37 replies to this topic

[BobSea]

Tomk, Thanks for your reply. I don't know why but I tried the Java update and it says my Jave is up to date. I have not run JavaRa as yet but I will. In regard to the SuperAntiSpyware installation I have removed it. I thought before I ran DDS. It is gone from the program folder and all shortcuts have been removed so I don't think it is 'active' anymore. As you are know the registry does wierd things when uninstalling a program and may have left things behind when I uninstalled SuperAntiSpyware. I don't remember if I checked it for x64 use, but Windows does usually not allow running of non compliant software or asks if you want to install in to run in x32 mode. Alert Popup is still running and I have not found any references to it in any programs. It seem to be hidden somewhere and the only way I know it is still there is when I look in the task manager and see it running. I'll run JavaRa and see what happens then and post the log for you. Thanks again, BobSea

[BobSea]

Tomk, Hmmmm, I posted a reply but don't see it here, wierd. the system says I posted 22 minutes ago but I see nothing. Anyway. I ran JavaRa and it says it removed two files (x86) java\jrel.6.0_03 and _06. It says it generated a JavaRa log file but I could not find it anywhere. After a bit of expermenting with the selections I was able to find where you could have JavaRa display the log file. It didn't display it at the end of the program running and it couldn't find it to dispaly when I had JavaRa try either. I have uninstalled SuperAntiSypware so there should be nothing there anymore. I don't remember if it was before I ran DDS or after. Alert Popup is still running every time I start my comuter. Still haven't found any references to where it resides or any other way to remove it as yet. Still hanging in there with your instructions! Thanks again for your help, BobSea

[BobSea]

Hmmm I see both messages when I replied last. Wierd!

[BobSea]

Ahhh got it ! there are more pages, dah! Sorry about that I'm new to this whole buisness. BobSea

[Tomk]

BobSea, Run a new DDS log and let's see if there is anything new.

[BobSea]

Tomk, OK, I ran a new dds scan and the file names are 20091109 dds and 20091109 Attach. I put them in a zip file again. Thanks again for your assistance. BobSea

Attached Files

•  20091109_Attach_DDS_logs.zip   9.24KB   108 downloads

[Tomk]

BobSea,

Please download the OTM by OldTimer.

• Save it to your desktop.
• Please double-click OTM.exe to run it.
  (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines inside the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :Processes
  
  :Reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "472734EA-242A-422B-ADF8-83D1E48CC825"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}]
  
  :Files
  c:\windows\system32\drivers\kgpcpy.cfg
  
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTM, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTM

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Post the results and then see if JavaRa will run.

[BobSea]

Tomk, OK, I kinda fumbled my way through it. When I first ran it it locked up and exited. I ran it again and that is the log file I am sending you. I"ll try to run JavaRa again and let you know how that went. Thanks again for your help! BobSea

Attached Files

•  11102009_172553.zip   28.7KB   202 downloads

[Tomk]

BobSea, It appears that it actually ran the first time you tried. Now keep your fingers cross when you run JavaRa.

[BobSea]

Tomk, OK, I am on my other computer so I will let you know what the results are when I run JavaRa. BobSea

[Tomk]

[BobSea]

Tomk, SUCESS! Log file being sent with this message. Thanks! BobSea

Attached Files

•  20091110_JavaRa.zip   1.11KB   214 downloads

[Tomk]

BobSea, Awesome. Post me a new DDS log and let me know how things are running now.

[BobSea]

Tomk, OK, I have ran DDS again and am sending the logs to you in a zip file. The Alert Popup is still running, I see it in the task manager Let me know what to do next. Thanks again for you help in doing this! BobSea

Attached Files

•  20091111_DDS_Attach.zip   8.71KB   104 downloads

[Tomk]

BobSea,

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

• Please go here then click on:
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
  All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:

• • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!