Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

ADWARE.Gen

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: ADWARE.Gen

Unread postby confused63 » June 23rd, 2012, 12:45 pm

Hi Maxi,

My laptop is doing really well haven't had any problems with it lately. I have a couple of questions.
Can I use my audacity programme? What little I have understood of all this is that you have tried to remove that Bablylon thing from my laptop. So I presume that is what was added to my laptop by that other programme...?
Is my laptop safe with that ADWARE.Gen in Quarantine?
Thank you again for your help!!

All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Babylon\Babylon Client\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\InprocServer32\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}\InprocServer32\ not found.
========== FILES ==========
C:\Users\Paglam\AppData\Local\Babylon\Setup\HtmlScreens folder moved successfully.
C:\Users\Paglam\AppData\Local\Babylon\Setup folder moved successfully.
C:\Users\Paglam\AppData\Local\Babylon folder moved successfully.
C:\ProgramData\Babylon folder moved successfully.
File\Folder C:\Users\All Users\Babylon not found.
C:\Users\Paglam\AppData\Roaming\Babylon folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Paglam
->Temp folder emptied: 289150 bytes
->Temporary Internet Files folder emptied: 1502917 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 237833558 bytes
->Flash cache emptied: 2557 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 119057587 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 208776544 bytes

Total Files Cleaned = 541.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.50.0 log created on 06232012_172711

Files\Folders moved on Reboot...
C:\Users\Paglam\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

SystemLook 30.07.11 by jpshortstuff
Log created at 17:35 on 23/06/2012 by Paglam
Administrator - Elevation successful

========== filefind ==========

Searching for "*Babylon*"
C:\_OTL\MovedFiles\06232012_172711\C_Users\Paglam\AppData\Local\Babylon\Setup\Babylon.dat --a---- 11205 bytes [16:31 16/02/2012] [14:06 27/12/2011] 8E6B33A7F03E2693A614002587A35DDD

========== folderfind ==========

Searching for "*Babylon*"
C:\_OTL\MovedFiles\06232012_172711\C_ProgramData\Babylon d------ [16:31 16/02/2012]
C:\_OTL\MovedFiles\06232012_172711\C_Users\Paglam\AppData\Local\Babylon d------ [16:31 16/02/2012]
C:\_OTL\MovedFiles\06232012_172711\C_Users\Paglam\AppData\Roaming\Babylon d------ [16:31 16/02/2012]

========== regfind ==========

Searching for "Babylon"
No data found.

-= EOF =-
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am
Advertisement
Register to Remove

Re: ADWARE.Gen

Unread postby maxi » June 24th, 2012, 1:29 pm

Hi confused63 :) Looks good :)

Can I use my audacity programme? What little I have understood of all this is that you have tried to remove that Bablylon thing from my laptop. So I presume that is what was added to my laptop by that other programme...?
Is my laptop safe with that ADWARE.Gen in Quarantine?


Yes you can use audacity, Its a legit program. It might have been that when you downloaded it the other junk came bundled with it. Whatever Avira quarantined is safe there and no need for you to remove it. For the next day or two I want you to use audacity and let me know if its working properly and how your computer is behaving during that time.

Please let me know in a day or two how things are running, and if no further problems i will give you final instructions.

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby maxi » June 27th, 2012, 1:05 pm

Hi confused63 :) Have you an update of your computer for me ?
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby confused63 » June 27th, 2012, 2:56 pm

Hi Maxi,

Sorry for the late reply, have been quite busy.

The laptop is running well, I had one funny moment when doing my emails, when I pressed the return key after writing i.e. Hi John, when I wanted to go to the next line it opened some window that I have no clue of why it did that..... window where I could change my settings... so I think I probably had happened to press a button somewhere that made it do that... if that is possible? I had to close down the browser to get out of that funny thing, and then it worked again. That is all that has happened after I opened the audacity programme and messed about with it for a brief time (have not had time to learn yet how it works properly).

So what do you think?

Kind Regards
P
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am

Re: ADWARE.Gen

Unread postby maxi » June 28th, 2012, 11:49 am

Hi confused63 :) That looks good. I think you must have hit another key by mistake. Keep an eye on it though and come back to us if you feel there is a problem.You must just install the latest version of java and I have a little advice for you below :)


Java SE Runtime Environment (JRE).

Please download from HERE

  • Find Java SE 7u5.
  • Click the Download JRE button to the right.
  • Choose the correct Platform and Multi-language. Next, check the box that says I agree to the Java SE Runtime Environment 6 License Agreement.
  • Click the Continue button.
  • Click on the filename under Windows Offline Installation and save it to your desktop.
  • Close all active windows.
  • Install the program.





Clean up with OTL

  • Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

You can now safely remove any of the programs we used from your desktop.

