malware problem

Hi,
Ihope you can help, my daughtergot this problem through a media viewer she downloaded. I was getting pop ups telling me I was infected and it took over internet explorer trying to get me to use their virus protector. I removed viewpoint media player as the culprit program and then ran all the read me and run programs and have attached the logs. The problems I have now are that Internet Explorer and Outlook come up as not responding. Also as I ran spybot it found couponbar and zlob downloader vcd. but when told to fix the problem spybot was not responding.
any help would be appreciated.
Thanks
Bob

 

Hi troutbum6,
Welcome to Major Geeks!

Please follow the instructions in Removing Zlob aka SmitFraud, SpySheriff, Infections. This will produce two logs, both called rapport.txt. Please attach the first rapport.txt here before continuing with the cleaning procedures, as the second log will overwrite the first one.

Thanks.
abri

 

Abri thanks for your help. I ran the smitfraud program as described and have attached both logs. I am still having problems with unresponsive programs. Thanks for your help.
Bob

 

Hi troutbum,

1) I see some things that don't look right. Are you running the TrendMicro Security Suite and the Verizon Security Suite as well as Authentium Antivirus? Please choose one of these and uninstall the others. All three of them are listed in your add/remove programs list, so you can remove two of them that way. Be sure that which ever ones you remove, they are disabled first.

The problem about having more than one antivirus program in your computer is that one cancels out the effectiveness of the other.


2) Also, while you're in add/remove programs, please uninstall the following:

Java 2 Runtime Environment, SE v1.4.2_03

3) Then run CCleaner at the default setting with the Windows tab as the one on top.

4) Please rename the following driver:

[EDIT] step removed by chaslang: this is driver is just from DivX

5) If you do not use Windows Messenger (not to be confused with MSN Messenger!!) I would like you to run Disable/Remove Windows Messenger

6) Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O21 - SSODL: admgcx - {590F4A3C-E7C2-494B-AAF5-F7115EF08CDC} - C:\WINDOWS\admgcx.dll (file missing)
O21 - SSODL: bdmanager - {EF4CD2D2-EAFA-472B-946D-6848A39D9124} - C:\WINDOWS\bdmanager.dll (file missing)

After you click fix, just close hijackthis.


7) Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Do not change any check box options!!
• Copy everything in the Quote box below, and paste it into the Input script here: part of the window:

• Now click the Execute button.
• Click Yes to the prompt to confirm you want to execute.
• Click Yes to the Reboot now? question that will appear when Avenger finishes running.
• Your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt and it will popup for you to view when you login after reboot.

8) Now run CCleaner again.

9) Install the current version of Sun Java from: Sun Java Runtime Environment

10) Please run C:\MGtools\GetLogs.bat and attach the fresh MGlogs.zip it generates along with the Avenger log.


Let me know how things are running now?

abri

 

Abri,
I'm trying to remove the extra antivirus programs but Authentium Antivirus isn't on the Change Remove list.How else might I accomplish this.
THanks
Bob

 

Abri and chas,
I followed allyour stepsand everything appears to be working correctly and alot faster. The only thing troubling was that Avenger couldn't find some of the items to delete. I have attached avenger log and MGlog.
You guys are the best
Thanks
Bob

 

Hi troutbum!
That looks better. Please run CCleaner whenever you close your browser for awhile. There are still a lot of temp files that it would be good to keep cleaned out. Other than that, you can run the final cleanup instructions in the box below. Please take the time to read the How to Protect Yourself From Malware thread. It's a good read and has a lot of good tips.

abri

 

Abri,
Thanks again for all your help.
Bob

 

You're welcome Bob!
Enjoy your computer!
abri