OTL is saving the log at the same place it is run from…
OK lets try again download the attached fix.txt to your desktop
Run OTL and press Run Fix
A dialogue will open asking for the location of Fix.txt
Locate and select the file that you downloaded on your desktop and press Run Fix again
Once done run a fresh quick scan with OTL
The Fix seems to just freeze on the screen. The window at the bottom says killing processes DO NOT INTERRUPT… Then the Hour glass just sits there. I killed the computer by unplugging it. Started the whole process again and followed the procedure again. The first time I had copied the fix into the custom scan. The second time I followed you directions explicitly. If the process is going to takes several hour I just need to know.
I went to check for any emails of new posts with Thunderbird and it failed to connect to the server??? I’ll monitor this thread to find out if you post anything. I’m going to reboot to see if that helps.
OK that is MBAM blocking it. Temporarily uninstall MBAM please then run the fix again
I have the results from the scans attached. I thought there should be three logs. One at the end of the fix, one after the reboot and one after the quick scan. The reboot scan is the one in question. I was concerned that my trash bin was emptied. Was that necessary? You wrote about MBAM “As it is very very aggressive and I never trust it”. But Pondus recommended it. I don’t have much money so I wonder how to move forward. With my limited knowledge I was able to see that there was more junk than I thought referred to in the logs. Is there a web site that has the “Big Picture” in “Plain English” that I can go to. It’s clear I need some tools but each one says they are the best and can do it all, but then they let you down. Short of the Avast boot scan which takes forever can I opt for Avast to scan for PUPs? This process has led to a bunch of questions, but I don’t want to be a bother. I hope that you got it all and it seems that you have. Thanks for all your help Dave
Maybe I worded it badly about MBAM, it is the IP blocking that I find too aggressive, otherwise it is a good bit of kit for a weekly scan
As to required tools then to be honest the free ones are generally just as good as the paid for programmes, just without all the bells and whistles. My security is Avast… and nothing else
You can set Avast to check for PUPS but you may find that the alert frequency may increase if you download a lot of programmes from the net
The recycle bin and temporary files folders are the usual hiding places for malware so they should be emptied frequently, I have IE set to delete all temp files on closure
Updating IE to version 8 will alleviate some of the problems http://www.microsoft.com/en-us/download/details.aspx?id=43
One Infoatom item remains because some numpty forgot to remove the relevant js files (me )
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:OTL
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\infoatoms@infoatoms.com: C:\Program Files\Mozilla Firefox\extensions\infoatoms@infoatoms.com
[2013/04/09 06:28:51 | 000,876,572 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\sessionstore.js
[2013/04/09 06:28:24 | 000,431,238 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\sessionstore.bak
[2013/04/09 06:27:51 | 000,743,366 | ---- | C] () -- C:\Documents and Settings\Dave\My Documents\sessionstore-1.js
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Those sessionstore files were created in 2012 when I was trying to recover from a mistake I made. I didn’t look at them again until I saw them in the fix. The new date stamp on them was about the time I downloaded Dictation pro. So InfoAtoms is a bit more vicious than I thought, if it was able to find and overwrite them.
I also saw “xhuf” among the items in the fix. I didn’t see it in any of the other scans. Anything to worry about?
I can’t open .log files from Notepad. Is there a way to make Windows show them?
Too many question-too little time!
I never used IE except once to download Firefox. Is there any other reason to upgrade IE than to make IE more stable.
Are there a set of topic pages that gives in-depth information on the various Avast components and how to set then. Things like heuristics.
I’ll stick with Avast Free with PuPs turned on for now, but I’m open to advise? After this I don’t think I’ll mind the extra Avast scrutiny.
Is there a way to force a download into the Avast sandbox?
One more, Advanced SystemCare got me here, but I hear bad things about it. What’s your take?
By the way, numpty is a bit harsh don’t you think? Besides if you are numpty, what does that make me, numpty squared? After all this that’s how I feel. Thanks for the help Dave
I am not a great fan of these so called utility programmes as sometimes they can do something other than you thought, and anyway most changes can be made within windows itself. Although to be honest I do use some tweaking programmes purely to save me playing with the registry, but I only use ones where I can read the changes made to the registry before they do it
You can download the Avast PDF user manual from with the Avast GUI … Go to the support tab, select download the user manual, then select your flavour of Avast. But if you have any other questions then just ask
To open a log file… Right click the file and select open with… Select Notepad and you are done
As IE is integrated into windows it is always advisable to have the latest version even if you do not use it, as it will also update some system files
You can run any download in a sandbox by downloading it to the desktop. Then right click the file and select Run sandboxed
Turning on the PUP element is user choice, you may get a few more alerts but you can make a reasoned decision about it
How is the computer now … Are you ready for a tidy up ;D
OK it’s been a few days and I have seen no particular problem. The screen seems to bounce when I change from one app to another sometimes but it doesn’t really effect anything. The only other thing was the Avast icon in the quick launch bar froze/stuck but the GUI wasn’t running. I may have left Avast on too long. Anyway, I relaunched from the system tray closed it again and the icon was gone.
Can you send me a list of those programs that you use. I promise I won’t monkey with them if I’m not sure what I’m doing. Otherwise I’m Just searching for the right stuff in the dark.
As to the other questions I had, they pop into my mind from time, but then there gone. If any come to mind I’ll start a new thread. Some of the questions were not directly related to Avast, they came up during the process.
I download a lot of images to use in my screen saver. But I fear that IE’s upgrade will interfere with the Firefox Copy Image command. I also have not downloaded Adobe flash player for the same reason, but Avast wants me to update flash player active X. Am I worried for nothing?
I’m not sure what the tidy up is but I think I’m ready.
Thanks for all your help, Dave
My tool is the Tweaking.com one available here http://www.tweaking.com/content/page/advanced_system_tweaker.html A little screenshot at the bottom to show what it does in the registry
But I fear that IE's upgrade will interfere with the Firefox Copy Image command. I also have not downloaded Adobe flash player for the same reason, but Avast wants me to update flash player active X.Again this is to update a programme that you may rarely use but could provide a loophole into your system. The IE upgrade should not interfere with FF
Subject to no further problems
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands [resethosts] [emptytemp] [CLEARALLRESTOREPOINTS] [Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
Run AdwCleaner and select uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes.
Update and run weekly to keep your system clean
Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link
If you use on-line banking then as an added layer of protection install Trusteer Rapport
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
[*]Microsoft Windows Update
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe
Well I was having a Firefox crash once a day after the end of our saga. I tried to download the programs you recommended but one error message after another kept me from doing it. I also ran into problems up-dating IE. I didn’t find the free Malwarebytes. It may be there, I just didn’t see it. I’ll try again when things settle down. I up-dated Firefox and that seems to have solved the crashing problem. Time will tell. I was able to get Trusteer Rapport working and it has already been of help. I looked at the web site you pointed me to “Preventing Malware and Safe Computing”. I was thrown a bit though expecting to find “how did I get infected in the first place”. My brother who is not the expert you are has recommended several of the programs you listed as well. But this is the first time I have seen them separated into categories. Most of the time the indivigual program just say they are “The Best” and we should use them, but that’s not much to go on.
Well, it’s been several days with the Firefox up-grade and things seem to be good. My best guess is that the PuP changed something in the Firefox entry in the registry and the up-grade fixed it. Thanks to all who helped on this. David
I didn't find the free Malwarebytes.it is the same download.... during install you are asked if you want the free or start trail period of PRO pro is a one time fee for a lifetime license
Pondus, Thanks for the info and once again all the help. David