Create a new, clean System Restore point which you can use in case of future system problems:
  • Press Start >> All Programs >> Accessories >>System Tools >> System Restore
  • Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
  • Now remove old, infected System Restore points:
  • Next click Start >> Run and type cleanmgr in the box and press OK
  • Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
  • Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
  • Press OK and Yes to confirm

Update your AntiVirus Software and keep your other programs up-to-date
Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Security Updates for Windows, Internet Explorer & Microsoft Office
Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis.

Malwarebytes' Anti-Malware
You already have this installed. I would recommend you update and run a quick scan with this once a week.


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety


Also, please read this great article by Tony Klein So How Did I Get Infected In First Place

Happy surfing and stay clean!
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby confused63 » June 28th, 2012, 7:22 pm

Thank you Maxi!!!

I will do as you suggest below, no later than tomorrow evening, it is very late now so it'll have to wait till tomorrow, and I hope that I wont need your help again for a very long time! :bounce:

I'm so grateful for your help.

Greatly appreciated. :flower:

Thank You
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am

Re: ADWARE.Gen

Unread postby maxi » June 29th, 2012, 5:14 am

Your very welcome :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby confused63 » June 29th, 2012, 6:53 am

Hi Maxi,

I have downloaded the new java, hopefully the right one, and done the clean with the otl.

When I try to follow the instructions about a restore point I don't get those options you are giving me to follow.

I only get two options

1. Recommended restore
2. Chose a different restore point

Even if I click on both of those I still don't get those options to click that you recommended.
I even tried to do a restore point the 'old' way that we did previously, but it just makes a restore point that I named clean restore point 29 June 2012, but that is is I can't do what you ask me to do... :(

Any suggestions?

I will be busy over the weekend so probably wont be able to do anything with the laptop until earliest Sunday night.

Kind Regards
P
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am

Re: ADWARE.Gen

Unread postby maxi » June 29th, 2012, 8:58 am

Hi confused63 :) Not to worry.

I even tried to do a restore point the 'old' way that we did previously, but it just makes a restore point that I named clean restore point 29 June 2012

Thats good , you have created the clean restore point :)

Now to clear the old ones.
  1. Click the Start... button. Type disk in the Start Search text entry box.
  2. Double click the Disk Cleanup entry, from the matching program list.
  3. In the Disk Cleanup options...select "Files from all users on this computer"
    If the Disk Cleanup: Drive Selection dialog box appears:
    • Select the drive where Windows Vista is installed. (Normally, this would be C:\ drive)
    • Press the "OK"...button.
    Disk Cleanup will begin space saving calculations.
  4. When the calculations are finished... Press the More Options tab.
  5. In the "System Restore and Shadow Copies" section... select "Clean up" button.
  6. Press the "Delete"... button, at the "Are you sure..." prompt.
    Disk Cleanup will begin cleaning up old files and restore points.
  7. Exit Disk Cleanup.
    This will remove all restore points except the one you just created.


Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby confused63 » June 29th, 2012, 9:06 am

Hi Maxi,

I have windows 7, and when I type disk and choose disk clean up the only option it gives me is Windows C drive or the Data drive... which one would you like me to choose??
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am

Re: ADWARE.Gen

Unread postby maxi » June 29th, 2012, 9:11 am

Choose the C drive :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby confused63 » June 29th, 2012, 9:12 am

ps.

The Malwarebytes' Anti-Malware programme has disappeared as well, so I have to download it again... :shock:
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am

Re: ADWARE.Gen

Unread postby confused63 » June 29th, 2012, 9:35 am

Hi Maxi,

erm.... I think I have messed something up, I have suddenly (?) ended up with two Programme Files folders one is called Programme Files (x86) :oops:

I'm trying to put work this host file that I downloaded onto my laptop, my Avira antivirus said it has blocked it... so I guess I need to do something about that...???

:cry: I don't think I'm very good with this....

Any suggestions??
confused63
Regular Member
 
Posts: 88
Joined: March 28th, 2010, 9:55 am

Re: ADWARE.Gen

Unread postby maxi » June 29th, 2012, 10:08 am

Hi confused :) Its my fault about Malwarebytes, I wrongly thought you had it installed. You can install if from the link below.

About the Program files (x86), Thats ok, its supposed to be there.

I will com back to you about host file. There seems to be some problem there.

Install Malwarebytes' Anti-Malware - Malwarebytes' Anti-Malware is a new and powerful anti-malware tool. It is
totally free but for real-time protection you will have to pay a small one-time fee. Tutorial on installing & using this product can be found below:

Malwarebytes' Anti-Malware Setup Guide

Malwarebytes' Anti-Malware Scanning Guide


Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.

Re: ADWARE.Gen

Unread postby maxi » June 29th, 2012, 1:13 pm

Hi confused63,

You can disable Avira's realtime protection while you install the host file.

Right click on the Avira umbrella and uncheck "Antivir guard enable".

Then install the host file.

Then recheck "Antivir guard enable" and you should be set.

I hope this helps,

Regards maxi :)
User avatar
maxi
Retired Graduate
 
Posts: 1262
Joined: September 25th, 2009, 10:17 am
Location: Cork, Ireland.
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 34 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware