again my computer is affected by virus!

system · June 18, 2014, 2:05am

my computer has been affected by virus. The system is too slow,hanging up at times.It is not as quick as before. pls help me

Asyn · June 18, 2014, 5:09am

Attach your logs. (MBAM, OTL and aswMBR…!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0

system · June 18, 2014, 8:24am

malwarebytes log

system · June 18, 2014, 8:25am

OTL log

system · June 18, 2014, 8:26am

aswMBR log

Pondus · June 18, 2014, 8:54am

your OTL log is saved as Unicode, so it looks like chinese … you must save it as ANSI

system · June 18, 2014, 9:55am

OTL log
ANSI

essexboy · June 18, 2014, 1:21pm

All adware… So lets clear it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2014/05/29 10:25:19 | 001,808,408 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
IE - HKU\S-1-5-21-861567501-1123561945-839522115-1009\..\SearchScopes,DefaultScope = {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
IE - HKU\S-1-5-21-861567501-1123561945-839522115-1009\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=28D800E04E0619E6&affID=128492&tt=240414_41&tsp=5237
IE - HKU\S-1-5-21-861567501-1123561945-839522115-1009\..\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}: "URL" = http://www.amazon.com/websearch/ref=bit_bds-p12_serp_ie_us_display?ie=UTF8&tagbase=bds-p12&tag=bds-p12-serp-us-ie-20&tbrId=v1_abb-channel-12_64e53bd9fd0d424c979f20653b2f678e_39_1006_20140504_IN_ie_ds_systweak&query={searchTerms}
FF - HKLM\Software\MozillaPlugins\@popularscreensavers.com/Plugin: C:\Program Files\PopularScreensavers\NPp5Stub.dll File not found
[2014/05/04 08:51:17 | 000,002,332 | ---- | M] () -- C:\Documents and Settings\hemaravi\Application Data\Mozilla\Firefox\Profiles\ktb7k19a.default\searchplugins\amazon.xml
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe File not found
O4 - HKU\S-1-5-21-861567501-1123561945-839522115-500..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun File not found
[2014/04/30 19:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG SafeGuard toolbar
[2014/04/30 19:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[2014/05/28 11:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2014
[2014/05/28 10:55:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\hemaravi\Application Data\systweak

:Files
C:\Program Files\Common Files\AVG Secure Search
C:\Program Files\AVG SafeGuard toolbar
C:\Program Files\Mobogenie

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

system · June 18, 2014, 2:56pm

OTL log

system · June 18, 2014, 2:57pm

Adwcleaner log

essexboy · June 18, 2014, 3:09pm

How is the computer behaving now ?

system · June 18, 2014, 3:20pm

When i open a file or google chrome it takes some time and then loads after some time

essexboy · June 18, 2014, 3:22pm

Could you defragment your hard drive and see if that improves it

system · June 18, 2014, 3:24pm

I actually don’t know to defragment

Pondus · June 18, 2014, 3:49pm

http://support.microsoft.com/kb/305781

how to do videos http://www.youtube.com/results?search_query=how+to+defragment+winXP

system · June 19, 2014, 2:25am

I defragmented my hard drive but it doesn’t work.

essexboy · June 19, 2014, 12:51pm

OK lets look in some different areas

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Select both shortcut and additions at the bottom
[*]Press Scan button.

https://dl.dropboxusercontent.com/u/73555776/frst.JPG

[*]It will produce a log called FRST.txt in the same directory the tool is run from.
[*]Please attach all 3 logs generated.

system · June 20, 2014, 6:24am

Farbar log. I have to mention that it took atleast 3-4mins for such a small file(Farbar recovery tool) to download.

essexboy · June 20, 2014, 1:27pm

Nothing dramatic showing there

Download the attached Fixlist.txt to the same location as FRST
Run FRST and press Fix
On completion a log will be generated please post that

system · June 20, 2014, 2:51pm

Fix log

again my computer is affected by virus!

Announcements