Need help, tried to get logs, Google redirect problem

Status
Not open for further replies.
R

ruthvik

Posts: 17   +0
Hello guys
I tried to follow the 8 step program but when i try to install MBAM and SAS
they dont install
i tried to follow the guide by rf6647
i tried to follow that guide but i could not find tdssserv.sys in the location specified
So far, i was only able to do CCleaner and i cant get trhoguh others steps because i cant dl this software

Thanks
 
Sorry, thats not what i meant.
I got the dl's, i just cant run the set up files on pc

SAS says it encountered a problem and wont even install
MB i got installed but wont open when i clicked the program
 
If you can do so, please scan with Malwarebytes only then (updated first) for the moment

You may want to submit the HijackThis log and MBAM log first, and then we may be able to solve the SuperantiSpyware part ;)
 
This is way too complicated. Nothing runs and i have a crap load of files i got from this site which wont do anything they are supposed to do
Mbam or SAS wont run even though i do what that link told me to do
MBAM installed but wont run
SAS wont even install
 
Microsoft's Windows XP Professional Repair Install step by step (* Including Delete Partition)
http://www.windowsxpprofessional.windowsreinstall.com/sp2sp3installxpcdoldhdd/indexfullpage.htm

Microsoft's Windows XP Home Repair Install step by step (* Including Delete Partition)
http://www.windowsxphome.windowsreinstall.com/sp2sp3installxpcdoldhdd/indexfullpage.htm

Vista Repair:
http://www.windowsreinstall.com/winvista/index.htm (index page)
http://vistahomepremium.windowsreinstall.com/repairstartup/repairstartup.htm (guide)

* Warning deleting the Partition will remove all User data and Windows system files (Backup first ;))

You could just submit the HJT log :)
 
No problems, let us know what did it

I still had a few more options, but it all depends on your patience ;)

Also if you can submit the HJT log (as stated on my last post) it may help
 
well, in the main post it says dont do HJT until i do other ones. What are the other options? ill go ahead and do HJT now

here is the lof gile for hijackthis
 
Sorry for such a large log ! (But obviously this is due to the other tools still needing to be run)

Anyway do this :)

Run HJT Scan Only
Place a check (tick) in the following entry boxes ONLY
Make sure all other programs are closed first, including Spyware Sweeper and Ad-Aware, but mainly your Internet Browser)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [MSKDetectorExe] "C:\Program Files\McAfee\SpamKiller\MSKDetct.exe" /uninstall
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Ad-Watch] "C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDVD 5 Professional\MediaDetector.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ruthvik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKLM\..\Policies\Explorer\Run: [Explorer] scvhost
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Ruthvik\Application Data\IMVUClient\IMVUClient.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Ruthvik\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/e/36.24/KBTUZDFvTZs/uploader2.cab
O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) - http://www.ooxtv.com/livetv.ocx
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.vjage.com/download/vjocx-en.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{79480A10-F45E-4B87-92EB-13D5E75ECF6D}: NameServer = 85.255.112.175,85.255.112.179
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.175,85.255.112.179
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.166,85.255.112.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.175,85.255.112.179
O20 - AppInit_DLLs: c:\program files\relevantknowledge\rlai.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Update Service (gupdate1c98c3d4373798e) (gupdate1c98c3d4373798e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O24 - Desktop Component 0: (no name) - http://upload.wikimedia.org/wikipedia/en/thumb/f/f9/Syugo_anime.jpg/230px-Syugo_anime.jpg
Click to expand...

Before restarting, go to Add\Remove Programs and remove:
Spyware Sweeper
AdAware

Restart

Then run the McAfee Removal Tool (which you have tried to uninstall already)

Restart

Install Avira free AntiVirus

Continue with the guide :grinthumb (ie scan for Viruses first ;))
 
Yes, please do that.

But obviously don't worry about Antivirus, because you have free Avira now :grinthumb (which I use too :approve: )
And possibly forget the firewall part (that's not really to do with removing Virus and Malware anyway)

But, yes please continue on.

Oh and attach the logs, read here on that ;) https://www.techspot.com/vb/post733954-4.html
 
-> No action taken on MBAM scan, for found issues
Download and Run Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected. <========= Not Done
Click to expand...

Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"
 
kimsland said:
-> No action taken on MBAM scan, for found issues


Please re-run Malwarebytes
Confirm updated (third tab)
Then do the above quoted message, but this time "Remove all found issues"
Click to expand...

Done but the probem remains, google still redirects me
 
  • Download Combofix to your desktop.
  • Rename ComboFix to ComboF
  • Double click ComboF & follow the prompts.
  • A window will open with a warning.
  • When the scan completes it will open a text window. Please attach that log back here, and confirm if SAS now installs or not
 
ok combofix helped, now i got the 8 steps done again
Here are the logs for the 3 from 8 steps

EDIT: it seems the malware is gone after the scans. Anything in the logs you found i need to remove kimsland?
Thanks for all the help
 
You can uninstall the Google and Yahoo updater stuff (it's all in Control Panel > Add\Remove programs)
These programs just help slow your system down and are generally irritating :D

Running Combofix Instructions

  • Startup Combofix again.
  • When the scan completes it will open a text window. Please attach that log back here together with a fresh HJT log.
 
Un-install Combofix
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK
  • CF_Cleanup.png
  • Any popup errors about Antivirus just ok or close
Note: 1 space after ComboFix in that uninstall command


Clear system restore points
Go to Start >> Run - type or copy/paste control sysdm.cpl,,4 and then press Enter
* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply
Turn it back 'On' by unticking the same checkbox & click Apply > OK


Update Java
Run JavaRa
This will remove all your old Java stuff (that is not required)
It will also help you check for new Java updates


Run IE Reset
Through MS "Fixit" from here: http://support.microsoft.com/kb/923737
Or manually from here https://www.techspot.com/vb/post682762-2.html


Un-install SuperAntiSpyware (user choice)
To uninstall SUPERAntiSpyware please visit the Control Panel and select the Add/Remove Programs option. Locate SUPERAntiSpyware in the list of software and click the Remove button.
If SuperAntiSpyware does not uninstall properly please run "SUPERAntiSpyware Uninstaller Assistant"
Read here for further info: http://www.superantispyware.com/supportfaqdisplay.html?faq=47


Cleanup
Download and run KCleaner https://www.techspot.com/downloads/4755-kcleaner.html
(uncheck RelevantKnowledge during install, pic here: http://i42.tinypic.com/aloy8z.gif)
Fully run (it says start actually ;))
Uninstall KCleaner once complete


Restart
All done :)
 
File Sharing Programs found in logs: Limewire

Info on using P2P Programs => https://www.techspot.com/vb/topic124748.html

Quote from 8-Step Removal Guide:
Julio said:
Uninstall File Sharing/P2P Programs

During the cleaning process all File Sharing Programs should be uninstalled
This is to avoid any possible reinfection of any malwares through file sharing

We reserve the right to withdraw our support:
  • If such programs are found in your logs
  • Should you not agree to their removal.
As they are normally set to bypass your Firewall and Anti-Virus software
Filesharing/P2P Programs serves as a constant threat to your computer
Click to expand...
 
Status
Not open for further replies.

Similar threads

Cal Jeffrey
Studio adds audio cues to Forza Motorsport that help blind players race like pros
Replies
1
Views
428
BorisMcKennedy
B
Julio Franco
The complete list of alternatives to all Google products
2 3 4
Replies
98
Views
34K
wizardB
wizardB
Julio Franco
  • Locked
Keeping it private: 5 VPNs that have been verified to keep no logs
Replies
23
Views
5K
Clappy5
C

Latest posts

Back