Results 1 to 2 of 2

Thread: Installed suspect program now system restore doesn't work -- other problems too.

  1. #1
    Join Date
    Sep 2012
    Posts
    1

    Installed suspect program now system restore doesn't work -- other problems too.

    Someone visited thefamilytreemaker.com and installed their software and now I have the following issues.

    -System restore will not complete.
    -Default home page on web browsers was switched to Babalon search.
    -Path information is not working correctly in old DOS program. The "set path to h:" command in dBase for DOS is acting up. Opening a database without specifying the path causes the file to be opened as a read-only file. If I include the "h:" in front of the file name the file opens normally.

    Below are the Malwarebytes and ESET log files

    Malwarebytes Anti-Malware 1.65.0.1400
    www.malwarebytes.org

    Database version: v2012.09.12.05

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    chris :: CHRISPC [administrator]

    9/12/2012 10:54:00 AM
    mbam-log-2012-09-12 (10-54-00).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 271803
    Time elapsed: 44 minute(s), 37 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ESETSmartInstaller@High as CAB hook log:
    OnlineScanner.ocx - registred OK
    Update failed (41217). Trying proxy gateway.mydupreeinc.com3128
    finished. ret_update=0 e_gle=0
    # version=7
    # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
    # OnlineScanner.ocx=1.0.0.6583
    # api_version=3.0.2
    # EOSSerial=369228cbbd90ed41a48b2145aa4f0144
    # end=finished
    # remove_checked=true
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2012-09-12 07:41:41
    # local_time=2012-09-12 12:41:41 (-0800, Pacific Daylight Time)
    # country="United States"
    # lang=1033
    # osver=5.1.2600 NT Service Pack 3
    # compatibility_mode=512 16777215 100 0 0 0 0 0
    # compatibility_mode=1024 16777191 100 0 27648127 27648127 0 0
    # compatibility_mode=8192 67108863 100 0 0 0 0 0
    # scanned=66966
    # found=2
    # cleaned=2
    # scan_time=2042
    C:\Documents and Settings\Chris\Local Settings\Temp\ICReinstall_setup.exe a variant of Win32/InstallCore.AG application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
    C:\Documents and Settings\Chris\Local Settings\Temp\EF967F18-BAB0-7891-A6D1-51F5E52E5EFD\Latest\MyBabylonTB.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

  2. #2
    Join Date
    Aug 2006
    Location
    The Middle
    Age
    71
    Posts
    4,079
    What was the suspect program????
    Why are you trying to use System Restore? System Restore actually operates only on a very few system files and settings. System Restore backs up your registry. System Restore does not backup your data. If you delete or damage a file, System Restore will not recover it. System Restore will NOT uninstall a program. In fact if you have installed a program and find you don't want it if you use System Restore it may leave you with much of the program but it just won't be listed in Add/Remove, making it much harder to uninstall. It most definitely will NOT remove an infection. Leave it alone for now. Once the infections are removed then System Restore likely can be fixed.

    Please do the following;
    Download DDS by sUBs and save it to your Desktop.
    http://www.bleepingcomputer.com/download/anti-virus/dds
    Be sure follow the instructions below carefully
    If your AV has a script blocker, please disable it
    DoubleClick on dds.scr to run the tool
    * A command box will open, displaying added information for your reading pleasure while DDS completes its scan.
    * Upon completion, a Dialog Box should open instructing you to save and post the TWO resulting logs (DDS.txt & Attach.txt).
    Copy&Paste both the DDS.txt and the DDS Attach.txt into your post for assistance.

    Notice I say copy/paste BOTH logs. The Attach.txt log says at the top to attach it, please do not attach it but copy/paste it also

    Both of these logs are very long and because of that will take multiple replies in order to post them here. Please split the logs carefully as each and every line must be seen.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •