging down GF's dell i


  • This topic is locked This topic is locked

#31
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 144 posts
I got mbam. But it is just so sluggish still. Still says more ms updates and I'm sure dell drivers are needed too.

Even start window takes so long to open.
  • 0

Advertisements


#32
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Ok, please post the logs when all the scans are finished. Also, please do not install any further updates or install any new software for the time being.
  • 0

#33
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 144 posts

  Results of screen317's Security Check version 0.99.87  

 Windows XP Service Pack 3 x86   
 Internet Explorer 6 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Disabled!  
Please wait while WMIC is being installed.d 
ECHO is off.
ECHO is off.
ECHO is off.
ECHO is off.
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 2 Runtime Environment, SE v1.4.2_03 
 Java version out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
  Adobe Flash Player 10.1.102.64 Flash Player out of Date!  
 Adobe Reader 7 Adobe Reader out of Date! 
 Mozilla Firefox (3.0.19) Firefox out of Date!  
 Google Chrome 37.0.2062.103  
 Google Chrome 37.0.2062.120  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:: 12% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 

[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# iexplore.exe=6.00.2900.5512 (xpsp.080413-2105)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ffcce1f1d5d10a4eab949cf743b4c566
# engine=20109
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-11 06:42:22
# local_time=2014-09-11 01:42:22 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# scanned=64740
# found=2
# cleaned=0
# scan_time=6931
sh=151429375F548A02D9C4BAA63DA04612595CAC45 ft=0 fh=0000000000000000 vn="Win32/Adware.Virtumonde.NEO application" ac=I fn="C:\WINDOWS\system32\ebigawap.ini"
sh=F0886BA91626B747B65231D9943B75FCA5F05C1F ft=0 fh=0000000000000000 vn="Win32/Adware.Virtumonde.NEO application" ac=I fn="C:\WINDOWS\system32\umazevog.ini"
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/11/2014
Scan Time: 9:32:12 AM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.11.03
Rootkit Database: v2014.09.10.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: enkhmart
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321347
Time Elapsed: 38 min, 4 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
Malware.Trace, HKU\S-1-5-21-2987564195-3664300104-303828230-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\fias4051, Quarantined, [fe026488403bcf6766c5742960a337c9], 
 
Registry Values: 2
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHAREDTASKSCHEDULER\{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}, Quarantined, [c739b438cab10036b4e6892459a92ed2], 
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\SHAREDTASKSCHEDULER|{EC43E3FD-5C60-46A6-97D7-E0B85DBDD6C4}, STS, Quarantined, [c739b438cab10036b4e6892459a92ed2]
 
Registry Data: 1
PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Good: (0), Bad: (1),Replaced,[c43cdf0d0576cb6bc04ffafa1ce8758b]
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 

  • 0

#34
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Thank you for the logs. :)

Ok, let's remove the 2 items that ESET found. Once this is finished, then we'll start working on updating your programs. After that is finished, due to the age of the machine, I'd like to have our hardware techs check it out. :thumbsup:
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
C:\WINDOWS\system32\ebigawap.ini
C:\WINDOWS\system32\umazevog.ini
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Things I need to see in your next post:

Fixlog.txt Log

  • 0

#35
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 144 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-09-2014
Ran by enkhmart at 2014-09-11 21:19:47 Run:2
Running from C:\Documents and Settings\enkhmart\Desktop
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
C:\WINDOWS\system32\ebigawap.ini
C:\WINDOWS\system32\umazevog.ini
End
*****************
 
C:\WINDOWS\system32\ebigawap.ini => Moved successfully.
C:\WINDOWS\system32\umazevog.ini => Moved successfully.
 
==== End of Fixlog ====

  • 0

#36
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Thank you for the log. :) Let's get your programs up to date. :thumbsup:

Step 1: Update Java

A word about Java

Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.

For more information regarding this, see the two articles below:

Forbes: US Department of Homeland Security Calls on user do disable Java

US warns on Java software

Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.

If you do have software that requires it, then disable it until such time as it's needed by those programs.

Please click the link below for instructions to disable Java.

How to Disable Java in your Web Browser


If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.
  • Click on this link Java Website and click Do I Have Java?
  • Then click the Verify Java Version button. It will scan your current version and show you if you have the most current version.
You can also download a tool called JavaRa that will automatically search for new updates and remove older versions of Java.
Click the link below to go to the download page to get the tool.

JavaRa

Once you have downloaded JavaRa
  • Unzip the files to the directory of your choice.
  • Double click the JavaRa icon in the directory and choose your language preference.
  • Click Remove Older Versions from the menu.
  • Click Yes.
  • If you get a warning that Internet Explorer needs to be closed, close it, then click ok.
  • JavaRa will then search for and remove old versions of Java from your machine.
You can find instructions for manually removing older versions for Windows XP, Vista, and 7 by clicking the link below:

Instructions for manually removing old versions of Java


Step 2: Update Adobe Reader and Adobe Flash


Updating Adobe Reader
  • Malware will exploit any vulnerabilities it can find in outdated software. If you are using Adobe Reader for reading pdf files, try using FoxIt Reader. It is a very capable alternative to Adobe.
  • Please click here to download FoxIt Reader.
  • If you wish to continue to use Adobe Reader, then please update it by clicking here.
  • Please remember to uncheck the option to install the Google Toolbar and browser.
Updating Adobe Flash Player
  • Please update Adobe Flash Player by clicking here.
  • Please remember to uncheck the box to install McAfee's Security Suite.
Step 3: Update FireFox Web Browser


Please update FireFox by clicking Help at the top of the browser and then selecting About Firefox. FireFox will automatically update itself.

Also, your hard drive will need defragging soon. But I would wait until you've updated these programs, and had the Hardware Techs check it out.


Step 4: Tool Removal and Creation of a Clean Restore Point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can uninstall ESET Online Scanner at this time.

I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.

Please let me know when these steps are completed and please post the DelFix log in your next post. :thumbsup:
  • 0

#37
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP