Author Topic: [Resolved]gamevance wont uninstall (please help)  (Read 26301 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #30 on: August 29, 2010, 02:54:35 PM »
Yes please just to make sure it is not elswhere on the system -

fiveavast

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #31 on: August 29, 2010, 03:15:55 PM »
Ok after the custom scan you told me to do this is what it said on the restart and I attached the quick scan like you said.

All processes killed
Error: Unable to interpret <[emptytemp]> in the current context!
Error: Unable to interpret <[EMPTYFLASH]> in the current context!
Error: Unable to interpret <[CREATERESTOREPOINT]> in the current context!
Error: Unable to interpret <[Reboot]> in the current context!
 
OTL by OldTimer - Version 3.2.11.0 log created on 08292010_055719
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 35.00 mb
 
 
OTL by OldTimer - Version 3.2.11.0 log created on 08292010_055705

Files\Folders moved on Reboot...
C:\Users\comp two\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #32 on: August 29, 2010, 03:44:03 PM »
If you could now do one more run with MBAM after updating and then let me know of any problems remaining

fiveavast

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #33 on: August 29, 2010, 04:30:44 PM »
If you could now do one more run with MBAM after updating and then let me know of any problems remaining

The MBAM came up clean but I'm still having trouble with the Firefox add-on that wont uninstall, Every time Firefox restarts it reloads itself as a newly installed add-on. Here is a screen shot and below that is the MBAM log.



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4500

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

8/29/2010 7:12:42 AM
mbam-log-2010-08-29 (07-12-42).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 227565
Time elapsed: 24 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #34 on: August 29, 2010, 04:59:34 PM »
Does it re-appear as soon as you start FF or after you have visited a web site ?

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Quote
    :OTL
    FF - prefs.js..extensions.enabledItems: textlinks@gamevance.com:1.0.0
    O2 - BHO: (Gamevance Text) - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files (x86)\Gamevance\gvtl.dll File not found
    [2010/08/25 19:28:08 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GamevanceText.Linker]       
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GamevanceText.Linker.1]       
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\GamevanceText.DLL]       
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0D4A3EEA-527E-4FD8-9B2F-089B616670B8}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{014C4232-6904-47B9-9144-7E0FB7277444}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]   
    Gamevance=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance]   


    :Files
    ipconfig /flushdns /c
    C:\Program Files (x86)\Gamevance
    C:\Program Files (x86)\Conduit

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

fiveavast

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #35 on: August 29, 2010, 05:36:57 PM »
Does it re-appear as soon as you start FF or after you have visited a web site ?

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Quote
    :OTL
    FF - prefs.js..extensions.enabledItems: textlinks@gamevance.com:1.0.0
    O2 - BHO: (Gamevance Text) - {BEAC7DC8-E106-4C6A-931E-5A42E7362883} - C:\Program Files (x86)\Gamevance\gvtl.dll File not found
    [2010/08/25 19:28:08 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

    :Reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GamevanceText.Linker]       
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GamevanceText.Linker.1]       
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\GamevanceText.DLL]       
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0D4A3EEA-527E-4FD8-9B2F-089B616670B8}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}]
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{014C4232-6904-47B9-9144-7E0FB7277444}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]   
    Gamevance=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance]   


    :Files
    ipconfig /flushdns /c
    C:\Program Files (x86)\Gamevance
    C:\Program Files (x86)\Conduit

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

After I uninstall the add-on when Firefox restarts it immediately re-appears as a "new" add-on. This is what it said after the custom scan. The gamevance add-on is still there and I attached the quick scan.

All processes killed
========== OTL ==========
Prefs.js: textlinks@gamevance.com:1.0.0 removed from extensions.enabledItems
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}\ not found.
C:\ProgramData\ezsidmv.dat moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GamevanceText.Linker\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GamevanceText.Linker.1\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\GamevanceText.DLL\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0D4A3EEA-527E-4FD8-9B2F-089B616670B8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D4A3EEA-527E-4FD8-9B2F-089B616670B8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ED403E8-470A-4a8a-85A4-D7688CFE39A3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEAC7DC8-E106-4C6A-931E-5A42E7362883}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{014C4232-6904-47B9-9144-7E0FB7277444}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{014C4232-6904-47B9-9144-7E0FB7277444}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Gamevance not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Gamevance\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\comp two\Desktop\OTL\cmd.bat deleted successfully.
C:\Users\comp two\Desktop\OTL\cmd.txt deleted successfully.
File\Folder C:\Program Files (x86)\Gamevance not found.
C:\Program Files (x86)\Conduit\Community Alerts folder moved successfully.
C:\Program Files (x86)\Conduit folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: comp two
->Temp folder emptied: 399 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 15903113 bytes
->Flash cache emptied: 1610 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 51912 bytes
 
Total Files Cleaned = 15.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: comp two
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0.00 mb
 
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.11.0 log created on 08292010_080725

Files\Folders moved on Reboot...
C:\Users\comp two\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

 

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #36 on: August 29, 2010, 06:08:27 PM »
I really hate Firefox, there are so many nooks and crannies where stuff can hide.  I find it harder to clean than IE. Plus it is now a easier target since IE8 came along.  OK I see that you have little in FF so I would like to do a full uninstall.  This will mean wiping it totally from your system, full details here  http://kb.mozillazine.org/Uninstalling_Firefox or another way is to use Revo uninstaller http://www.revouninstaller.com/revo_uninstaller_free_download.html and let it delete everything it finds

 

fiveavast

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #37 on: August 29, 2010, 06:45:08 PM »
I really hate Firefox, there are so many nooks and crannies where stuff can hide.  I find it harder to clean than IE. Plus it is now a easier target since IE8 came along.  OK I see that you have little in FF so I would like to do a full uninstall.  This will mean wiping it totally from your system, full details here  http://kb.mozillazine.org/Uninstalling_Firefox or another way is to use Revo uninstaller http://www.revouninstaller.com/revo_uninstaller_free_download.html and let it delete everything it finds

 

Ok so I used revo to uninstall FF and when it reinstalled it didn't fix the problem. So I did it again and I realized revo wasnt removing the mozila folders which are hidden in appdata. So I removed everything that revo wanted to and then manually deleted the mozilla files and that seems to have fixed it. It's uninstalled and no longer reloading itself on restart.

Edit: If everything is fine would it now be ok to uninstall MBAM?
« Last Edit: August 29, 2010, 06:53:55 PM by fiveavast »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #38 on: August 29, 2010, 07:29:08 PM »
For sure although MBAM is a handy on demand tool to keep
Quote
removing the mozila folders which are hidden in appdata.
OK another area to add for my custom scans  ;D

Run OTL and hit the cleanup button and OTL will then disappear

ccookie

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #39 on: August 30, 2010, 01:53:04 PM »
I had gamevance virus, and I read somewhere that Spybot S&D is the only thing that would work, and thats what I used to remove it.

fiveavast

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #40 on: September 03, 2010, 02:12:32 PM »
For sure although MBAM is a handy on demand tool to keep
Quote
removing the mozila folders which are hidden in appdata.
OK another area to add for my custom scans  ;D

Run OTL and hit the cleanup button and OTL will then disappear
Do you have any questions?  I will be signing off shortly but will check in later.  I will let Essexboy run the show but be in the background.

I haven't been able to get on for a few days but I finally got some time. Thank you SafeSurf and essexboy for all your help I really appreciate what you guys did.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #41 on: September 03, 2010, 09:29:04 PM »
Our pleasure

SafeSurf

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #42 on: September 04, 2010, 07:57:38 AM »
@ fiveavast,

You are quite welcome.  Is everything working right now for you now?

@ Essexboy,

Do you need to do your removal tool thing with the OP or is he all set from your point of view other than seeing how his system runs for the next few days? 

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: gamevance wont uninstall (please help)
« Reply #43 on: September 04, 2010, 01:04:58 PM »
Yep cleany time  ;D

Looking at that I am a happy bunny  :)

I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems

 Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures:
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Quote
    :Commands
    [resethosts]
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button.  It will remove all the programmes we have used plus itself.  MBAM can be uninstalled via control panel add/remove along with ERUNT.  But they may be useful tools to keep

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

   Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systems

Upgrading Java:
  • Download the latest version of Java SE Runtime Environment (JRE)JRE 6 Update 21.
  • Click the "Download" button to the right.
  • Select your Platform and check the box that says: "I agree to the Java SE Runtime Environment 6 License Agreement.".
  • Click on Continue.
  • Click on the link to download Windows Offline Installation (jre-6u21-windows-i586-p.exe) and save it to your desktop. Do NOT use the Sun Download Manager..
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on the download to install the newest version.(Vista users, right click on the jre-6u21-windows-i586-p.exe and select "Run as an Administrator.")
SPRING CLEAN
 
Download and run Puran Disc Defragmenter

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit To learn more about how to protect yourself while on the internet read our little guide  How did I get infected in the first place ?
Keep safe  :wave:

fiveavast

  • Guest
Re: gamevance wont uninstall (please help)
« Reply #44 on: September 07, 2010, 06:57:49 AM »
@SafeSurf,

Yes everything is now working fine thank you very much.

@ Essexboy,

Thank you very much also for all your help.

@both,

The computer is working fine now, absolutely no problems. I would really like to express my gratitude to both of you. There is no way I would have been able to do this by myself. I would have broken down and formatted lol. Thank you very very much.