Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 10th, 2010, 9:25 am

Hello mbiscup
The MBAM scan looked good... please post the information about the file "quarantined" by Avast 4.
The choice is your's regarding removing the Tess user acount and then creating it again. It very well may be that we are dealing with a "corrupted" user acount.

Step 1.
ESET NOD32 Online Scan
** Make sure you are using an account that has Administrative privileges **

Please temporarily disable your Anti-virus real-time protection. If active, it could impact the online scan.
Please go to ESET Online Scanner - © ESET All Rights Reserved... to run an online scan.

    Press the "ESET Online Scanner" button.
  1. Check the box next to "YES, I accept the Terms of Use."
  2. Click "Start"... a window will open... it may appear nothing is happening... please be patient.
  3. Click Yes... at the run ActiveX prompt. Click Install... at the install ActiveX prompt.
    Once installed, the scanner will be initialized.
  4. Click "Start". Make sure that the options:
    • Remove found threats is UNCHECKED
    • Leave the "default" settings under Advanced as they are, if not set , please check:
      • Scan for potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth Technology
  5. Click "Start"... ESET scanner will begin to download the virus signatures database.
    When the signatures have been downloaded, the scan will start automatically.
  6. Wait for the scan to finish... it may take a while... please be patient. When the scan is finished...
  7. Use Notepad to open the log file located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste the contents of log.txt in your next reply.
Remember to enable your Anti-virus protection... before continuing!

Step 2.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. Info on Avast4 quarantined file.
  3. ESET scan results.
  4. How is the computer behaving?
Thanks,
Wingman
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby mbiscup » March 12th, 2010, 1:17 pm

Wingman,

Back at it tonight ... thanks,

Mike
mbiscup
Regular Member
 
Posts: 28
Joined: January 5th, 2010, 5:19 pm

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 12th, 2010, 5:32 pm

No problem. :)
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby mbiscup » March 15th, 2010, 12:39 am

Wingman,

Info from Avast on problems found while running the MBAM scan

3/4/2010 10:12:18 PM ZZZ_Admin 1636 Sign of "Win32:Malware-gen" has been found in "C:\Documents and Settings\Tess\Local Settings\Temp\rfBF.exe" file.

3/9/2010 6:27:00 PM SYSTEM 1620 Sign of "Win32:Malware-gen" has been found in "C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP636\A0037253.exe" file.

ESET running now ... will post results tomorrow.

Computer seems better ... dont think IE runs on Tess account but will confirm after ESET.

Thanks,

Mike
mbiscup
Regular Member
 
Posts: 28
Joined: January 5th, 2010, 5:19 pm

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 15th, 2010, 8:01 pm

OK :)
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby mbiscup » March 17th, 2010, 12:00 pm

Posting tonight ... other issues with things other than computers ... thanks for your patience.

Mike
mbiscup
Regular Member
 
Posts: 28
Joined: January 5th, 2010, 5:19 pm

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 18th, 2010, 10:17 am

OK... Thanks for letting me know.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby mbiscup » March 18th, 2010, 10:41 am

Wingman,

ESet log looks clean ... did I owe you anything else?

Thanks for your help and patience

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=6b022e846efdcb4d8eda88ddddb431a9
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-03-15 05:08:41
# local_time=2010-03-14 10:08:41 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 3058689 3058689 0 0
# compatibility_mode=769 16775141 100 92 0 203995178 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=60496
# found=0
# cleaned=0
# scan_time=1314
mbiscup
Regular Member
 
Posts: 28
Joined: January 5th, 2010, 5:19 pm

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 18th, 2010, 12:20 pm

Hello mbiscup
No you didn't owe me anything else. Thanks. Yes, the ESET was clean.
I'd like to get another MBAM scan and another RSIT log created, to make sure there is still no malware present.

Have you tried resetting IE back to the original defaults settings? Some times malware will corrupt IE settings, causing it to malfunction.

