Originally Posted by
Shadara
Oh my... I noticed it mentions Limewire and uTorrent in my log file (grrrr! teenagers!). I didn't see them earlier. How do I get rid of them for good? And again THANK YOU!
Don't worry, I'll sort that
Information
I also did a Kaspersky scan online. That just made me more scared
Don't worry, there is nothing showing that we shouldn't be able to sort
I will ask you for the results of that Kaspersky scan at the end of this post.
AntiVirus
You appear to have Avast4 and Charter High-Speed Security Suite
First you should know that you're actually doing more harm than good by running more than one Anti Virus program.
When you do this the programs compete for resources, and the end result is none does it's best and can cause system instability.
I recommend that you choose one that you want to keep.
The other/s I would either uninstall, or disable from startup and use as "on demand" for an occasional scan.
----------------------------------------------------------- -----------------------------------------------------------
Step 1
Fix With HJT
Close all other windows and then start HiJack This
Click Do A System Scan Only
When it has finished scanning put a check next to the following lines IF still present
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {A8425E2F-E6CE-4A94-B846-6DEFA1268D44} - (no file)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) -
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} (Java Plug-in 1.5.0_03) -
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} (Java Plug-in 1.5.0_06) -
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} (Java Plug-in 1.5.0_09) -
O18 - Filter hijack: text/html - {F381F5EF-5AEF-42BE-94F4-E5DB375F641F} - (no file)
- Close ALL open windows (especially Internet Explorer!)-
Now click Fix checked
Click yes to any prompts
Close HijackThis
----------------------------------------------------------- -----------------------------------------------------------
Step 2
Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to
- Update Malwarebytes' Anti-Malware
- and Launch Malwarebytes' Anti-Malware
- then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform full scan, then click Scan.
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.
- When completed, a log will open in Notepad. please copy and paste the log into your next reply
- If you accidently close it, the log file is saved here and will be named like this:
- C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
----------------------------------------------------------- -----------------------------------------------------------
Step 3
OTMoveIt
Please download OTMoveIt3 by OldTimer and save it to your desktop
- Double-click OTMoveIt3.exe to run it.
- Copy the lines in the codebox below. ( Make sure you include :Reg )
Code:
:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"=-
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Gateway]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STOPzilla]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 2000 Series.lnk]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\StubInstaller.exe"=-
"C:\Documents and Settings\Owner\My Documents\My Downloads\LimeWire\LimeWire.exe"=-
"C:\Program Files\uTorrent\utorrent.exe"=-
"C:\Program Files\LimeWire\LimeWire.exe"=-
"C:\Documents and Settings\Owner\Local Settings\Temp\~osA77.tmp\ossproxy.exe"=-
:Commands
[Purity]
[EmptyTemp]
- Return to OTMoveIt3, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
- Click the red Moveit! button.
- Copy everything in the Results window (under the green bar), and paste it in your next reply.
- Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
----------------------------------------------------------- -----------------------------------------------------------
Step 4
Logs/Information to Post in Reply
Please post the following logs/Information in your reply
- MalwareBytes Log
- OTMI Log
- Kaspersky Log
- How are things running now ?
----------------------------------------------------------- -----------------------------------------------------------
Additional Notes
Your Adobe Acrobat Reader is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Adobe Reader is a large program and uses unnecessary space.
If you prefer a smaller program you can get Foxit 2.0 from http://www.foxitsoftware.com/pdf/rd_intro.php << Recommended
There is a newer version of Adobe Acrobat Reader available.
- Please go to this link Adobe Acrobat Reader Download Link
- Click Download
- On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
- Click the Continue button
- Click Run, and click Run again
- Next click the Install Now button and follow the on screen prompts
When the installation is complete go to Add/Remove Programs and uninstall all previous versions.