Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Some type of critter...

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Some type of critter...

Unread postby Gary R » October 28th, 2011, 1:59 am

Still not found anything of real concern in your logs, however we'll take care of what I have found and see where that takes us.

First

I believe there may be remnants of your old McAfee install that have not been removed when you uninstalled it. McAfee is notorious for leaving behind orphans, which may be interfering with Norton, which is notoriously intollerent of remnants of other AV programs.

Go to the following web page .... http://service.mcafee.com/FAQDocument.aspx?id=TS100507 .... and follow the instructions there for removing McAfee using the tool .... http://download.mcafee.com/products/lic ... s/MCPR.exe

Reboot your computer when finished

Next

  • Double click OTL.exe to launch the programme.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:OTL
O3 - HKU\S-1-5-21-4175157472-2595701245-221465235-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[1 C:\Windows\Fonts\*.tmp files -> C:\Windows\Fonts\*.tmp -> ]
[2 C:\Users\Dave\Documents\*.tmp files -> C:\Users\Dave\Documents\*.tmp -> ]

:Commands
[emptytemp]
[resethosts]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Let me know if there is any improvement in the performance of your computer.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Re: Some type of critter...

Unread postby session09 » October 28th, 2011, 10:50 pm

Wow! I was suprised at how much stuff was still on my system that McAfee left behind! I ran OTL, here's the log:

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-4175157472-2595701245-221465235-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
C:\Windows\Fonts\~GLH002b.TMP deleted successfully.
C:\Users\Dave\Documents\ZDS01989.TMP deleted successfully.
C:\Users\Dave\Documents\ZDS26153.TMP deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Dave
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1196744 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 470 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4173382 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 134 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.31.0 log created on 10282011_223944

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'm off to check out how things are. Already I've noticed logging in was quicker.

Thank you Gary for your expertise and time. I'll post more in the morning...my day off was spent tearing the top end of my engine off to replace the intake gasket as well as a blown supercharger on my car.

~session09
session09
Regular Member
 
Posts: 27
Joined: October 11th, 2011, 10:33 am
Location: Taunton, MA - USA

Re: Some type of critter...

Unread postby Gary R » October 29th, 2011, 5:38 am

No problem, I'll talk to you in the morning.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Some type of critter...

Unread postby session09 » October 30th, 2011, 1:55 pm

Everything seems to be back on track! Thank you for the help and the education regarding McAfee! Once again I am indebted to you all!
session09
Regular Member
 
Posts: 27
Joined: October 11th, 2011, 10:33 am
Location: Taunton, MA - USA

Re: Some type of critter...

Unread postby Gary R » October 30th, 2011, 2:39 pm

You're welcome, glad we could help :)

Time for a little housekeeping.

First

Let's clear out OTL and the files and folders it created. This will also remove GMER (except for the random named file on your desktop which you can delete manually)
  • Double click OTL.exe to launch the programme.
  • Click on the CleanUp! button.
  • OTL will download a list from the Internet, if your firewall or other defensive programmes alerts you, allow it access.
  • You will be prompted to allow the clean up procedure, click Yes
  • When finished exit out of OTL
  • Now delete OTL.exe (if still present).

As far as I can see, your computer looks clear of infection now.

Are you still noticing any problems ?
  • If you are let me know about them.
  • If not it's time to make your computer more secure.

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.

If your computer is running slowly after your clean up, please read.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Some type of critter...

Unread postby Gary R » October 31st, 2011, 6:18 pm

As your problems appear to have been resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 295 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware