So over the past week I’ve been having quite a problem with performance issues and I’ve been trying to run lots of anti-virus programs like Malware and Avast to try to fix them. Even after multiple Malware full scans, the infected files keep popping up and my laptop is still having problems running.
Avast identifies the infected files as having a Win32:Malware-gen virus. And this is located in the Windows/TEMP folder. Here are various logs from some scans I’ve run. These include AdwCleaner, Malware Bytes Anti-Malware, OTL, and aswMBR.
Please help me with my problems. I’m unable to solve them myself.
i see you have AVG and avast installed… never install multiple AV
this will give you a slow machine, mysterious windows errors and false detections
uninstall one and then run the vendors removal tool to clear any leftover files that may conflict
:OTL
IE - HKU\S-1-5-21-341600103-2123293203-2585681995-1000\..\SearchScopes\{380095B4-4410-4B4C-85AE-ACD6B714B4D1}: "URL" = http://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms}
IE - HKU\S-1-5-21-341600103-2123293203-2585681995-1000\..\SearchScopes\{5B5F9166-558D-488E-AC6D-7E3FD7065978}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3288627&CUI=UN19021003138684129&UM=2
IE - HKU\S-1-5-21-341600103-2123293203-2585681995-1000\..\SearchScopes\{BE7303EF-2AE2-4BE0-BAB0-785B5BF10A94}: "URL" = http://searchou.com/?q={searchTerms}&id=6852336b00000000000070f1a1c9c8d4&r=159
[2012/06/05 11:01:35 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\ffxtlbr@babylon.com
[2012/04/11 21:14:10 | 000,102,481 | ---- | M] () (No name found) -- C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\fbphotozoom@installdaddy.com.xpi
[2013/02/20 07:18:44 | 000,053,943 | ---- | M] () (No name found) -- C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\pricepeep@getpricepeep.com.xpi
[2012/11/15 13:30:12 | 000,214,020 | ---- | M] () (No name found) -- C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\socksharedownloader@socksharedownloader.com.xpi
[2013/02/20 07:18:44 | 000,053,943 | ---- | M] () (No name found) -- C:\Users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\pricepeep@getpricepeep.com.xpi
O3 - HKU\S-1-5-21-341600103-2123293203-2585681995-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKU\S-1-5-21-341600103-2123293203-2585681995-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB (Reg Error: Key error.)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
@Alternate Data Stream - 1119 bytes -> C:\Users\Angel\AppData\Local\KDTdGRYqXvn46:xYpIMO7Z3Xh50kzYIQw
:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.