Infected with SomotoBetterInstaller

[eyf21]

MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 06/04/2014
Scan Time: 01:23:09
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.05.04
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Fye

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 283599
Time Elapsed: 22 min, 44 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

system look

SystemLook 30.07.11 by jpshortstuff
Log created at 01:28 on 06/04/2014 by Fye
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== folderfind ==========

Searching for "Somoto"
No folders found.

========== filefind ==========

Searching for "Somoto"
No files found.

========== regfind ==========

Searching for "Somoto"
[HKEY_USERS\S-1-5-21-1030194540-516387514-213074493-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}]
"URL"="http://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=MY&userid=67986535-d83b-b588-4868-f6809b0f0d93&searchtype=ds&q={searchTerms}&installDate=08/12/2013"

-= EOF =-

Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Fye at 2014-04-06 01:38:11
Running from C:\Users\Fye\Desktop
Boot Mode: Normal

================== Search: "Somoto" ===================

====== End Of Search ======

Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Fye at 2014-04-06 01:39:04
Running from C:\Users\Fye\Desktop
Boot Mode: Normal

================== Search: "SomotoBetterInstaller " ===================

====== End Of Search ======

thanks!!

[Juliet]

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Code:

start
reg: reg delete "HKEY_USERS\S-1-5-21-1030194540-516387514-213074493-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" /f
Reboot:
end

Please post this log when finished.
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

[eyf21]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Fye at 2014-04-06 14:06:19 Run:2
Running from C:\Users\Fye\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
reg: reg delete "HKEY_USERS\S-1-5-21-1030194540-516387514-213074493-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" /f
Reboot:
end
*****************


========= reg delete "HKEY_USERS\S-1-5-21-1030194540-516387514-213074493-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" /f =========

The operation completed successfully.



========= End of Reg: =========



The system needed a reboot.

==== End of Fixlog ====


Juliet, the few things that I realised are

- the screen will go white and starts flickering with other colours randomly and for some time before getting back to my usual screen (even while im typing here
- after every restart when open firefox, it seems to have completed downloading something though im not downloading anything.

thanks Juliet!!

[Juliet]

What your describing to me sounds like video/grahic driver problems.

Can you look in Device manager to see if there are red X's to show the issue?
You can now use Device Manager to update drivers, roll back a driver, or manage some other aspect of the hardware on your Windows 8 computer.

http://h10025.www1.hp.com/ewfrf/wc/d...=en&lc=en#N111
click on this --> Opening Device Manager to view error codes

Your computer shows errors below
Faulty Device Manager Devices =============

Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

http://pcsupport.about.com/od/findby...error.htm?rd=1
The above is a good article to read to fix the above errors.

Is this a upgrade from Windows 7 to Windows 8
http://support.microsoft.com/kb/2885698


Also, any reason why you haven't activated Windows?
You have Windows Activation error which is not good.

If the machine won't accept the Key (because it's an upgrade Key rather than a clean install Key) then you'll have to try telephone activation and talk to an operator to issue an override.

[Juliet]

after every restart when open firefox, it seems to have completed downloading something though im not downloading anything.

Might be firefox updating, not sure.

Open Firefox, at the very top click on the orange button, let it open, to the right look for HELP, then click on About Firefox and see if your machine is up to date.

[Juliet]

Glad we could help.

Since this issue appears resolved ... this Topic is closed.