Mailglobalcom\Binsettingsace+AdWare.lop

I have read, downloaded, ran all of the suggested programs in Read This First.
I have eliminated a Trojan, but I need help with these viruses since I can not delete the necessary lines.
Programs show failed attempt. What do I change or eliminate.

Here is my HJT:

• Edit by bjgarrick: Unrequested, Inline HJT log removed!

I have tried to rid myself of these problem files for 4 weeks. HELP PLEASE!!!!

Regards,
goodcheer

 

Welcome to MajorGeeks.com!

Please follow forum guidelines and perform cleaning steps in the sticky thread before posting HijackThis logs.

Now, please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

http://www.majorgeeks.com/images/grenade.gif Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

• Make sure you check version numbers and get all updates.

http://www.majorgeeks.com/images/grenade.gif Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.

http://www.majorgeeks.com/images/grenade.gifAfter doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps in the below thread to properly use HijackThis and attach the log:

http://www.majorgeeks.com/images/grenade.gif Downloading, Installing, and Running HijackThis

http://www.majorgeeks.com/images/grenade.gif When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too (these scans are covered in steps 6 & 7 of the READ & RUN ME sticky)

• Bitdefender
• Panda Scan
• HijackThis

 

I have read and followed all the suggested read me..........
ILife got in the way of this box, so over the last 3 days I have scanned with the suggested programs using the safe mode. I have disables all of my virus/spy programs.
I am attachong my os report and HJT reports. I have not saved any other logs. Bitdefender took 7 1/2 hrs. to run.

Bitdefender results read 0 on all lines
Cleaned with CCleaner,MS Malious Removal Tool.AdAware,Spybot.

Panda will not download in either IE or Foxfire mode.

All programs will not let me delete or clean these lines. I have looked at them in regedit.

Due to deficiences from a brainstem stroke, I can't understand how to attach with attachments on an email using this system. I do have logs for HJT and my OS report.

Suggestions needed..........

goodcheer

 

Attach a fresh HJT log using the Manage Attachments button at the bottom of this box where you type.

 

I hope the attachments are here with this message.
After I upload, it says attachment in progress.
I can not close that window.
I am not able to figure out what I am doing wrong. I have used a desktop w/Win for the last 15 years, your programming seems simplistic enough for everyone to use, but yet, I am having problems following this attachment step.
I can copy the HJT and send it inline..........or maybe another way to explain attachments may be necessary in my case.

This box could make a good paperweight!!
http://forums.majorgeeks.com/images/icons/icon11.gif
Red face

The only windows that are open are my reply and the upload window, certainly there should be enough memory to do the attachment.

goodcheer

 

Here is the inline HJT:

Edit by chaslang: Inline log attached

Here is my system report:
OS Name Microsoft Windows XP Home Edition
Version 5.1.2600 Service Pack 2 Build 2600
OS Manufacturer Microsoft Corporation
System Name HOMEPC
System Manufacturer HP Pavilion 061
System Model DM181A-ABA A305W
System Type X86-based PC
Processor x86 Family 15 Model 2 Stepping 9 GenuineIntel ~2690 Mhz
BIOS Version/Date Award Software, Inc. 3.16, 8/5/2003
SMBIOS Version 2.3
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume2
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)"
User Name HOMEPC\Owner
Time Zone Eastern Standard Time
Total Physical Memory 1,024.00 MB
Available Physical Memory 648.02 MB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 2.39 GB
Page File C:\pagefile.sys

THANKS FOR UR HELP!!

goodcheer

 

My apologies, I didn't download my personal email until I was ready to turn off this box. The previous relpy should have been "cleaned up'" by admn.
I am having problems getting the attachments into the body of a thread.
I erroneously posted the logs in complete form to the list. I'm sorry!!!!!

I still need to know what lines to change or delete in regedit to get up and running properly!

goodcheer

 

Please EXTRACT HijackThis from the ZIP File to a Safer location. Here's how:

To create a new folder:

• Click START > My Computer > Local Disc C: > Program Files
• Now, Right Click on an Empty Area and select New > Folder & name it HijackThis and ENTER

To Extract HijackThis:

• Now, Right Click your HijackThis ZIP File and select Extract All > Next > and browse to your newly created HijackThis Folder
• (C:\Program Files\HJT) and click Next.

After you have completed the above steps to relocate HJT, run it from the new location. Please save your HJT log as a .txt file and attach it via the "Manage Attachments" tool in the Additional Options section when you post.

The reason HJT needs its own safe folder is so that backups will be safely preserved. That way, if a mistake is made in the removal process, the mistakenly deleted entry can be restored.

 

I have made a new folder for HyJackThis.
I also have a folder with all the programs used in the sticky items 1-6 in the Read Me first
.
I still can not post an attachment of the HJT. I do have the most current one done AFTER I followed the sticky Read Me First.

Here is the ZIP file of HJT, I hope.
I have not been able to upload attachments and can not close the upload window.

I am now crashing intermittently without reason. Bleh.........:-(

goodcheer

 

I am now attaching ZIP files for:
SpyBot
AdWare
Bitdefender
SystemInfo

Panda Online would not scan, computer crashed each time I tried to use the program, I find that strange since I was able to online scan using Panda the other day. I again ran CCleaner, MSN's Malicious Removal Tool, AdWareSE, SpyBot,MSN's Defender, all on full scan. MSN's Anti Spyware Beta seems to have disappeared from their list and from my computer ADD/REMOVE options.
I DID have the program active and updated.

I am hoping that this will give you the needed info to help figure out what is causing all of these problems...........

goodcheer

 

Something I just noticed is that your running BitDefender & Norton. This is not recommended as running more then one antivirus will cause conflicts on your system. Please pick one and uninstall the other.

Also, please uninstall Adware Alert as it's listed on the rogue/suspect list of anti-spyware programs.

Once you complete the above steps, attach a fresh HJT log.

 

I deleted Adware Alert and Bitdefender programs.
Ran CCleaner
Attached is my HJT zipped log.

I am open to advise on the antivirus program Avast Personal V. .6.763. I reformatted this computer 4 times in August,2005. I am considering deleting my Norton AntiVirus and installing Avast. I didn't care for the options on Bitdefender Antivirus program.

Thank you so much for your patience and help. I appreciate it very much!

goodcheer

 

I personally recommend AVG AntiVirus, I use this and it's the best IMO. It uses very few system resources and when something is detetced it's deleted as with Norton and others it's not it just keeps notifying you.

You didn't attach anything?

 

I am having problems attaching again.

I used MSN --IE to get the attachment uploaded. It worked for me previously.
I HATE IE and AVG does not work with Firefox, which I do use as my browser and thunderbird for my email. So AVG is not an option to me. I wrote tech support requesting that AVG program support for Firefox, but so far, they haven't programmed it to do the job. Maybe they won't. I do like AVG and used it for years prior to my switch to FireFox.

I am again trying to attach with Firefox.

:-( goodcheer

 

I use Firefox, AVG and ZoneAlarm and never had one problem so I'm not sure why you have problems.

I still see BitDefender? Did it uninstall completely?

C:\Program Files\Softwin\BitDefender8\bdnagent.exe

 

I used to use all the programs that you mentioned until I got this box 1 year ago. In another thread I will attach the tech support letter from AGV that I received as a negative response to my inquery.

I see the Bitdefender in the previous HJT. I went to my control panel Add/Remove programs to rid my box of the program. Emptied the recycle bin, and it was stilll there. I did a double check, deleted ALL of my previous HJTlog files, restarted my box. Ran HJT again. Now, I look and Bitdefender exe is gone from HJTlog.

I crash without notice and I also see that I still show adware Binsettingsace on my external drive F.
I do have an external hard drive attached and have also modified my adware changes on it also.

With XP so unstable, is it possible for me to get rid of XP and install Win 98. on this box?

I have had my sys. restore turned off for several days...........

My personal computer geek left the state for new employment, and I am at a loss as to get this box working properly again. My stroke seems to have robbed me of ALL of my patience!!!
I do appreciate yours in helping me.........THANKS

attached is a new HJTlog05a.

goodcheer

 

AGV Antivirus compatablity with Firefox.

Attached is the email that I received back from Grisoft.
Once I get things straighten out, AVG amy be worth a try for me again.
I find Norton unsuitable for my use.


goodcheer

 

Hello goodcheer. Have read your comments about AVG with interest and I'm a little confused as this appears to me to be a standard disclaimer, for lack of a better term. From the letter you attached:

"Please be informed that Mozilla and also Thunderbird email clients are not directly supported by AVG.
But please be assured that your e-mails will be scanned by AVG Personal E-mail scanner. AVG will offer you full anti-virus protection."

I have seen similar statements from other AV software concerning the use of free email clients and actually, it's quite common when using free programs. While AVG doesn't directly support thunderbird, they do offer free help on their forums if you need it and your emails are scanned if you have it configured correctly. Additionally, as with other AV software, the resident shield is actively running in the background so it is doing the same thing other AV software does irregardless of what email client or browser you are using. Direct support doesn't mean it won't work with a particular piece of software ie: thunderbird.

Personally, I tried thunderbird but didn't like it as it lacked many of the features I rely on in OE. I'm with bj on the use of AVG. Low on resources, updates daily and ya can't beat the price.

 

Windows 95/98/ME are no longer supported by Microsoft, besides Windows XP is the most secure and stable OS Micrsoft has. I will be honest, Norton is one of your main problems.

Something I notice is the file below, it belongs to Windows Defender, why is it running from the location it's in now instead of C:\Program Files\Windows Defender?

MsMpEng.exe

Now, Please boot into Safe Mode, be sure you have the Viewing of Hidden Files & Folders Enabled per the tutorial. Now, navigate to and DELETE the following if they should remain:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O4 - HKCU\..\Run: [TraySoap] C:\DOCUME~1\Owner\APPLIC~1\MAILGL~1\Binsettingsace.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Again, make sure ALL browser windows are closed when you click FIX.

