Page 3 of 6 FirstFirst 123456 LastLast
Results 21 to 30 of 57

Thread: Tuns of infected files trojans, adware, spyware, etc. No way to repair or remove them. HELP PLEASE

  1. #21
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Malware(17 files left in the quarantine)

    Maybe winamp?
    Apple should be something like quicktime.

    Oldsod
    Best regards.
    oldsod

  2. #22
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Malware(17 files left in the quarantine)

    Also be meaning to say this before...
    open the Internet Options in the Control panel.
    open the Advanced tab.
    select the "manage add-ons" buttons.
    have a look at the items listed in the drop down menu labeled "Show"

    anything looking suspicious?

    Then open the WINDOWS folder of the c drive, then open the "Downloaded programs files" folder and for each item listed, look at these for any suspicious files. Unknown files can be more easily understood by clicking that particular file in the list, opening the properties and looking at the details in the Version and General tabs.

    It is good sometimes to take a visual and manual look at things going on with windows/IE.

    Any mention or even a suggestion of this player or the web search item?

    Oldsod.
    Best regards.
    oldsod

  3. #23
    mommydanise Guest

    Default Re: Malware(17 files left in the quarantine)

    These are all of the progs listed on my add and remove (Thank you again you have no idea how appreciative I am for your help)


    *******************************************
    Adobe Flash Player ActiveX
    Adobe Reader 8.1.2
    AirPcap Software 3.2.3
    Apple Software Update
    ATI- Software Uninstall Utility
    ATI Control Panel
    ATI Display Driver
    ATT-AACE
    Compatibility Pack for the 2007 Office System
    High Definition Audio Driver Package - KB888111
    HijackThis 1.99.1
    Java(TM) 6 update 7
    Kodak EasyShare software
    Lexmark 2300 Series
    Malwarebytes' Anti-Malware
    Microsoft. NET Framework 2.0
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Office Professional Edition 2003
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Works
    Mozilla Firefox (3.0.5)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.9 SP2 (KB954430)
    PC Tune-Up
    Realtek High Definition Audio Driver
    SuperAntiSpyware Professional
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    ZoneAlarm ForceField
    ZoneAlarm Security Suite


    I don't know any that to me would be even close to the mp3 but I don't know much about that sutff...

  4. #24
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Malware(17 files left in the quarantine)

    Open this Program Files\PlayMP3z folder. See if there is 1). any description in the files or logs or applications and 2). if there is an uninstaller present in that folder (or sub folder). something like unwise or uninstall*.exe maybe found - this could be this is safe and not malware. Got to look this up myself to see what it is and if it is okay or malware.
    But the unwise or the unistal*.exe will be the right uninstaller for this. And looking at the files will help determine if this is in fact a rogue application.


    Oldsod.
    Best regards.
    oldsod

  5. #25
    mommydanise Guest

    Default Re: Malware(17 files left in the quarantine)

    Control Panel/ Programs/ Manage Add-Ons / Add-ons that have been used by the internet explorer


    (Let me know if this isn't where I was supposed to be)
    Here's what's listed

    Diagnose Connection Problems Type:Browser Extension (No Pub or file listed)
    ForceField Toolbar Type:Toolbar
    ForceField Toolbar Registrar Type:Browser Helper Object
    Java Plug in 1.6.0_07 Type:ActiveX Control (this one is on there 3 times)
    MUWebControl Class Type:ActiveX Control
    Research Type:Browser Extension (No Pub or file listed)
    Shockwave Flash Object Type:ActiveX Control
    SSVHelper Class Type:Browser Helper Object
    Sun Java Console Type:Browser Extension
    Windows Messenger Type:Browser Extension (No Pub or File Listed)

    I'm on my way to look at the downloaded progs in the windows folder to see if there are any others...

  6. #26
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Malware(17 files left in the quarantine)

    Never mind - found out this is bad.
    It is ad-aware.
    it needs to go.

    Manual removal instruction are coming up:

    Start in the safe mode.
    Open the Run and type in regedit and Ok.

    Look for these:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es "mtrepair1"
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es "mtrepair2"

    and delete these in the left side panel (will not be found in the right side panel, I think).

    and delete these in the left side panel (definitely not in the left panel or pane!!):


    "HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects" with the value "Mirar"
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects" with the value "NavigationEnhancer"
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n" with the value "MBarInstall"

    Then reboot and immediately go back to the safe mode or safe boot (not the normal mode!)

    and delete that Program Files\PlayMP3z folder in the program files and delete these manually:

    %windows%\system32\mtrepair2.exe
    %windows%\system32\mtrepair1.exe
    %windows%\system32\winnb54.dll
    %program files%\navigationenhancer\navigationenhancer-1.dll

    Oldsod.
    Best regards.
    oldsod

  7. #27
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Malware(17 files left in the quarantine)

    Okay but check the other two available lists in that drop down menu for the manage addons.
    Sometimes something slips by.

    Gosh you type fast!!

    Oldsod.
    Best regards.
    oldsod

  8. #28
    mommydanise Guest

    Default Downloaded Program Files

    {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - Damaged (Says there are 14 files that depend on this package that is presently damaged)


    The others are the Java Runtime
    MUWebControl Class
    Shockwave Flash Object


    The first one looks like it isn't doing what it needs to be doing..

    BTW I'm still in safe mode and I haven't set the system to disable restore since I haven't found that file yet is that right or should I do something to change my current status?

  9. #29
    mommydanise Guest

    Default PlayMP3z file ... checking to see if there is one on the computer

    I'll run a search for PlayMP3z all or some of the name and see if there's anything on here that is even close to this. I haven't seen anything yet...

  10. #30
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: Malware(17 files left in the quarantine)

    Also.... since we are dealing with adware and sudry things, lets look at the bho installed on your windows.

    Yup another download.

    http://www.majorgeeks.com/BhoScanner_d4529.html

    Download and post the findings of this tool for all yellow and red marked items (it could be a big readout - use the copy and paste or save to clipboard if it has this - never used this tool but understand what it does).

    Oldsod.
    Best regards.
    oldsod

Page 3 of 6 FirstFirst 123456 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •