Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93081 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

VIRUS WHICH INFECTS ITUNES & STOPS DOWNLOADS [Solved]


  • This topic is locked This topic is locked
19 replies to this topic

#1 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 06 February 2014 - 05:41 PM

Hi

I have a problem with my laptop where I couldn't access my itunes.  I tried to reinstall and found I couldn't.  My system is generally very slow and although I regularly run Comodo, Anti-Malware and Advanced System Care scans something just seems to be wrong

Can anyone help?

thanks

Amanda


    Advertisements

Register to Remove


#2 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 09 February 2014 - 02:39 PM

:welcome:

Hello Amanda,

my name is Jo and I will help you with your computer problems.



Please follow these guidelines:
  • Logs can take a while to research, so please be patient.
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


1. Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


2. Download OTL to your desktop.
  • Double click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note: These logs can be located in the OTL folder on your C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Graduate of the WTT Classroom
Cheers,
Jo

#3 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 09 February 2014 - 05:08 PM

Hi Jo

thank you for picking up my problem.  I will do my best to follow all your instructions and if I am unsure of anything I will ask.

Have attached the 3 logs you asked for and look forward to your next instructions

many thanks

Amanda

Attached Files



#4 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 09 February 2014 - 05:20 PM

Hello Amanda,

Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Scan your system for malware
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Graduate of the WTT Classroom
Cheers,
Jo

#5 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 10 February 2014 - 06:41 AM

Hi Jo

have run both scans.  The Malware one showed no malware found.  I have attached the log for the ADW scan.

thanks 

Amanda

Attached Files



#6 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 10 February 2014 - 07:12 AM

Hello Amanda,

Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***

Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***

Run OTL again.
  • Double click on the OTL icon to run it.
  • Right click on the OTL icon and select[/color][/i] Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***

How the computer is running now?


***


Graduate of the WTT Classroom
Cheers,
Jo

#7 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 10 February 2014 - 09:14 AM

Hi Jo

have run all the scans you asked me to do and attached the logs.  System seems to be moving a bit quicker but I haven't tried to reinstall my itunes so don't know if that is resolved.  Won't try aything like that until you give the OK.

Many thanks

Amanda

Attached Files



#8 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 10 February 2014 - 10:12 AM

Hello Amanda,


Run OTL.exe
  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    :OTL
    O2 - BHO: (Adblock) - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll File not found
    @Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34
    
    :Services
    SecureUpdateSvc
    
    :Commands
    [purity]
    [emptytemp]
    


    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system.
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post Fix OTL log as well as a new OTL log by rerunning it after reboot without custom scans script.

***


Run OTL again.
  • Only Win XP: Double click on the OTL icon to run it.
  • Vista / Windows 7/8 users: Right click on the OTL icon and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


Now reinstall itunes




***


Graduate of the WTT Classroom
Cheers,
Jo

#9 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 10 February 2014 - 04:24 PM

Hi Jo
followed the instructions and have attached 2 of the logs.  It won't let me attach the third so will try that on a seperate reply.

 

I also managed to reinstall itunes, but am still getting the following error when I start up Microsoft Outlook (I use this for my emails)
 
MobileMe Services has stopped working

A problem caused the program to stop working correctly.  Windows will close the program and notify you if a solution is availble

 

If I close the program by pressing the button attached to the message my emails load as they should so not really sure what this means.

 

thanks

Amanda

Attached Files



#10 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 10 February 2014 - 04:26 PM

Hi again

for some reason it won't let me attach the notepad file so have attached a PDF.  Hopefully this is OK

thanks

Amanda

Attached Files


    Advertisements

Register to Remove


#11 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 11 February 2014 - 03:02 AM

Hello Amanda,

MobileMe Services Has Stopped Working


There went something wrong with the OTL script from my last post.
So let's try it in another way.

I've attached the OTL_script_Amanda.txt
Download and save it to your desktop.

Run OTL.exe
  • Open OTL_script_Amanda.txt with a text editor
  • Copy/paste the text written inside of the OTL_script_Amanda.txt into the Custom Scans/Fixes box located at the bottom of OTL


    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system.
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post Fix OTL log as well as a new OTL log by rerunning it after reboot without custom scans script.

***


Run OTL again.
  • Only Win XP: Double click on the OTL icon to run it.
  • Vista / Windows 7/8 users: Right click on the OTL icon and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***

Attached Files


Graduate of the WTT Classroom
Cheers,
Jo

#12 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 11 February 2014 - 01:05 PM

Hi Jo
have run the scans and attached the logs.  My system froze during the scan which ran following the fix and I had to close down after about 15mins of it being stuck.  Not sure if this will affect the log results

many thanks

Amanda

Attached Files



#13 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 11 February 2014 - 02:16 PM

Hello Amanda,

the logs are OK, and this time the script worked.
 

***


1. Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download the free version of Malwarebytes' Anti-Malware and save it to your desktop.
Double-click mbam-setup****.exe and follow the prompts to install the program.
Note to Vista | Windows 7/8 users, please right-click and select Run as Administrator.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware.
  • Then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please copy and paste the log back into your next reply.
Note 1: The log can also be found via the Logs tab when Malwarebytes' Anti-Malware is started.
Note 2: If you receive a notice that some of the items couldn't be removed and they have been added to the delete on reboot list, please reboot.


***


2. ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin
    scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

***



How the computer is running now?
Graduate of the WTT Classroom
Cheers,
Jo

#14 amfletch

amfletch

    Authentic Member

  • Authentic Member
  • PipPip
  • 33 posts

Posted 12 February 2014 - 05:39 AM

Hi Jo

run all the scans you asked and no problems were found on either.  Have attached the logs.

SInce my system froze yesterday and I had to close down in the middle of the OTL scan I have 2 files on my desktop called 'desktop.ini'.  They are not shortcuts (don't have the wee arrow in a square which normally means they are a shortcut).  I have hopefully attached a pdf of the logo.

The computer seems to be running better and I don't have the mobileme error anymore

thanks

Amanda

Attached Files



#15 Jo*

Jo*

    SuperMember

  • Malware Team
  • 1,208 posts

Posted 12 February 2014 - 06:59 AM

Hello Amanda,


To disable the viewing of hidden and protected system files in Windows Vista, 7 / 8 please follow these steps:

Close all programs so that you are at your desktop.
Click on the Start button. This is the small round button with the Windows flag in the lower left corner.

Click on the Control Panel menu option.
When the control panel opens you can either be in Classic View or Control Panel Home view:

If you click on "restore defaults" button in Folder Options > View tab, it will hide all those views for you.


Did the desktop.ini disappear now?
 

***


The ESET scan found some suspect downloads, which we delete.
You should always try to download software directly on a software vendor website (Microsoft, AVG, Intel ...), avoid such ones like Softonic.
 

***


I've attached the OTL_script_2_Amanda.txt
Download and save it to your desktop.

Run OTL.exe
  • Open OTL_script_2_Amanda.txt with a text editor
  • Copy/paste the text written inside of the OTL_script_Amanda.txt into the Custom Scans/Fixes box located at the bottom of OTL


    NOTICE: This script was written specifically for this user, for use on that particular machine.
    Running this on another machine may cause damage to your operating system.
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Then post Fix OTL log as well as a new OTL log by rerunning it after reboot without custom scans script.

***


Uninstall old versions:
Please go to Start > Control Panel > Programs and Features ( Vista | Windows 7/8 ).

Locate the following programs:
  • Adobe Reader 9, 10
Uninstall them all.

Install these programs:
  • Install latest Adobe Reader:
  • Go to http://get.adobe.com.../otherversions/
  • Use the drop down menu's to select your operating system
  • Select your language > Select The current version of Adobe Reader for your language
  • Remove the check mark from the box "Install Chrome as standard browser and Google Toolbar for Internet explorer"
  • Click the Download button, and follow the onscreen directions to complete the installation.

Attached Files


Graduate of the WTT Classroom
Cheers,
Jo

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users