after using kaspersky computer won't boot

[JAJsangel]

Ok so since I cleared cookies, Google seems to be doing better and it hasn't had that search lately
but sometimes it comes up with an extra window (most of the time it's blank) I think this often happens when I open a new tab but once in a while it can happen when I click on a link
I am using Firefox.


C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll   a variant of Win32/Adware.Yontoo.B application
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll   a variant of Win32/Adware.Yontoo.B application
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\arcadewebfirefox.dll   a variant of Win32/Adware.Gamevance.CM application
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7edmm5iv.default\extensions\[email protected]   JS/Redirector.NCA trojan
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadggcdddjdjdidjdbdadaggdedagfdf\background.html   Win32/BHO.OEI trojan
C:\Documents and Settings\Owner\Local Settings\temp\dealcabby.exe   Win32/Adware.DealCabby.A application
C:\Documents and Settings\Owner\Local Settings\temp\is135653842\MyBabylonTB.exe   Win32/Toolbar.Babylon application
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\058G4Y2S\dealcabby[1].exe   Win32/Adware.DealCabby.A application
C:\Documents and Settings\Owner\My Documents\Downloads\Angry Smileys Setup%FF_4fd745f23e391043701246_.exe   Win32/Adware.MarketScore.A application
C:\Documents and Settings\Owner\My Documents\Downloads\donkey-kong.exe   a variant of Win32/InstallCore.AL application
C:\My Backup -- 12-02-04 0922PM\Documents and Settings\Owner\My Documents\CyberLink\Downloads\SoftonicDownloader62174.exe   a variant of Win32/SoftonicDownloader.A application
C:\My Backup -- 12-02-04 0922PM\Documents and Settings\Owner\My Documents\Downloads\FinalMediaPlayer2011Setup.exe   a variant of Win32/InstallIQ application
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0043492.dll   probably a variant of Win32/Adware.180Solutions application
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0043493.exe   probably a variant of Win32/Adware.HotBar.E application
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP223\A0044225.exe   Win32/Adware.MarketScore.A application
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP270\A0048237.dll   a variant of Win32/Adware.Gamevance.CL application
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP270\A0048370.exe   a variant of Win32/Adware.Gamevance.CO application
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP283\A0063894.dll   a variant of Win32/Adware.Gamevance.CM application

[SuperDave]

You could try uninstalling and re-installing FireFox.
Please run ESET again. It didn't seem to cure the infections.

[JAJsangel]

C:\Documents and Settings\All Users\Application Data\Tarma Installer\{2E1037EA-038A-425F-86B9-6CD19B8497E9}\_Setupx.dll   a variant of Win32/Adware.Yontoo.B application   cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll   a variant of Win32/Adware.Yontoo.B application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\arcadewebfirefox.dll   a variant of Win32/Adware.Gamevance.CM application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\7edmm5iv.default\extensions\[email protected]   JS/Redirector.NCA trojan   deleted - quarantined
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\59\180c027b-5cd59b3f   multiple threats   deleted - quarantined
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadggcdddjdjdidjdbdadaggdedagfdf\background.html   Win32/BHO.OEI trojan   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WSL101BN\dealcabby[1].exe   Win32/Adware.DealCabby.A application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\7zipSetup.exe   a variant of Win32/Adware.HotBar.P application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\Angry Smileys Setup%FF_4fd745f23e391043701246_.exe   Win32/Adware.MarketScore.A application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\donkey-kong.exe   a variant of Win32/InstallCore.AL application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\PDFcreator.exe   a variant of Win32/Adware.HotBar.P application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\PlayBryte_FA_Setup.exe   a variant of Win32/Adware.iBryte.C application   cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\Downloads\SlammingsSetup_FF.exe   Win32/Adware.MarketScore.A application   cleaned by deleting - quarantined
C:\My Backup -- 12-02-04 0922PM\Documents and Settings\Owner\My Documents\CyberLink\Downloads\SoftonicDownloader62174.exe   a variant of Win32/SoftonicDownloader.A application   cleaned by deleting - quarantined
C:\My Backup -- 12-02-04 0922PM\Documents and Settings\Owner\My Documents\Downloads\FinalMediaPlayer2011Setup.exe   a variant of Win32/InstallIQ application   cleaned by deleting - quarantined
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe   Win32/Toolbar.Widgi application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP208\A0043493.exe   probably a variant of Win32/Adware.HotBar.E application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP223\A0044225.exe   Win32/Adware.MarketScore.A application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP270\A0048237.dll   a variant of Win32/Adware.Gamevance.CL application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP283\A0063894.dll   a variant of Win32/Adware.Gamevance.CM application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP291\A0065084.exe   Win32/Toolbar.Widgi application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067315.dll   Win32/Toolbar.Funmoods application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067316.dll   Win32/Toolbar.Funmoods application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067317.dll   Win32/Toolbar.Funmoods application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067318.dll   Win32/Toolbar.Funmoods application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067319.dll   Win32/Toolbar.Funmoods application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067321.exe   Win32/Toolbar.Funmoods application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067323.exe   Win32/Adware.DealCabby.A application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067348.exe   Win32/Toolbar.Babylon application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067385.dll   a variant of Win32/Adware.Yontoo.B application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067386.dll   a variant of Win32/Adware.Yontoo.B application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067387.dll   a variant of Win32/Adware.Gamevance.CM application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067390.exe   a variant of Win32/SoftonicDownloader.A application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067391.exe   a variant of Win32/InstallIQ application   cleaned by deleting - quarantined
C:\System Volume Information\_restore{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP298\A0067392.exe   Win32/Toolbar.Widgi application   cleaned by deleting - quarantined

[SuperDave]

That looks better. How's your computer running now?

[JAJsangel]

I still can't mess with the task manager too much and I still get pop ups when I click on certain links but that's about my only problems so far

[SuperDave]

Please do even if you don't have your OS CD.

Do you have an XP CD?

If so, place it in your CD ROM drive and follow the instructions below:
•Click on Start > Run and type sfc /scannow then press Enter (note the space between scf and /scannow)
*Let this run undisturbed until the window with the blue  progress bar goes away
SFC - Which stands for System File Checker, retrieves the correct version of the file from %Systemroot%\System32\Dllcache or the Windows installation source files, and then replaces the incorrect file.
******************************************************
Tighten Internet Explorer's security setting

    * Since Internet Explorer is the leading browser it will always be the lead in attacks from the bad guys.
          o Make your Internet Explorer more secure
               1. From within Internet Explorer click the Tools menu and then on Internet Options.
               2. Click once on the Security tab
               3. Click once on the Internet icon so it becomes highlighted.
               4. Click once on the Custom Level button.
                      + Change the Download signed ActiveX controls to Prompt
                      + Change the Download unsigned ActiveX controls to Disable
                      + Change the Initialize and script ActiveX controls not marked as safe to Disable
                      + Change the Installation of desktop items to Prompt
                      + Change the Launching programs and files in an IFRAME to Prompt
                      + Change the Navigate sub-frames across different domains to Prompt
                      + When all these settings have been made, click on the OK button.
                      + If it prompts you as to whether or not you want to save the settings, press the Yes button.
               5. Next press the Apply button and then the OK to exit the Internet Properties page.

Tighten Internet Explorer's security setting continued - Default Internet Explorer settings should be set to high.

   1. Start up IE then go to Tools > Internet Options > Security
   2. Set the Security level for the Internet Zone to High. (If no slider is visible, click Default Level.)
   3. Click the Trusted Sites icon.
   4. Set the Security level for the this Zone to Medium. (If no slider is visible, click Default Level.)
   5. Click OK.