I'm not sure if its configuration or infection

[Fiery]

For 32bit systems, please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :filefind
  hs_err_pid280
   hs_err_pid4032
   hs_err_pid6808
   hs_err_pid7600
   hs_err_pid8088
   temp.res

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[canamalar]

Hi,
done that see attached

For 32bit systems, please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :filefind
  hs_err_pid280
   hs_err_pid4032
   hs_err_pid6808
   hs_err_pid7600
   hs_err_pid8088
   temp.res

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[canamalar]

Broke the OTL into 4 and posted these

http://pastebin.com/xwc8fmhE - Canamalar-1-OTL2
http://pastebin.com/bTNemMnA - Canamalar-2-OTL2
http://pastebin.com/ucXcJTNz - Canamalar-OTL2
http://pastebin.com/nSazF4Xr - Canamalar-OTL2

Hi,
done that see attached

For 32bit systems, please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1
Download Mirror #2

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  

  :filefind
  hs_err_pid280
   hs_err_pid4032
   hs_err_pid6808
   hs_err_pid7600
   hs_err_pid8088
   temp.res

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[Fiery]

Hi,

It seems the OTL fix didn't worked. You need to press Run fix

Open OTL. Under custom scan/fixes, copy and paste the following:

:OTL
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=109220&tt=201112_1849_4712_4&babsrc=SP_ss&mntrId=00be2c1d000000000000001b77bee5b2
[2011/04/04 02:17:07 | 000,011,730 | -HS- | C] () -- C:\Users\sony\AppData\Local\j638u7q3443b5j
[2011/04/04 02:17:07 | 000,011,730 | -HS- | C] () -- C:\ProgramData\j638u7q3443b5j
[2012/11/24 16:40:40 | 000,000,000 | ---D | M] -- C:\Users\sony\AppData\Roaming\Babylon

:Files
ipconfig /flushdns /c

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.

 

[canamalar]

what should the settings in OTL be, its all "use safe list" except "extra registry" which us set to "none"
file age - 30 days in the drop down

 

[canamalar]

During the reboot I got a "mo bootable partition in the table" message

Where will I find the OTL report, it never saved to the desktop

Hi,

It seems the OTL fix didn't worked. You need to press Run fix

Open OTL. Under custom scan/fixes, copy and paste the following:

:OTL
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=109220&tt=201112_1849_4712_4&babsrc=SP_ss&mntrId=00be2c1d000000000000001b77bee5b2
[2011/04/04 02:17:07 | 000,011,730 | -HS- | C] () -- C:\Users\sony\AppData\Local\j638u7q3443b5j
[2011/04/04 02:17:07 | 000,011,730 | -HS- | C] () -- C:\ProgramData\j638u7q3443b5j
[2012/11/24 16:40:40 | 000,000,000 | ---D | M] -- C:\Users\sony\AppData\Roaming\Babylon

:Files
ipconfig /flushdns /c

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.

 

[canamalar]

During the reboot I got a "mo bootable partition in the table" message

Where will I find the OTL report, it never saved to the desktop

Hi,

It seems the OTL fix didn't worked. You need to press Run fix

Open OTL. Under custom scan/fixes, copy and paste the following:

:OTL
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=109220&tt=201112_1849_4712_4&babsrc=SP_ss&mntrId=00be2c1d000000000000001b77bee5b2
[2011/04/04 02:17:07 | 000,011,730 | -HS- | C] () -- C:\Users\sony\AppData\Local\j638u7q3443b5j
[2011/04/04 02:17:07 | 000,011,730 | -HS- | C] () -- C:\ProgramData\j638u7q3443b5j
[2012/11/24 16:40:40 | 000,000,000 | ---D | M] -- C:\Users\sony\AppData\Roaming\Babylon

:Files
ipconfig /flushdns /c

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.

 

[canamalar]

rebooted and report opened but still not saved, have it opened

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
File C:\Users\sony\AppData\Local\j638u7q3443b5j not found.
File C:\ProgramData\j638u7q3443b5j not found.
Folder C:\Users\sony\AppData\Roaming\Babylon\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\sony\Desktop\Fix\cmd.bat deleted successfully.
C:\Users\sony\Desktop\Fix\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
-> No Temporary Internet Files cache folder defined!
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users
-> No Temporary Internet Files cache folder defined!

User: Default
->Temp folder emptied: 0 bytes
-> No Temporary Internet Files cache folder defined!
->Flash cache emptied: 0 bytes

User: Default User
-> No Temporary Internet Files cache folder defined!

User: Public
-> No Temporary Internet Files cache folder defined!

User: sony
->Temp folder emptied: 31832 bytes
-> No Temporary Internet Files cache folder defined!
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 535344 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 04232013_230117

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP000000011A6E2DC7575BDFDD not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

 

[canamalar]

windows also updated on reboot

 

[Fiery]

Ok. How is everything now

Run Eset NOD32 Online AntiVirus here

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
• Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
  • Scan unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Click Scan
• Wait for the scan to finish
• When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
• Save that text file on your desktop. Copy and paste the contents of that log in your next reply to this topic.
• The log can also be found in logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt

 

[canamalar]

no option to quit microsoft essentials

Ok. How is everything now

Run Eset NOD32 Online AntiVirus here

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
• Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
  • Scan unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Click Scan
• Wait for the scan to finish
• When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
• Save that text file on your desktop. Copy and paste the contents of that log in your next reply to this topic.
• The log can also be found in logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt

 

[Fiery]

That's fine, you can leave microsoft essentials on.

 

[canamalar]

Hi,
I ran the app, file attached, then wasnt sure if you wanted me to let it remove the file, so i've left it.

no option to quit microsoft essentials

Ok. How is everything now

Run Eset NOD32 Online AntiVirus here

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
• Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
  • Scan unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Click Scan
• Wait for the scan to finish
• When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
• Save that text file on your desktop. Copy and paste the contents of that log in your next reply to this topic.
• The log can also be found in logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt

 

[canamalar]

I also still have a file with roguekiller quarantined items, what should I do with them

 

[Fiery]

That is fine, the steps below will delete the quarantined item in Roguekiller.

If you are no longer experiencing any other issues, your PC appears to be clean!

Double click on OTL to run it

• Click on the Cleanup button at the top.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes
• This will remove itself and other tools we may have used.

Also, open adwCleaner and click Uninstall

---

Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For Vista
Create a restore point
Delete all but the most recent restore point

---

Keep your system updated
Please go to control panel and uninstall the following:

Java(TM) 6 Update 21
Adobe Reader 9.5.4


Delete older Java version from your computer by downloading JavaRa

• Run JavaRa.exe, then click Remove JRE.
• Let the tool run
• Once it finishes, close JavaRa

Currently, the following programs on your PC are outdated:

• Java - Update Java here
• Adobe reader - Update Adobe Reader here

Keeping your programs (especially Adobe and Java products) updated is essential. Outdated programs make your PC more vulnerable to future malware threats. To help you:

• Download and install Update Checker. It will notify you if any of your programs require an update.
• Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
• Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here

---

Other steps that you may want to do to further protect your system/files:

• Sandboxie - "Quarantines" your browser so anything that you do in it will be isolated from your system.
• Backup important files regulary to an external hard-drive or USB

Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

Should you want to try a product but don't know how it performs, here is a list of current reviews to help you decide.

---

Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.

• KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
• AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
• NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
• Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.

• AdBlock

---

Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

• CCleaner
• Malwarebytes Anti-Malware

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask

My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
​

 

[canamalar]

Hi
thanks for all your help, just a couple more questions.

my fingerprint reading security has been corrupted and no longer works, three error messages appeared on reboot

Fingerprint sofrware error
(rpnpipe:rpnpipe:no-sw(00000001provmgrserver))
(provider:srv-proc-not-rdy)
(upekswroviderpn-evnt-fld)

has the file found by ESET been removed (remember I never used the ESET tool to remove it)

I went into programs and features to remove the AdwCleaner and cant find the program, however I do have ESET online scanner v2.

is there any way I can remove windows internet explorer when I replace it.
when I do replace internet explorer will all my stored passwords also be removed and is there any way I can transfer them, as some ar so old I have forgotten them and rely on this.

That is fine, the steps below will delete the quarantined item in Roguekiller.

If you are no longer experiencing any other issues, your PC appears to be clean!

Double click on OTL to run it

• Click on the Cleanup button at the top.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes
• This will remove itself and other tools we may have used.

Also, open adwCleaner and click Uninstall

---

Now that your PC is clean, I recommend you to create a new System Restore point then purge the old ones after.

For Vista
Create a restore point
Delete all but the most recent restore point

---

Keep your system updated
Please go to control panel and uninstall the following:

Java(TM) 6 Update 21
Adobe Reader 9.5.4


Delete older Java version from your computer by downloading JavaRa

• Run JavaRa.exe, then click Remove JRE.
• Let the tool run
• Once it finishes, close JavaRa

Currently, the following programs on your PC are outdated:

• Java - Update Java here
• Adobe reader - Update Adobe Reader here

Keeping your programs (especially Adobe and Java products) updated is essential. Outdated programs make your PC more vulnerable to future malware threats. To help you:

• Download and install Update Checker. It will notify you if any of your programs require an update.
• Microsoft releases patches for Windows and Office products regularly to patch up Windows and Office product bugs and vulnerabilities.
• Please ensure you update your system regularly and have automatic updates on. You can learn how to turn Automatic Updates on here

---

Other steps that you may want to do to further protect your system/files:

• Sandboxie - "Quarantines" your browser so anything that you do in it will be isolated from your system.
• Backup important files regulary to an external hard-drive or USB

Here are only a few suggestions that will improve your system security. Should you wish to allow us to make full recommendations and set your PC up with maximum security, please start a thread here. Our community of PC enthusiasts and experts will give you feedback and help you secure your system from future malware infections.