Now, Please boot into Safe Mode, be sure you have the Viewing of Hidden Files & Folders Enabled per the tutorial. Now, navigate to and DELETE the following if they should remain:

C:\Documents and Settings\Owner\Application Data\MAILGL~1 ← Delete this whole folder if it exist!

Next, run CCleaner to clean up cookies and temp files.

Finally, I would like you to flush your System Restore points. Please follow the instructions in the below:

• Disable and Re-enable System Restore
  
  
• Turn OFF System Restore to flush any bad Restore Points.
  
  
• Then, follow the instructions at the bottom of the linked page to Re-enable the Restore Utility which will create a fresh restore point.

After you complete the above reboot once more and then scan with HijackThis and attach the new log.

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

 

First, to address this:
*Something I notice is the file below, it belongs to Windows Defender, why is it running from the location it's in now instead of C:\Program Files\Windows Defender?*

I have made a desktop folder with all the necessary programs to rid and clear this box of my problems with malware and trojans. I did this for my convenience and to eliminate any errors that I easily can make. Do I HAVE to put the line in windows defender folder?

I did some hard drive housekeeping this afternoon. I deleted several folders and files. I also rid myself of Norton and downloaded avast. I am going to try this anti virus program for awhile since it attaches an ending note that will inform one that my emails have been scanned for viruses outgoing. It is my understanding that one has to buy the AVG program in order to have that note at the bottom of ones emails. I used AVG for several years back in the '90's and insist that my friends, who believe that I am a computer geek (NOT!), download and use the AVG program whether or not their server has one on their system or not.

I followed ur instructions concerning the deletion of lines in safe mode, I deleted the mailgl~1 folder, ran ccleaner and have attached HJT7.
BTW, I still am not able to attach without using the zip file method.
Patience is golden!!!!

I have had my sys restore turned off since I first discovered the trojan invasion, but I did follow your suggestions and flushed the file restore system out and then turned it on again.

I am hoping that I am now rid of the nasty adware/trojans/malware invasions and hopely have guarded my box until,the next time someone out smarts the systems!!

Thank you so much for your assistance. This service is GREAT and it is especially *nice* that all of you are so willing to share your expertise.

goodcheer

 

Yes, if you're going to keep Windows Defender for protection it needs to be installed properly.

AVG Free Edition will scan e-mails if the plugin is active which it is by default. It will show the message at the bottom of the e-mail as well. You don't have to buy it, the free version does this.

 

Thanks for the info.......I'll make the changes in Defender.
I still want to try avast for awhile, although I probably will go back to AVG in a while.

I JUST CAN NOT get the HJT7 file to attach.......with either Thunderbird of OE.
Sure tests ones patience...............

Do you want me to send it in line and u catch the post for editing?

AMEN....I think HJT7 made it online zipped this time.!!!!!!!!!!
goodcheer

 

Your HJT log looks good, are you having any current problems?

 

Don't know for sure, but it seems to be ok now.
I have a lot of "homework" to do with scans yet tonight.......and the net is really slow besides.

CCleaner is really a *fine* program and I am sure I am going to recommend
to alot of individuals!!!

Thanks again for ALL the help..........

goodcheer

 

Your Welcome!

If you have any further problems just let me know in this thread.

You should see this article on How to Protect yourself from malware!

Surf Safely!

 

I am now using AVG,AdAware, Zone Alarm along with my regular programs. I add/removed all of the other antiVirus programs.

This box seemed to be running slow again, so I ran thru steps 1-6 in the Read me.
In safe mode:
Ran CC
Ran MWMSR = O
Ran AdAdware 0
Ran SpyBot 0
Ran Win Defender and "fixed" the items found with that program

Crashed several times trying to run Bitdefender and Panda.
I am hoping that SOMETHING can be found in this log that slows this box down and causes it to crash.

Attached is my HJT log.

Thanks
goodcheer

 

I did do the HJT fix, turned off the box, cold started, the programs rolled over and started background running again. Weird, but it did happen. I hadn't realized that HJT had sooo many options, but I didn't know which option button to use to get the job done in HJT, so I cold started in safe mode, used msconfig, checked the paths that you listed, shut down and started up normally. This time the programs did not run in the background.

I knew that I had startup programs running that I didn't need to have going, but I was concerned that I would eliminate an important one and then be in a real pickle barrell. Therefore, the links that you provided to me will be convenient to me when and if I need to free up more memory space.

Everything seems to be running smoother now, but I did crash again when I tried to respond the first time. Nothing else but my browser was open.

This is the second HP that I have owned, I sure wouldn't recommend this model to anybody!! A student built my last box from scratch and I never had a problem with it, I just could not add any more memory sticks to it.

I know just enough about this box to be dangerous, but not enough to fix it!
Your help gives me enough confidence to get things done in a manner that is very professional and in the easiest terms. Thanks so much!!!!


Again, Thanks...........
goodcheer