Author Topic: Gmanbo fix  (Read 27917 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Gmanbo fix
« on: February 24, 2010, 09:15:02 PM »
Here is your fix - what problems are you experiencing now ?

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

Code: [Select]
:OTL
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

:Commands
[purity]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Gmanbo

  • Guest
Re: Gmanbo fix
« Reply #1 on: February 24, 2010, 09:36:41 PM »
I'm sorry, but did you want me to do the quick scan with the commands posted in the other thread? Or just a regular quick scan? Also, thanks a ton for being so willing to help. Actually, seeing as you said just click quick scan, and it wouldn't hurt to do so, I'm going to try that.


EDIT: Here is the result of the scan after restarting, now attached.
« Last Edit: February 24, 2010, 09:55:19 PM by Gmanbo »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Gmanbo fix
« Reply #2 on: February 24, 2010, 09:55:05 PM »
Add the fix to the box then click run fix - once that has completed then just run a quick scan - plus let me know what problems you are having

Gmanbo

  • Guest
Re: Gmanbo fix
« Reply #3 on: February 24, 2010, 09:56:30 PM »
Well, as far as "problems" are concerned, my windows firewall is turning off by itself, and at times when following links, I end up on "about:blank", which is supposedly a symptom of a virus/ hijacker. On the subject of firewalls, do you reccomend keeping windows firewall (on windows xp) or changing to something else?
« Last Edit: February 24, 2010, 09:58:14 PM by Gmanbo »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Gmanbo fix
« Reply #4 on: February 24, 2010, 10:01:14 PM »
A third party firewall is recommended for XP although it is a while since I have used one myself

Gmanbo

  • Guest
Re: Gmanbo fix
« Reply #5 on: February 24, 2010, 10:11:35 PM »
The OTL is attached here. I'll try and find a nice third party firewall after this is taken care of. When this is all said and done, do you know any good third party ones I should use? and will windows firewall be disabled automatically? Or will I have to keep turning it off to keep the system stable? Feel free to ignore the firewall questions if that's too much to worry about on top of the current problem.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Gmanbo fix
« Reply #6 on: February 24, 2010, 10:16:29 PM »
I have been told that comodo is quite good but just the firewall not the antivirus element http://personalfirewall.comodo.com/free-download.html  most firewalls automatically turn of the XP one

I can see no apparent malware in your log now - does the blank page occur often ?

Gmanbo

  • Guest
Re: Gmanbo fix
« Reply #7 on: February 24, 2010, 10:21:46 PM »
It occurs about 1 out of every 15 links followed (No specific links from specific sites, it's happened on more than 1 site.) but I don't recall it ever being my homepage or being directed to it when typing in a specific web address. Any possible reason I found an extras file earlier, but not this time?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37527
  • Not a avast user
Re: Gmanbo fix
« Reply #8 on: February 24, 2010, 10:25:29 PM »
Quote
I'll try and find a nice third party firewall after this is taken care of.
My favorit ...... Outpost Firewall Free http://free.agnitum.com/

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Gmanbo fix
« Reply #9 on: February 24, 2010, 10:31:11 PM »
It will only generate an extra text on the first run - or when I tell it to  ;D

When you get the blank page have you tried refresh to see if it brings it back ?

Gmanbo

  • Guest
Re: Gmanbo fix
« Reply #10 on: February 24, 2010, 10:37:02 PM »
I don't believe I ever tried that, but I'll go around and click some links leading to things I know are safe until I run into it again, then I'll try to refresh.

On the other hand, any idea what may be turning off the firewall?

EDIT: I also often get the error of "Problem loading page" VERY often. Way more often than I should.
« Last Edit: February 24, 2010, 10:39:29 PM by Gmanbo »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Gmanbo fix
« Reply #11 on: February 24, 2010, 10:39:03 PM »
There was no indication of that in your logs

Could you update and re-run MBAM and then post the log

Gohoos81

  • Guest
Re: Gmanbo fix
« Reply #12 on: February 24, 2010, 10:50:40 PM »
Well, as far as "problems" are concerned, my windows firewall is turning off by itself, and at times when following links, I end up on "about:blank", which is supposedly a symptom of a virus/ hijacker. On the subject of firewalls, do you reccomend keeping windows firewall (on windows xp) or changing to something else?
It sounds like you still have traces of malware on your system.

As you were compromised by malware and windows FW is not appropriately enabled, please restore default security settings using Microsoft Fixit: http://support.microsoft.com/kb/313222

Please click on "Fix it" and follow the prompts.

Outpost (Agnitum's product) is a wonderful, free firewall.  Comodo is also an excellent firewall, but is very high maintenance/yappy.  Another excellent choice many people prefer is OnlineArmor Free: http://www.tallemu.com/ (if you choose OA, please do not "trust all" when you first run the installation wizard, instead choose to run safety wizard and follow its recommendations).  Some people like PCTools firewall: http://www.pctools.com/firewall/

Gmanbo

  • Guest
Re: Gmanbo fix
« Reply #13 on: February 24, 2010, 10:55:00 PM »
I updated and here is the new log.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Gmanbo fix
« Reply #14 on: February 24, 2010, 11:28:34 PM »
Is that with IE or Firefox ?  If IE then update to IE8 http://www.microsoft.com/windows/internet-explorer/worldwide-sites.aspx

If FF what version are you using ?