SpywareHammer Malware Removal Forums > Completed Malware and Rootkit Removal Topics

[Resolved K] Internet Explorer Problem

<< < (2/5) > >>

Vinnykidd:
# AdwCleaner v2.006 - Logfile created 11/01/2012 at 14:44:54
# Updated 30/10/2012 by Xplode
# Operating system : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# User : Bruce Desk - BRUCEDESK-PC
# Boot Mode : Normal
# Running from : C:\Users\Bruce Desk\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Bruce Desk\AppData\Roaming\Mozilla\Firefox\Profiles\eishc3gl.default\searchplugins\Askcom.xml
Folder Deleted : C:\ProgramData\Ask

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v3.0.1 (en-US)

Profile name : default
File : C:\Users\Bruce Desk\AppData\Roaming\Mozilla\Firefox\Profiles\eishc3gl.default\prefs.js

Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Bruce Desk\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1313 octets] - [01/11/2012 14:44:54]

########## EOF - C:\AdwCleaner[S1].txt - [1373 octets] ##########


RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Bruce Desk [Admin rights]
Mode : Scan -- Date : 11/01/2012 15:00:32

Bad processes : 0

Registry Entries : 4
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[SHELL][BLPATH] [ON_D:]HKLM\Software[...]\Winlogon : Shell (cmd.exe /k start cmd.exe) -> FOUND

Particular Files / Folders:

Driver : [LOADED]

Extern Hives:
-> D:\windows\system32\config\SOFTWARE
-> D:\Users\Default\NTUSER.DAT

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost


MBR Check:

+++++ PhysicalDrive0: Hitachi HDS721616PLA380 ATA Device +++++
--- User ---
[MBR] 80a81ec53c3f1830724f48601fa40f84
[BSP] 70c008657191bbbdce09e1f64999c957 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 10479 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21462840 | Size: 142145 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt



kevinf80:
Run the following:

Malwarebytes Anti-Malware and save it to your desktop.

Alernative D/L mirror
Alternative D/L mirror

Double Click mbam-setup.exe to install the application.
Please download
[*] Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
[*] If an update is found, it will download and install the latest version.
[*] Once the program has loaded, select "Perform Quick Scan", then click Scan.
[*] The scan may take some time to finish,so please be patient.
[*] When the scan is complete, click OK, then Show Results to view the results.
[*] Make sure that everything is checked, and click Remove Selected.
[*] When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
[*] Please save the log to a location you will remember.
[*] The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*] Copy and paste the entire report in your next reply.
[/list]

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Vinnykidd:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.01.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Bruce Desk :: BRUCEDESK-PC [administrator]

11/1/2012 3:25:41 PM
mbam-log-2012-11-01 (15-25-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192358
Time elapsed: 6 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

kevinf80:
Download OTL from any of the following links and save to your desktop.

Link 1
Link 2
Link 3

Double click the icon to start the tool. (Note: If you are running on Vista or Windows 7 accept UAC alert)

[*] When the window appears, underneath Output at the top, make sure Standard output is selected.
 [*] Select Scan all users
 [*] Under the Extra Registry section, check Use SafeList
 [*] In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
[*] Click Run Scan and let the program run uninterrupted.
[*] When the scan is complete, two text files will be created on your Desktop.
[*] OTL.Txt <- this one will be opened
[*] Extras.txt <- this one will be minimized
[/list]

Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

If these logs exceed forum character limits, zip them up and attach to reply...

How is your system responding, what issues remain...

Kevin

Vinnykidd:
Files are attached.  It almost seems like something is wrong with IE and it needs to be deleted and re-installed.  My home page opens, then I'll go to another page on my favorites and it just spins and basically locks up.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version