Step 1.
ERUNT - Emergency Recovery Utility NT
Please run this again, as changes may have occurred between the last run and now. Better to be safe than to be sorry.
Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.
Run:
  1. Please navigate to Start >> All Programs >> ERUNT... double-click ERUNT from the menu.
  2. Click on OK within the pop-up menu.
  3. In the next menu under C:\WINDOWS\ERDNT\DD-MM-YYYY under Backup options make sure both the following are selected:
    • System registry.
    • Current user registry.
  4. Next click on "OK"... at the prompt... reply "Yes".
    After a short duration the Registry backup is complete! pop-up message will appear.
  5. Now click on "OK". A registry backup has now been created.
< STOP > If you did not successfully complete this step. < STOP > Do not continue with any other steps, post back and let me know!

Step 2.
Reset Internet Explorer Settings
Warning:
When you reset Internet Explorer settings, all add-ons and customizations are deleted, and you basically start with a fresh version of Internet Explorer
.
  1. Exit all programs, including Internet Explorer (if it is running).
  2. Click Start > then click Run.
  3. Type the following command in the Open box, and then press ENTER:
    inetcpl.cpl
    The Internet Options dialog box appears.
  4. Click the Advanced tab.
  5. Under "Reset Internet Explorer settings", click Reset. Then click Reset again.
    When Internet Explorer finishes resetting the settings,
  6. Click Close in the "Reset Internet Explorer Settings" dialog box. Start Internet Explorer again.

Step 3.
Malwarebytes' Anti-Malware
  1. Please start MBAM (Malwarebytes' Anti-Malware) again.
  2. Press the Update tab.. then press the Check for Updates...button. <<---Important!
    Once any updates are installed or you get the message that you are up-to-date
  3. Press the Scanner tab...
  4. Select FULL SCAN this time... then press the Scan...button. This scan will take a while, so please be patient.
    When the scan finishes...
  5. Check all items except any items (if present) in the C:\System Volume Information folder... then click on Remove Selected.
  6. Let MBAM remove what it can... if there are files to be deleted on reboot... please reboot the machine so MBAM can finish the removal.
    If you rebooted, then you'll need to start MBAM again.
  7. Press the LOG... tab. Locate the most current log file.
    Please copy and paste the most recent log (from this new run) in your next reply.

Step 4.
Re-run - RSIT (Random's System Information Tool)
You should still have this program on your desktop.
  1. Double click on RSIT.exe to run it.
  2. Please read the disclaimer... click on Continue.
    RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced.<<will be maximized
  3. Please post ONLY the "log.txt", file contents in your next reply.


Step 5.
Please include in your next reply:
  1. Any problem executing the instructions?
  2. MBAM scan results.
  3. RSIT log.txt file contents.
  4. How is the computer behaving?
Thanks,
Wingman
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 20th, 2010, 4:57 pm

3 Day Response
Hello...
It has been 2 days since my last post to you.
  • Do you still need help with this problem?
  • Do you need more time?
  • Are you having problems understanding or following my instructions?
  • Did you receive help elsewhere or resolve the problem yourself?
Just let me know what's going on otherwise...
After 24 hrs., if you have not replied to this thread... it will be closed!
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby mbiscup » March 22nd, 2010, 1:19 am

Sorry ... will finish up tomorrow.

Mike
mbiscup
Regular Member
 
Posts: 28
Joined: January 5th, 2010, 5:19 pm

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 22nd, 2010, 8:23 am

:)
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 24th, 2010, 9:46 am

3 Day Response (Second notice)
Hello...
It has been 2 days since my last post to you.
  • Do you still need help with this problem?
  • Do you need more time?
  • Are you having problems understanding or following my instructions?
  • Did you receive help elsewhere or resolve the problem yourself?
Just let me know what's going on otherwise...
After 24 hrs., if you have not replied to this thread... it will be closed!
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby mbiscup » March 25th, 2010, 11:28 pm

Sory Wingman ... too many kids animals sports ... need another day or so to get this sorted out ... shooting for tomorrow night.
mbiscup
Regular Member
 
Posts: 28
Joined: January 5th, 2010, 5:19 pm

Re: Bad Stuff ... Now No Stuff on Kids Computer ... Part Three

Unread postby Wingman » March 26th, 2010, 6:43 am

Ok... this is your last chance.

If you do not have the time to properly deal with the computer problems, it's better to come back when you can devote the time needed.
User avatar
Wingman
Admin/Teacher
Admin/Teacher
 
Posts: 14347
Joined: July 1st, 2008, 1:34 pm
Location: East Coast, USA
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 262 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware