-
Content Count
5 -
Joined
-
Last visited
Content Type
Profiles
Forums
Calendar
Posts posted by Cloutz
-
-
26 seconds
-
Hi omarramo12,
Welcome to BestTechie!!
My name is Nick and I will be helping you get cleaned up.
Let's get started!!
Please follow the instructions provided, you will want to print out these instructions and use them as a reference.
Please download ewido anti-malware it is a free version of the program.
[*]Install ewido anti-malware
[*]When installing, under "Additional Options" uncheck..
- Install background guard
- Install scan via context menu
Please download AboutBuster.
- Double click the AboutBuster folder, then double click the AboutBuster.exe inside.
- Click "Extract all" in the box that pops up, then "Next"
- Choose the location you would like to install AboutBuster, such as My Documents.
- Make sure "Show extracted files" is checked, then click "Finish".
- Reboot to safe mode by continually tapping the F8 key as the computer begins to boot.
- Open AboutBuster and click the "Begin Removal" button. It will shut down all Explorer windows (if open) while it works.
- It will begin to check your computer for malicious files. If it asks if you would like to do a second pass, allow it to do so.
- When it has finished, click Save Log. Make sure you save it as I may need a copy of it later.
- Reboot your computer into safe mode again
- Run about:buster again following the same instructions as above, this time without the restart at the end
Then, Open HijackThis and place a check mark next to the following entries:
R3 - URLSearchHook: (no name) - 3 - URLSearchHook: (no name) - _{20EC3D2D-33C1-4C9D-BC37-C2D500688DA2} - (no file)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
O2 - BHO: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll (file missing)
O3 - Toolbar: QuickSearch Search Bar - {82315A18-6CFB-44a7-BDFD-90E36537C252} - C:\Program Files\QuickSearch\QuickSearchBar1_27.dll (file missing)
O4 - HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 - HKLM\..\Run: [cmssSystemProcess] C:\WINDOWS\system32\csmss.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLaunc...iveLauncher.cab
These are all optional fixes, they are memory hogs:
O4 - HKLM\..\Run: [Dell|Alert] C:\Program Files\Dell\Support\Alert\bin\DAMon.exe
O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [YBrowser] C:\Program Files\Yahoo!\browser\ybrwicon.exe
O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [sBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1124824350\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
Then, make sure no windows are open (other than HijackThis) and click "Fix Checked"
Delete the following files (if present):
C:\Program Files\QuickSearch\QuickSearchBar1_27.dll
C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll
C:\WINDOWS\system32\csmss.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
Please delete the following folders as well:
C:\Program Files\WildTangent
C:\Program Files\Viewpoint\Viewpoint Manager
C:\Program Files\QuickSearch
Run Ewido Scan
- Launch ewido, there should be an icon on your desktop, double-click it.
- The program will now open to the main screen.
- When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
- You will need to update ewido to the latest definition files.
- On the left hand side of the main screen click update.
- Then click on Start Update.
[*]The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")
- On the left hand side of the main screen click update.
If you are having problems with the updater, you can use this link to manually update ewido.
Once the updates are installed do the following:
- Click on scanner
- Click on Complete System Scan and the scan will begin.
- You will be prompted to clean the first infection.
- Select "Perform action on all infections", then proceed.
- Once the scan has completed, there will be a button located on the bottom of the screen named Save report
- Click Save report.
- Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.
Also, Uninstall Logitech Desktop Messenger unless you use it constantly.
Please include a fresh HijackThis log along with the Ewido log in your next reply
Thanks,
Nick :cool:
- Install background guard
Spyware Quiz
in Spyware/Adware Information
Posted
8/8