Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: Spybot Blocked  (Read 27183 times)

0 Members and 1 Guest are viewing this topic.

evilfantasy

  • Malware Removal Specialist
  • Moderator


  • Genius
  • Calm like a bomb
  • Thanked: 493
  • Experience: Experienced
  • OS: Windows 11
Re: Spybot Blocked
« Reply #15 on: February 11, 2009, 04:29:23 PM »
I haven't had zone alarm security suite running for at least 6 months. I am running the free zone alarm fire wall. Seems to be running well.

OK, it must be seeing the security center as having the Security Suite installed. No problem.

--

You are going to have to remove the Cracks & Keygens before I can continue helping.

Download the OTMoveIt3 by OldTimer

Note: If you are running on Vista, right-click on OTMoveIt3.exe and choose Run As Administrator.

* Save it to your Desktop.
* Double-click OTMoveIt3.exe to run it.
* Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy)

Code: [Select]
:Processes
explorer.exe

:files
C:\DOCUME~1\David\Application Data\uTorrent\Adobe Acrobat 9 Pro Extended + Crack (PTB-ITA-ESP-NL) (iso).rar.torrent
C:\DOCUME~1\David\Application Data\uTorrent\ConvertXtoDVD-V3 DivX-V6 Nero-V8 WinRar-V3-Full Patch And Keygen's -2-  MAXIMODIS.zip.torrent
C:\DOCUME~1\David\Application Data\uTorrent\keygen.exe.torrent
C:\DOCUME~1\David\Application Data\uTorrent\Nero 9 Ver. C Iso + Cracks & Apps.rar.torrent
C:\DOCUME~1\David\Application Data\uTorrent\Nero 9. Ultra NEW RELEASE Including+Keygen Valildation Crack.rar.torrent
C:\DOCUME~1\David\Application Data\uTorrent\nero_8_keygen__serials_reg__activation.rar.torrent
C:\DOCUME~1\David\Application Data\uTorrent\RegCure 1.5 with crack.rar.torrent

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

* Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
* Click the red Moveit! button.
* Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move process. If asked to reboot, choose Yes. If not, reboot anyway.

diggerdave

    Topic Starter


    Rookie

    Re: Spybot Blocked
    « Reply #16 on: February 11, 2009, 04:45:10 PM »
    Here's the log:
    ========== PROCESSES ==========
    Process explorer.exe killed successfully.
    ========== FILES ==========
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\Adobe Acrobat 9 Pro Extended + Crack (PTB-ITA-ESP-NL) (iso).rar.torrent not found.
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\ConvertXtoDVD-V3 DivX-V6 Nero-V8 WinRar-V3-Full Patch And Keygen's -2-  MAXIMODIS.zip.torrent not found.
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\keygen.exe.torrent not found.
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\Nero 9 Ver. C Iso + Cracks & Apps.rar.torrent not found.
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\Nero 9. Ultra NEW RELEASE Including+Keygen Valildation Crack.rar.torrent not found.
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\nero_8_keygen__serials_reg__activation.rar.torrent not found.
    File/Folder C:\DOCUME~1\David\Application Data\uTorrent\RegCure 1.5 with crack.rar.torrent not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\David\LOCALS~1\Temp\etilqs_QcjCX8zRcMQq3Ps9d45X scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\David\LOCALS~1\Temp\etilqs_QcjCX8zRcMQq3Ps9d45X-journal scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\David\LOCALS~1\Temp\etilqs_u59Ra7VKA7IFF7KLQAw4 scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\David\LOCALS~1\Temp\~DF9103.tmp scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    File delete failed. C:\WINDOWS\temp\gnserv.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_770.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\spnserv.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\spserv.dat scheduled to be deleted on reboot.
    File delete failed. C:\WINDOWS\temp\ZLT06db8.TMP scheduled to be deleted on reboot.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\David\Local Settings\Application Data\Mozilla\Firefox\Profiles\msin5iya.default\OfflineCache\index.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\David\Local Settings\Application Data\Mozilla\Firefox\Profiles\msin5iya.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\David\Local Settings\Application Data\Mozilla\Firefox\Profiles\msin5iya.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\David\Local Settings\Application Data\Mozilla\Firefox\Profiles\msin5iya.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\David\Local Settings\Application Data\Mozilla\Firefox\Profiles\msin5iya.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\David\Local Settings\Application Data\Mozilla\Firefox\Profiles\msin5iya.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Explorer started successfully
     
    OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02112009_154245

    evilfantasy

    • Malware Removal Specialist
    • Moderator


    • Genius
    • Calm like a bomb
    • Thanked: 493
    • Experience: Experienced
    • OS: Windows 11
    Re: Spybot Blocked
    « Reply #17 on: February 11, 2009, 04:56:32 PM »
    Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

    Link #1
    Link #2

    **Note:  It is important that it is saved directly to your Desktop

    Close any open Web browsers. (Firefox, Internet Explorer, etc) before starting ComboFix.

    Temporarily disable your antivirus, and any antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
     
    Double click combofix.exe & follow the prompts.
    When finished ComboFix will produce a log for you.
    Post the ComboFix log in your next reply.

    Important: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

    Remember to re-enable your antivirus and antispyware protection when ComboFix is complete.