Should you want to try a product but don't know how it performs, here is a list of current reviews to help you decide.

---

Internet Explorer may be the most popular browser but it's definitely not the most secure browser. Consider using other browsers with addition add-ons to safeguard your system while browsing the internet.

Firefox is a more secure, faster browser than Internet Explorer. Firefox contains less vulnerabilities, reducing the risk of drive-by downloads. In addition, you can add the following add-ons to increase security.

• KeyScramber - Encrypts your keystrokes to protect you against keyloggers that steals personal & banking information
• AdBlock - Disable/blocks advertisements on websites so you won't accidentally click on a malicious ad.
• NoScript - Disables Flash & Java contents to avoid exploits or drive-by attacks
• Web of Trust - Shows the website rating by other users and blocks dangerous and poor-rated sites

Google Chrome is another good browser that is faster and more secure than Internet Explorer by having a sandbox feature. Additionally, you can add the following add-on to Chrome to heighten security.

• AdBlock

---

Lastly, it is important to perform system maintenance on a regular basis. Here are a few tools and on-demand scanners that you should keep & use every 1-2 weeks to keep your system healthy.

• CCleaner
• Malwarebytes Anti-Malware

Other than that, stay safe out there! If you have any other questions or concerns, feel free to ask

My virus removal help is always free. Should you wish to show your appreciation via a donation, it will be much appreciated.
​

---

---

---

---

---

 

[canamalar]

after I loaded the new java updater a pdf to word converter I had previously installed (Doxillon) opened up.

 

[Fiery]

Hi,

my fingerprint reading security has been corrupted and no longer works, three error messages appeared on reboot

According to the Sony website,

"If you have fingerprint recognition, please go to the drivers folder and open the Fingerprint driver folder and run the Setup file."

If that doesn't work, the driver can be found here: http://www.sony.co.uk/support/en/product/VGN-TZ21WN_B/updates

has the file found by ESET been removed (remember I never used the ESET tool to remove it)

That file is fine

I went into programs and features to remove the AdwCleaner and cant find the program, however I do have ESET online scanner v2.

You can Uninstall ESET. To uninstall adwcleaner, you have to open the adwCleaner .exe file and it will have an option to Uninstall.

is there any way I can remove windows internet explorer when I replace it.
when I do replace internet explorer will all my stored passwords also be removed and is there any way I can transfer them, as some ar so old I have forgotten them and rely on this.

I don't think you can "remove" Internet explorer, just don't use it. If you download Firefox or Chrome, the passwords will remain saved in Internet Explorer

 

[canamalar]

Thanks for all your help it has been a real pleasure, I have thoroughly enjoyed the experience,come payday I will be donating.

I noticed sandboxie slows down the web browser a fair bit, is there anything faster ?

My next excursion into the world of computer control systems will be to stop processes which I will not use, as I understand this will further speed up the response time.
Can you recommend a site or wiz kid who could help me do this safely.

Hi,

my fingerprint reading security has been corrupted and no longer works, three error messages appeared on reboot

According to the Sony website,

"If you have fingerprint recognition, please go to the drivers folder and open the Fingerprint driver folder and run the Setup file."

If that doesn't work, the driver can be found here: http://www.sony.co.uk/support/en/product/VGN-TZ21WN_B/updates

has the file found by ESET been removed (remember I never used the ESET tool to remove it)

That file is fine

I went into programs and features to remove the AdwCleaner and cant find the program, however I do have ESET online scanner v2.

You can Uninstall ESET. To uninstall adwcleaner, you have to open the adwCleaner .exe file and it will have an option to Uninstall.

is there any way I can remove windows internet explorer when I replace it.
when I do replace internet explorer will all my stored passwords also be removed and is there any way I can transfer them, as some ar so old I have forgotten them and rely on this.

I don't think you can "remove" Internet explorer, just don't use it. If you download Firefox or Chrome, the passwords will remain saved in Internet Explorer

 

[canamalar]

Oh and the fingerprint app returned to normal after a second boot, again thanks