completed the "read and run me first" guide and still have problems

Discussion in 'Malware Help (A Specialist Will Reply)' started by jakkalofv, Feb 18, 2008.

  1. jakkalofv

    jakkalofv Private E-2

    I have completed the "read and run me first" guide and the "windows xp cleaning procedure" and I'm still having problems. I did not, however, run combofix because of the warning that 1/100 computers fail after use (don't like those odds). I have attached the logs that were created.

    The problem I am having is that when I'm on the internet doing something I'll go to a web page and as soon as it finishes loading the page closes. It doesn't happen on all web pages just certain pages.

    Before I completed the read and run me first/windows xp cleaning procedure, I could not get ad-aware or counterspy to run on my computer. I am now able to do so, but neither fixed the problem.

    CounterSpy did however find "Bifrost Backdoor" (hkey_users\s-5-1-21-3965320847-892991537-108970575-1006\software\wget) and "AntiVirus Gold Rogue Security Program" (hkey_users\s-5-1-21-3965320847-892991537-108970575-1006\software\microsoft\internetexplorer\desktop\components\1) which I suspect might have something to do with my problems. But I was unable to remove the problems because my registration with counterspy has run out.

    Attached are the zip from MGTools and the log from Ad-Aware. If counterspy created a log, I could not find it.

    Any help is appreciated, thank you very much.
     

    Attached Files:

    jakkalofv, Feb 18, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    It did not say it would fail your computer. It said on 1/100 computers it will fail the disinfection process.

    Since your trial copy of CounterSpy has expired, please uninstall it as it is of no use to you anymore and will just get in our way.

    Please run and attach the requested log from SUPERAntispyware as gievn in the READ & RUN ME.

    Also do the below which was also requested in the READ ME.


    Uninstall the below old versions of software:
    J2SE Runtime Environment 5.0 Update 6
    Viewpoint Media Player <-- should have been uninstalled in step 1 of the READ ME

    Make sure you reboot after uninstalling the above!

    After reboot, now install the current version of Sun Java from: Sun Java Runtime Environment
     
    chaslang, Feb 19, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    I'm not seeing any major issues. Let's see how the other logs look when you attach them and also let's do the below.



    Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O24 - Desktop Component 1: Aqua Real - 7db39a0d-580f-4be9-9195-8bfcd226f6c2

    After clicking Fix, exit HJT.

    Now we need to Reset Web Settings:
    1. If you have an Internet Explorer icon on your Desktop, goto step 2. If not, skip to step 3.
    2. Now right click on your desktop Internet Explorer icon and select Properties. Then click the Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK. Then skip step 3.
    3. If you do not have an Internet Explorer icon on your Desktop, click Start, Control Panel (for some systems it may be Start, Settings, Control Panel), Internet Options, Programs tab and then click "Reset Web Settings". Now go back to the General tab and set your home page address to something useful like www.majorgeeks.com. Click Apply. Click Delete Cookies, Click Delete Files and select Delete all Offline content too, Click OK. When it finishes Click OK.
    Note for IE 7 users: You need to select Internet Options then the Advanced tab and then Reset Internet Explorer Settings!


    Now delete the below file:
    C:\Program Files\Enigma Software Group

    Also delete all files in the below folders except ones from the current date (Windows will not let you delete the files from the current day).
    C:\WINDOWS\Temp
    C:\Documents and Settings\Jake Anderson\Local Settings\Temp

    Now run Ccleaner!

    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Avenger.

    Make sure you tell me how things are working now!
     
    chaslang, Feb 19, 2008
    #3
  4. jakkalofv

    jakkalofv Private E-2

    I'v done everything you told me to and so far the problems I was having before are all gone. Things are working just fine, Thank you very much!

    I'v attached the log for SUPER Anti-Spyware anyways as well as the zip for MGtools. I don't know what Avenger is but since I am having no problems I don't see any reason to worry about it.

    Again, thank you very much for your help.

    -Jake
     

    Attached Files:

    jakkalofv, Feb 21, 2008
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds