Need help with Claro-search removal

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by robatron, Oct 16, 2012.

  1. robatron

    robatron Private E-2

    I had downloaded some software to help with my studies about a week ago, I then found the Claro search engine added to firefox, chrome and iexplorer 8. I tried and uninstall and removed files from and explorer search but it is still there. :cry

    I have followed the "Vista and Win 7 Malware Removal/Cleaning Procedure" and Have attached the log files. Any help would be so kind!
     

    Attached Files:

  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Have you got the log from HitmanPro please?


    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    • O20 - AppInit_DLLs: c:\progra~3\browse~1\23759~1.138\{61d8b~1\browse~1.dll
    • O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.3.759.138\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe

    After clicking Fix exit HJT.


    Download and run OTM.

    Download OTM by Old Timer and save it to your Desktop.

    • Right-click OTM.exe And select " Run as administrator " to run it.
    • Paste the following code under the [​IMG] area. Do not include the word Code.

    Code:
    :Files
    C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
    C:\ProgramData\Babylon
    C:\ProgramData\Browser Manager
    c:\progra~3\browse~1
    
    :Commands
    [emptytemp]
    [Reboot]
    • Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
    • Push the large [​IMG] button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.

    NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and attach the contents of that document back here in your next post.


    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.

    How are things now?
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds