HI I was wanting to ask another question when I run aswmbr should I disable avast free
thanks
HI I was wanting to ask another question when I run aswmbr should I disable avast free
thanks
hi Diddy,
Here’s how it works:
Without the logs nothing can be done. The user should never attempt to use these programs to fix anything on their own (AdwCleaner is ok); that is why essexboy is fully certified in malware removal. Just attach the log for AdwCleaner after scanning or deleting bad items.
Never delete an infected file; always quarantine it if possible.
EDIT: Yes, disable Avast! Free temporarily by selecting disable until reboot option.
No.
No do not start a new topic…you have started this, so we dont want you to post all over the forum…
also essexboy is notified about this topic
in essexboys guide, there is a picture of OTL…read instructions above…and under the picture
there is a small scipt you copy and past in the program before you run it
in my way… if my laptop infected, i would wipe off everything and do the fresh install of windows than worrying becoming infected again
thats your way…but we dont know if it is still infected or if avast saved the day
so we leave this to those who know.
i know its my way which is quicker way to sort this mess like backup your files on extra hard drive, fresh install windows, install service pack and catch up updates = 2-3hrs
and if its not infected…we dont know yet…then no time at all
please dont derail the topic
hI hear are the logs for the four programs and let me remind everyone that the logs are just for Windows Vista home basic only.
Sorry I forgot to put the other logs in their
HI please let me now if I got everything right sorry any goof ups I am new at this sort of thing I am sorry in advance.
Thanks again
+1
And now we wait… essexboy will let you know if you actually still have an active infection or if Avast! killed it.
Please be patient. All looks good from here (posting the logs I mean).
hI Thanks Mchain thanks for your help of you I was a bit nervous but now I feel better that all of you on this community are so helpful to put me at ez.
Thanks again every one for your time and help
Hi just to put you mind at rest :
AdwCleaner can do a scan function only if you wish and will still produce a log for me to see
OTL is a diagnostic tool that I can use to remove any bad entries, sometimes it will not be strong enough and I may need to use a stronger tool. But, I will tell you
AswMBR is again a diagnostic tool, but do not press any button apart from save log
HI Esseyboy So What is it you want me to do with Aswmbr Do you want me to just do a quick scan with it and then save the log file again that correct
Thanks I should mention Esseyboy that I am new to this kind of thing please be patient with me
Thanks again.
the logs are okay posted
guess Essexboy did not see them since they are in reply 29
he is probably in bed now so check back tomorrow
HI Essexboy I just thought I would tell you that if you go to the second page of this topic the logs you need are at the bottom of the second page. Just letting you now.
Have a good day
ps: the logs are for Windows Vista home Basic only.
thanks
HI I was wondering if someone could please tell me more about Essexboy is he a certified malware expert? How long has he been cleaning computers of malware infections for?
He will not wreck my computer right he only gets rid of the bad stuff on your computer for you and at the end of this cleaning off the bad stuff my computer will still work right. Just curious that is all I just want more information that is all.
Thanks very much for your time and help.
- HI I was wondering if someone could please tell me more about Essexboy is he a certified malware expert?
- He will not wreck my computer right he only gets rid of the bad stuff on your computer for you and at the end of this cleaning off the bad stuff my computer will still work right.
I am an instructor at GeekstoGo Malware school, but it is only right that you should know who is asking you to run programmes on your system ;D
Ok this run with OTL will remove the active search bars etc… that are not considered to be effective or useful as they will only send you where they want as opposed to where you really want to go
I will also remove some redundant elements.
I will also empty all the temporary files/folders on the computer
Prior to all of this OTL will create a restore point for you.
From the logs posted there is no apparent malware just the advertising stuff which will slow down your computer.
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/howfytdl/{3547C6A4-562D-4EA9-B769-7DAD07F1971C}
IE - HKLM\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/search.aspx?s=CAUe0&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.speedbit.com/?s=CAUe0
IE - HKLM\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=egtb&c=&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bee129ccc-e08f-4afb-a60c-3691dd268bb8%7d&component=&q={searchTerms}
IE - HKCU\..\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A}: "URL" = http://search.imgag.com/?appid=egtb&c=&sbs=2&sc=2&f=web&vernum=3.2&uid=&did=%7bee129ccc-e08f-4afb-a60c-3691dd268bb8%7d&component=&q={searchTerms}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=113480&tt=060612_5_&babsrc=SP_ss&mntrId=0c02ff50000000000000001aa072ac13
IE - HKCU\..\SearchScopes\{271DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://jixey.com/?q={searchTerms}&id={8C4D5522-344D-4970-9F3A-48B060C913A8}&src=chr&ver=2.2.5
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://search.speedbit.com/search.aspx?s=CAUe0&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://www.bigseekpro.com/search/browser/howfytdl/{3547C6A4-562D-4EA9-B769-7DAD07F1971C}?q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Speedbit Search"
FF - prefs.js..browser.search.defaulturl: "http://search.speedbit.com/search.aspx?s=CAUe0&q="
FF - prefs.js..browser.search.order.1: "Speedbit Search"
FF - prefs.js..keyword.URL: "http://search.speedbit.com/search.aspx?s=CAUe0&q="
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com:
[2011/08/07 18:40:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Clint\AppData\Roaming\Mozilla\Firefox\Profiles\f146a7vj.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2012/06/18 22:55:15 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7792546F-70AE-4ABC-B2B6-BE68E9410002} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CF745ACA-6FA6-45ED-AB49-E10A0D1870C5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [Wisdom-soft ScreenHunter 5.1 Free] 0 File not found
O4 - HKCU..\Run: [Wisdom-soft ScreenHunter 6.0 Free] 0 File not found
[2012/10/30 00:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeedBit
[2012/10/30 00:01:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Speedbit
[2012/10/30 00:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit
[2012/10/30 00:01:28 | 000,172,032 | ---- | C] (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) -- C:\Windows\System32\AniGIF.ocx
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.