Solved: Multiple Issues with corrupted archives/win 32 infected and more

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

cherdon

Thread Starter
Joined
Feb 9, 2009
Messages
288
I really dont know where to start. Noticed when I would click on chrome it would take awhile before hourglass came up and then another min or so before it would actually come up and desktop screen would jump just beforehand..i checked add/remove and decided to delete avast and re download it as i was always getting errors when issues were found and it wouldn't solve them. After that i thought maybe it was a google chrome issue so I deleted that thinking it would be no big deal..tried to reinstall but couldn't do so the regular way, had to install a chrome standalone which i dont like because it looks somewhat different and alll my bookmarks that i desperately need have disappeared, i got rid of leapfrog in add/remove cause it apparently was corrupted, same with google earth..when i ran avast it said it needed to do a boot scan (i think thats what its cld) upon computer restart..that took forever..gave options to fix, fix all, ignore, delete and repair..tried fix all but said it couldn't ..meant to click on repair all and accidentally hit delete..I really need some help here please
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,448
Hi, can you post the log file from Avast - it should be located here.
C:/ Program Data/Avast Software/Avast/Report/aswBoot.txt
Or here.
Documnets and Settings\All Users\Application Data\AVAST Software\Avast\report\aswBoot.txt
======
Check and post
TSG System Information Utility - found here.
http://static.techguy.org/download/SysInfo.exe
======
Download Security Check by screen317 from.
http://screen317.spywareinfoforum.org/
Or
http://www.bleepingcomputer.com/download/securitycheck/dl/123/

Save it to your Desktop.
Double click the install icon.
If using Vista - Win 7 - right click the install icon and select "Run as Administrator"
A command Prompt window will open.
Let it scan the Pc - press any key when asked.
It should now open in Notepad.
Copy and Paste the result of the scan in the reply box below.
 

cherdon

Thread Starter
Joined
Feb 9, 2009
Messages
288
Hi

I really tried to follow your first instruction on how to locate avast log but cant find it. I did print screen but upload failed. I'm at a loss on how to find exactly what you need.
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,448
Run an online virus scan with ESET - use IE [Internet Explorer] to download ESET.
http://www.eset.com/us/online-scanner/
Click on Run ESET Online Scanner

Disable your existing Anti Virus following these instructions.
http://www.bleepingcomputer.com/for...nti-virus-firewall-and-anti-malware-programs/
Do not forget to enable your anti-virus program after you have run the ESET scan.

Do not let ESET remove what it finds.
Untick the box next to Remove found threats

Post the log files - they can be found here.
C:\Program Files\ESET\EsetOnlineScanner\log.txt

Depending on what it finds - we may need to ask one of our Malware experts for help
 

cherdon

Thread Starter
Joined
Feb 9, 2009
Messages
288
Just to let you know this scan is taking along time..still at 43% showing 7 threats so far
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,448
Just to let you know this scan is taking along time..still at 43% showing 7 threats so far
Ok - post the log file when all is done.
We may then need to have your post moved to the Virus and Other Malware Forum for their expert help
 

cherdon

Thread Starter
Joined
Feb 9, 2009
Messages
288
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Home Edition, Service Pack 3, 32 bit
Processor: Intel Pentium III Xeon processor, x86 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 2038 Mb
Graphics Card: Intel(R) G33/G31 Express Chipset Family, 384 Mb
Hard Drives: C: Total - 305234 MB, Free - 258458 MB;
Motherboard: ASRock, G31M-S.
Antivirus: avast! Antivirus, Updated: Yes, On-Demand Scanner: Enabled
 

cherdon

Thread Starter
Joined
Feb 9, 2009
Messages
288
Results of screen317's Security Check version 0.99.95
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
ESET Online Scanner v3
Avast Free Antivirus
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 64-bit 8 Update 31
Adobe Reader XI
Google Chrome (40.0.2214.91)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 10%
````````````````````End of Log``````````````````````
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,448
ESET log file.

C:\AdwCleaner\Quarantine\C\Program Files\shopperz\compot.dll.vir a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\creed32.dll.vir a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\hleb.dll.vir a variant of Win32/Toolbar.Perion.K potentially unwanted application
C:\Documents and Settings\Cheryl\Local Settings\Temp\setup_490.exe a variant of Win32/Toolbar.BitCocktail.D potentially unwanted application
C:\Documents and Settings\Cheryl\Local Settings\Temp\wordproser-setup-1.10.0.4.exe a variant of Win32/AdWare.Vitruvian.D application
C:\Documents and Settings\Cheryl\Local Settings\Temp\nsm3F.tmp\Helper.dll a variant of MSIL/Adware.PullUpdate.A application
C:\Documents and Settings\Cheryl\My Documents\Downloads\mbam-setup.exe Win32/OutBrowse.BK potentially unwanted application
======
The only one that needs to be checked is this one.
AdWare.Vitruvian.D application
https://www.virustotal.com/en/file/...89fed60a3c27b1346fd6be5de5414491825/analysis/
======
Run AdwCleaner again.
Close any browsers that may be open - double click on the ADWCleaner icon on your desktop
Click on the Scan button.
Let it scan your Pc - when that is done click on the Report button.
The report will appear on your desktop - Copy and Paste it into your next post.
======
Download Junkware Removal Tool
http://www.bleepingcomputer.com/download/junkware-removal-tool/

Temporarily shutdown your anti-virus to avoid any conflicts.
http://www.bleepingcomputer.com/for...nti-virus-firewall-and-anti-malware-programs/
Be sure to enable the anti-virus program after the scan.

Right-mouse click JRT.exe and select Run as administrator (If using XP just double click on the icon to run it.)
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
======
Download MalwareBytes to your desktop.
Download the Free version.
MalwareBytes
Once downloaded to your desktop.
Close all open browser windows.

Click on the Install icon - allow it to update during the install process.
Start Malwarebytes Anti-Malware.
Before you run a scan.
Under Settings > Detection and Protection in the left pane.
Under Detection Options - make sure that all three entries are ticked.
Under Non-Malware detections - set to Treat detections as Malware.

Now click - Scan button.
Then select - Threat Scan.
Then - Scan Now.
If any infections are found during the scan, the number of them will be listed.
When the scan is finished, make sure to select and remove Everything in the list.
You may be prompted to restart to finish the removal process.
If Yes - restart your Pc.

Start Malwarebytes Anti-Malware again.
Click History > Application Logs.
Select the most recent scan log.
Click View.
Select Export >Text File.
Name it mbam > then save it on the desktop.
Copy-and-paste its contents in the reply box below.
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,448
It says AdwCleaner Quarantine in the ESET scan.
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\compot.dll.vir a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\creed32.dll.vir a variant of Win32/Toolbar.BitCocktail.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files\shopperz\hleb.dll.vir a variant of Win32/Toolbar.Perion.K potentially unwanted application
=======
Download AdwCleaner by Xplode to your desktop.
http://www.bleepingcomputer.com/download/adwcleaner/
Click on the Download Now @BleepingComputer button and save it to your desktop.

NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close any browsers that may be open - double click on the ADWCleaner icon on your desktop
Click on the Scan button.
Let it scan your Pc - when that is done click on the Report button.
The report will appear on your desktop - Copy and Paste it into your next post.
======
I'm am checking the following.
AdWare.Vitruvian.D application
 

cherdon

Thread Starter
Joined
Feb 9, 2009
Messages
288
# AdwCleaner v4.109 - Report created 24/01/2015 at 09:52:39
# Updated 24/01/2015 by Xplode
# Database : 2015-01-24.4 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Cheryl - CHERYL-A778CF1B
# Running from : C:\Documents and Settings\Cheryl\My Documents\Downloads\AdwCleaner (3).exe
# Option : Scan

***** [ Services ] *****

Service Found : cherimoya

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Cheryl\Application Data\Mozilla\Firefox\Profiles\yqnlpmdi.default\searchplugins\securesearch.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v16.0.1 (en-US)


-\\ Google Chrome v40.0.2214.91


*************************

AdwCleaner[R2].txt - [3951 octets] - [11/01/2015 06:59:15]
AdwCleaner[R3].txt - [1354 octets] - [12/01/2015 09:20:12]
AdwCleaner[R4].txt - [1073 octets] - [12/01/2015 12:40:50]
AdwCleaner[R5].txt - [1249 octets] - [24/01/2015 09:52:39]
AdwCleaner[S2].txt - [4106 octets] - [11/01/2015 07:03:03]
AdwCleaner[S3].txt - [1429 octets] - [12/01/2015 09:23:09]
AdwCleaner[S4].txt - [1135 octets] - [12/01/2015 12:43:27]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1489 octets] ##########
 

blues_harp28

Moderator
Joined
Jan 9, 2005
Messages
19,448
Please copy and paste all log files.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by Cheryl on Sat 01/24/2015 at 10:15:23.44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611571181}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611571181}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{85A60A59-D3D8-468F-B598-FB4393789EF4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/24/2015 at 10:21:56.38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
======
Run AdwCleaner again - Scan > Clean and then post the latest log file.
======
Then move on to MalwareBytes
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top