    If you have problems with ComboFix usage, see How to use ComboFix

    diggerdave

      Topic Starter


      Rookie

      Re: Spybot Blocked
      « Reply #18 on: February 11, 2009, 05:14:59 PM »
      Log attached

      [attachment deleted by admin]

      evilfantasy

      • Malware Removal Specialist
      • Moderator


      • Genius
      • Calm like a bomb
      • Thanked: 493
      • Experience: Experienced
      • OS: Windows 11
      Re: Spybot Blocked
      « Reply #19 on: February 11, 2009, 05:21:22 PM »
      Everything looks OK.

      How is the computer running now?

      diggerdave

        Topic Starter


        Rookie

        Re: Spybot Blocked
        « Reply #20 on: February 11, 2009, 05:30:29 PM »
        It's taking well over a minute at boot up to get from the post to the memory check.

        evilfantasy

        • Malware Removal Specialist
        • Moderator


        • Genius
        • Calm like a bomb
        • Thanked: 493
        • Experience: Experienced
        • OS: Windows 11
        Re: Spybot Blocked
        « Reply #21 on: February 11, 2009, 05:33:31 PM »
        Has this just started happening?


        diggerdave

          Topic Starter


          Rookie

          Re: Spybot Blocked
          « Reply #22 on: February 11, 2009, 06:02:43 PM »
          Yes. I believe it started after running OTMoveIt3.

          evilfantasy

          • Malware Removal Specialist
          • Moderator


          • Genius
          • Calm like a bomb
          • Thanked: 493
          • Experience: Experienced
          • OS: Windows 11
          Re: Spybot Blocked
          « Reply #23 on: February 11, 2009, 06:05:20 PM »
          All that did was remove temporary files. Everything else said "Not found."

          Try Dial-a-fix.

          Download Dial-a-Fix by djlizard, save it to the desktop then extract it to it's own folder.

          • Open the folder and run Dial-a-fix.exe
          • 2 windows will open. Close the one in the background labeled Restrictive Policies
          • Check the box in section 1, Empty temp folders.
          • Check the box in section 2, Fix Windows Installer.
          • Check the box in section 3, Fix Windows Update.
          • Check the box in section 4, labeled SSL/HTTPS/Cryptography. The 4 boxes under it should be pre-checked
          • Check all boxes in section 5, labeled Registration Center.
          • Click Go
          • OK any error messages if received, but write them down and post them here.
          • Restart the computer when done.
          .
          How is it now?

          diggerdave

            Topic Starter


            Rookie

            Re: Spybot Blocked
            « Reply #24 on: February 11, 2009, 07:44:17 PM »
            Dial-a-fix has been stuck on the same task for about an hour and a half.

            evilfantasy

            • Malware Removal Specialist
            • Moderator


            • Genius
            • Calm like a bomb
            • Thanked: 493
            • Experience: Experienced
            • OS: Windows 11
            Re: Spybot Blocked
            « Reply #25 on: February 11, 2009, 08:01:25 PM »
            Can you see which one it is?

            diggerdave

              Topic Starter


              Rookie

              Re: Spybot Blocked
              « Reply #26 on: February 11, 2009, 10:20:11 PM »
              Stopping CRYPTSVC...

              evilfantasy

              • Malware Removal Specialist
              • Moderator


              • Genius
              • Calm like a bomb
              • Thanked: 493
              • Experience: Experienced
              • OS: Windows 11
              Re: Spybot Blocked
              « Reply #27 on: February 11, 2009, 10:36:52 PM »
              OK stop it and uncheck box 4, labeled SSL/HTTPS/Cryptography

              Now run it again please with the other boxes checked.

              diggerdave

                Topic Starter


                Rookie

                Re: Spybot Blocked
                « Reply #28 on: February 11, 2009, 10:54:35 PM »
                I'm still getting the lengthy delay at boot up.

                evilfantasy

                • Malware Removal Specialist
                • Moderator


                • Genius
                • Calm like a bomb
                • Thanked: 493
                • Experience: Experienced
                • OS: Windows 11
                Re: Spybot Blocked
                « Reply #29 on: February 11, 2009, 11:00:36 PM »
                A computer can be slow to start up after cleaning the cache which is what we did when running OTMoveIt. After a few more restarts see if it is still running slow.

                We should check for any more malware also as it could be that as well.

                Use the Kaspersky Lab Online Scanner

                In Microsoft Windows Vista, you must open the Web browser using the Run as Administrator command. From the Desktop right click the icon to open the browser and choose Run as Administrator.

                • Click on SCAN NOW
                • Click Accept.
                • The program will then begin downloading the latest definition files.
                • Once the files have been downloaded locate the Scan Settings and have it scan My Computer.
                • The scan will take a while, so be patient and let it finish.
                .
                When the scan is done, in the Scan is complete window, any infection is displayed.
                There is no option to clean/disinfect, however, we need to analyze the information on the report.

                To obtain the report:
                Click on: Save Report As
                • Next, in the Save as prompt, Save in area, select: Desktop.
                • In the File name area use KScan, or something similar.
                • In Save as type: click the drop arrow and select: Text file [*.txt]
                • Then, click: Save

                .
                Copy and paste the Kaspersky Online Scanner Report in your next reply.

                Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.