Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Aantivirus and malware apps will not connect to the internet for updates, also sending out random emails, also internet does not come up right away.


  • This topic is locked This topic is locked
51 replies to this topic

#31 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 05:55 AM

Hi,

Okay

I clicked the link to adobe.com and clicked the download link. IE either froze or I got this message:

Internet Explorer has closed this webpage to help protect your computer
A malfunctioning or malicious add-on has caused Internet Explorer to close this webpage.


I clicked the Java icon and got the following error. Registry key not found: LOCAL_KEY_MACHINE\SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_20. I think that I might have deleted that registry key while running JavaRa.

I could not clear the Java Cache because of the above error.

I ran TFC.

MBAM log

alwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5375

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/22/2010 2:51:08 AM
mbam-log-2010-12-22 (02-51-08).txt

Scan type: Quick scan
Objects scanned: 152004
Time elapsed: 4 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


HijackThis would not install. The installer encountered an unexpected error The error code is 2755.

The PC seems to be a little unstable now. I may have hosed the registry.

Thanks
Jerry

BC AdBot (Login to Remove)

 


#32 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 06:04 AM

Hi,

I am so frustrated that I am considering re-installing Wondows XP or just installing Windows 7. Just thinking.

Thanks
Jerry

#33 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:41 PM

Posted 22 December 2010 - 06:13 AM

Hello

install java this way

Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

and run this while I think about the rest

Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the activex control to install
    • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
Copy and paste that log as a reply to this topic


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#34 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 06:45 AM

Hi,

I received an erro while running Java Setup. Internal error 2755, 1601.

Thanks
Jerry

#35 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 06:53 AM

Hi,

I cannot get ESET to run. I click it and the screen asks me to Accept the terms which I do. It opens another and sits there, then gtoes back to the previous screen.

Thanks
Jerry

#36 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 06:56 AM

Hi,

I am getting tired as it is 3:55 am here. I look forward to you response later today.

Good night
Jerry

#37 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:41 PM

Posted 22 December 2010 - 12:07 PM

Hello

Reset IE::

Lets Reset IE to see if it help help things out

  • Start Internet Explorer.
  • On the Tools menu, click Internet Options.
  • On the Advanced tab, click Reset
  • put a check mark next to Delete Personal Settings
  • click Reset to confirm
  • when complete click the close button
  • restart IE
    you can go here to see a step by step on how to do this - RESET IE

try to run ESET again and if it still does not work then try this one

F-Secure Online Scan

You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • Please go HERE to run an online scan from F-Secure
  • Click on Start scanning
  • This will open a new window

    In Interner Explorer
  • It will require an activex control, please install it
  • Click Accept

  • In Firefox
  • It will require an Add-on to be installed, please install it
  • Order to install the Add-on Firefox needs to be restarted, please do so
[*]Click Full System Scan
[*]It will now download the scanner this may take a while please be patient
[*]It will then start scanning wait for the scan to finish
[*]Click Automatic cleaning (recommended)
[*]Wait for it finish the cleaning process
[*]Click show report
[*]This will open up a window with the results of the scan copy and paste those results as a reply to this topic[/list]


uninstall java from Add/remove or using Revo uninstaller then try to download again

Gringo

Edited by gringo_pr, 22 December 2010 - 12:12 PM.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#38 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 02:25 PM

Hi,

Both of these are taking me to the same place. Every time that I try to run the Java Setup I get the same message. I received an error while running Java Setup. Internal error 2755, 1601. G:\Documents and settings\Jerry Hall\Application Data\Sun\Java\jre1.6.0_23\jre1.6.0_23-c.msi.

I still think that I hosed the registry.

Thanks
Jerry

#39 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 05:08 PM

Hi,

I kept trying and I finally got ESET to run. Here is the log.

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=346e1c476a4feb4789a6de746e5f203c
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2010-12-22 09:02:39
# local_time=2010-12-22 01:02:39 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=155900
# found=1
# cleaned=0
# scan_time=5489
C:\Documents and Settings\Jerry Hall\Application Data\mjusbsp\ar00000\mjsetup.exe a variant of Win32/Kryptik.AAQ trojan (unable to clean) 00000000000000000000000000000000 I


Thanks
Jerry

#40 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:41 PM

Posted 22 December 2010 - 05:13 PM

Hello

so the only problem we have right now is adobe and java correct



delete files

  • Copy all text in the quote box (below)...to Notepad.

    @echo off
    del /f /s /q "C:\Documents and Settings\Jerry Hall\Application Data\mjusbsp\ar00000\mjsetup.exe"
    del %0

  • Save the Notepad file on your desktop...as delfile.bat... save type as "All Files"
    It should look like this: Posted Image<--XPPosted Image<--vista
  • Double click on delfile.bat to execute it.
    A black CMD window will flash, then disappear...this is normal.
  • The files and folders, if found...will have been deleted and the "delfile.bat" file will also be deleted.

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#41 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 22 December 2010 - 06:18 PM

Hi,

I ran the delfile.bat file.

Well my windows installer is acting up. Also ESET found the Win32/Kryptik.AAQ trojan but did not delete it.

Thanks
Jerry

Edited by jerry52, 22 December 2010 - 06:23 PM.


#42 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:41 PM

Posted 22 December 2010 - 09:37 PM

Hello

go here and download the one for xp and see if it fixes the windows installer - http://www.microsoft.com/downloads/en/details.aspx?FamilyID=5a58b56f-60b6-4412-95b9-54d056d6f9f4&displaylang=en

as for the finding in ESET that is what the .bat file was for
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#43 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:41 PM

Posted 26 December 2010 - 03:57 PM

Hello

three day bump

It has been Three days since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#44 jerry52

jerry52
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 27 December 2010 - 03:20 PM

Hi,

My PC is running faster and I can now update my programs via the internet. I am still having a couple of minor issues. The task bar will sometimes change colors from blue to while. Trillian will not run, I think that I need to remove the program and reload it.

My wife has been using my computer and she has been getting failed delivery messages for email that she has not been sending.

I also just ran a scan and I saw a couple Trojan.Vundo entrie and quite a few Adware.MyWebSearch entries.

I was going to go out and buy the newest Norton anti-virus. Is that good or do you that there is a better anti virus appllication.

Thank you for all of your help.

Jerry

#45 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:41 PM

Posted 28 December 2010 - 06:27 AM

rerun these scans for me and which email is sending out emails - yahoo, msn or which other



Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply




Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".

information and logs:

In your next post I need the following

1.logs from DDS
2.RKUnHooker
3.let me know of any problems you may have had
[/list]
Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users