Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.
Malware Removal Instructions
MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.
by maxi » February 15th, 2012, 11:59 am
Hi johnnybgoode,
Step 1 Please remove the following programs: mediabar
youtubedownloader
Step 2 Back-Up Registry We need to backup your registry:
Please go to
Start > Run Paste in the following line:
Code: Select all
regedit /e c:\registrybackup.reg Click
OK. It won't appear to be doing anything, that's normal.
Your mouse pointer may turn to an hour glass for a minute.
Please continue when it no longer has the hour glass.
Step 3 Run OTL Script We need to run an OTL Fix Double-click OTL.exe to start the program. Copy and Paste the following code into the textbox. Do not include the word Code Code: Select all
:otl
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\URLSearchHook: *{00A6FAF6-072E-44cf-8957-5838F569A31D} - No CLSID value found
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1000\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab (Reg Error: Key error.)
[2012/02/04 21:00:08 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Hinsull\AppData\Local\{5357C666-1CE9-4D39-A4F4-AFD02224B418}
[2012/02/04 20:59:54 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Hinsull\AppData\Local\{31D7F1A8-4262-410B-9C42-013B49FDAC5D}
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0813959E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
:files
C:\Users\Jonathan Hinsull\Downloads\SEARCHSETTINGS.EXE
C:\Users\Jonathan Hinsull\Downloads\YouTubeDownloaderSetup34.exe
C:\Users\Jonathan Hinsull\Downloads\winamp5601_full_emusic-7plus_en-us.exe
:commands
[emptytemp]
[createrestorepoint]
Then click the Run Fix button at the top. Click .OTL may ask to reboot the machine. Please do so if asked. The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply. In your next reply please include: The OTL logfile.
A fresh DDS log.
How your computer is running.
Regards maxi
maxi
Retired Graduate
Posts: 1262Joined: September 25th, 2009, 10:17 amLocation: Cork, Ireland.
by johnnybgoode » February 15th, 2012, 8:26 pm
Hi, I deleted the programs and backed up the registry. However, the OTL file crashed and I had to restart my PC. Should I try again?
johnnybgoode
Active Member
Posts: 12Joined: January 31st, 2012, 4:08 pm
by maxi » February 16th, 2012, 7:23 am
Hi johnnybgoode,
Could you expand on what happened when OTL crashed ? What error did you see ? How far did the program run for before it crashed ?
There is a chance it did what it was supposed to do, So you can check the location below to see if it created a logfile.
"C:\_OTL\Moved Files" followed by the date and time the scan was run.
Regards maxi
maxi
Retired Graduate
Posts: 1262Joined: September 25th, 2009, 10:17 amLocation: Cork, Ireland.
by johnnybgoode » February 16th, 2012, 8:12 am
Hi Maxi, A pop-up box appeared saying that it had stopped working. My my windows icons disappeared too, so I had to switch my pc off and back on again. There is a folder dated 2/16, but there are no files in the folder; just another folder (C_Users) and sub folders.
johnnybgoode
Active Member
Posts: 12Joined: January 31st, 2012, 4:08 pm
by maxi » February 19th, 2012, 6:42 am
Hi johnnybgoode,
Sorry for the delay. We will try this fix again
Please make sure that AVG's realtime scanner is disabled before you run the fix.
Run OTL Script We need to run an OTL Fix Double-click OTL.exe to start the program. Copy and Paste the following code into the textbox. Do not include the word Code Code: Select all
:otl
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1000\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No CLSID value found.
O3 - HKU\S-1-5-21-1390974874-3619135010-1431660144-1001\..\Toolbar\WebBrowser: (no name) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No CLSID value found.
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab (Reg Error: Key error.)
[2012/02/04 21:00:08 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Hinsull\AppData\Local\{5357C666-1CE9-4D39-A4F4-AFD02224B418}
[2012/02/04 20:59:54 | 000,000,000 | ---D | C] -- C:\Users\Jonathan Hinsull\AppData\Local\{31D7F1A8-4262-410B-9C42-013B49FDAC5D}
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:0813959E
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:0B4227B4
:files
C:\Users\Jonathan Hinsull\Downloads\SEARCHSETTINGS.EXE
C:\Users\Jonathan Hinsull\Downloads\YouTubeDownloaderSetup34.exe
C:\Users\Jonathan Hinsull\Downloads\winamp5601_full_emusic-7plus_en-us.exe
:commands
[emptytemp]
[createrestorepoint]
Then click the Run Fix button at the top. Click .OTL may ask to reboot the machine. Please do so if asked. The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply. In your next reply Please include: The OTL logfile.
How your computer is behaving now.
Regards maxi
maxi
Retired Graduate
Posts: 1262Joined: September 25th, 2009, 10:17 amLocation: Cork, Ireland.
by johnnybgoode » February 19th, 2012, 7:54 pm
Thank you for your help. I decided to bite the bullet and upgrade from Vista to Windows 7. This required me to reformat my hard disk and I'm hoping this will have removed any malware.
johnnybgoode
Active Member
Posts: 12Joined: January 31st, 2012, 4:08 pm
by maxi » February 21st, 2012, 2:27 pm
Your very welcome. Its not a bad idea to upgrade
If you need any help with anything don't hesitate to come back to the forums
Regards maxi.
maxi
Retired Graduate
Posts: 1262Joined: September 25th, 2009, 10:17 amLocation: Cork, Ireland.
by johnnybgoode » February 21st, 2012, 5:39 pm
Thank you - very much appreciate your time and effort.
johnnybgoode
Active Member
Posts: 12Joined: January 31st, 2012, 4:08 pm
by Jack&Jill » February 21st, 2012, 7:48 pm
As your problems appear to have been resolved, this topic is now closed. We are pleased we could help you resolve your computer's malware issues.
If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
Jack&Jill
MRU Emeritus
Posts: 2284Joined: August 19th, 2008, 5:37 amLocation: South East Asia
'Harmless' email received, computer messed up but cleared.
by Electrojim » February 20th, 2020, 11:06 pm
in Infected? Virus, malware, adware, ransomware, oh my!
20
68607
by pgmigg
February 26th, 2020, 9:45 pm
'Harmless' email received, computer messed up but cleared.
by Electrojim » February 20th, 2020, 7:12 pm
in Infected? Virus, malware, adware, ransomware, oh my!
1
33095
by pgmigg
February 20th, 2020, 9:17 pm
I have a virus pls help me
by jhon244 » July 17th, 2020, 11:16 am
in Infected? Virus, malware, adware, ransomware, oh my!
15
303980
by pgmigg
August 4th, 2020, 12:20 pm
Firefox virus?
by JackMercer » December 29th, 2019, 7:44 am
in Infected? Virus, malware, adware, ransomware, oh my!
2
54329
by pgmigg
December 29th, 2019, 12:37 pm
CPU usage 100% i think i have a virus!
by Bigron_81 » November 9th, 2018, 8:54 pm
in Infected? Virus, malware, adware, ransomware, oh my!
1
31236
by pgmigg
November 9th, 2018, 11:40 pm
Domn virus
by Hoplesgirl » September 17th, 2019, 5:28 pm
in Infected? Virus, malware, adware, ransomware, oh my!
1
22358
by Gary R
September 18th, 2019, 3:33 am
Help Can't run any of the virus tools
by DevinSmith » August 27th, 2019, 7:15 am
in Infected? Virus, malware, adware, ransomware, oh my!
2
24240
by mAL_rEm018
September 18th, 2019, 2:33 pm
Need help with RAT virus removal
by BigFamily » June 21st, 2019, 12:51 am
in Infected? Virus, malware, adware, ransomware, oh my!
3
35339
by Gary R
June 28th, 2019, 12:52 pm
Virus removal - HELP!!
by JRCC07+ » October 30th, 2018, 11:45 am
in Infected? Virus, malware, adware, ransomware, oh my!
1
28278
by pgmigg
October 30th, 2018, 12:28 pm
RAT Virus infection
by bloom76 » August 1st, 2021, 11:26 am
in Infected? Virus, malware, adware, ransomware, oh my!
1
55779
by mAL_rEm018
February 13th, 2022, 3:15 am
Return to Infected? Virus, malware, adware, ransomware, oh my!
Who is online
Users browsing this forum: No registered users and 639 guests
Contact us: forum@malwareremoval.com
Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.
Member site: UNITE Against Malware