Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My browser acting weird


  • Please log in to reply
7 replies to this topic

#1 carwash

carwash

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 27 February 2012 - 10:27 PM

Everything else seem to be normal, but when I open up a site such as facebook with my firefox, or chrome or IE this is what happened

I can't even explain it with words since my english is not good.
can someone help me figure out what is causing this?

I have scanned it with malwarebytes and panda antivirus but nothing bad came out on the result

Edited by carwash, 27 February 2012 - 11:19 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 28 February 2012 - 12:18 AM

Unfortunately I cannot see what is heppening.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 carwash

carwash
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 28 February 2012 - 01:23 AM

This is MiniToolBox scanned result:

MiniToolBox by Farbar Version: 18-01-2012
Ran by Owner (administrator) on 28-02-2012 at 13:09:02
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Tether Ethernet Adapter = Tether Network Connection (Disconnected)
Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : indro-maho

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-08-02-04-4F-5D

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Tuesday, February 28, 2012 10:24:43 AM

Lease Expires . . . . . . . . . . : Friday, March 02, 2012 10:24:43 AM

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 209.85.175.138, 209.85.175.100, 209.85.175.139, 209.85.175.102
209.85.175.101, 209.85.175.113



Pinging google.com [209.85.175.102] with 32 bytes of data:



Reply from 209.85.175.102: bytes=32 time=60ms TTL=54

Reply from 209.85.175.102: bytes=32 time=57ms TTL=54



Ping statistics for 209.85.175.102:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 57ms, Maximum = 60ms, Average = 58ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.127.62, 98.139.183.24, 209.191.122.70



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=326ms TTL=53

Reply from 209.191.122.70: bytes=32 time=316ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 316ms, Maximum = 326ms, Average = 321ms

Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 08 02 04 4f 5d ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.100 192.168.1.100 20
192.168.1.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.100 192.168.1.100 20
224.0.0.0 240.0.0.0 192.168.1.100 192.168.1.100 20
255.255.255.255 255.255.255.255 192.168.1.100 192.168.1.100 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/23/2012 10:41:40 AM) (Source: Application Error) (User: )
Description: Faulting application yahoomessenger.exe, version 11.5.0.155, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x00019af2.
Processing media-specific event for [yahoomessenger.exe!ws!]

Error: (01/01/2000 00:16:12 AM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected an inconsistency in its internal state. The assertion "GetLastError() == 122L" failed at line 162 of d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp. Please contact Microsoft Product Support Services to report this error.

Error: (02/19/2012 01:31:49 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/19/2012 01:02:58 PM) (Source: Application Hang) (User: )
Description: Hanging application YahooMessenger.exe, version 11.5.0.155, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/18/2012 03:26:42 PM) (Source: Application Error) (User: )
Description: Faulting application yahoomessenger.exe, version 11.5.0.155, faulting module ylog.dll, version 1.0.0.55799, fault address 0x00002183.
Processing media-specific event for [yahoomessenger.exe!ws!]

Error: (02/18/2012 00:20:23 PM) (Source: Application Hang) (User: )
Description: Hanging application wmplayer.exe, version 9.0.0.4503, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/18/2012 09:46:11 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/18/2012 09:46:11 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/18/2012 09:45:21 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (02/18/2012 09:45:20 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/01/2000 00:02:26 AM) (Source: W32Time) (User: )
Description: The time service has detected that the system time needs to be
changed by +383737273 seconds. The time service will not change the system
time by more than +54000 seconds. Verify that your time and time zone
are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.21.23:123) is working properly.

Error: (02/27/2012 09:08:47 PM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service terminated unexpectedly. It has done this 1 time(s).

Error: (01/27/2012 08:12:45 PM) (Source: W32Time) (User: )
Description: The time service has detected that the system time needs to be
changed by +2678395 seconds. The time service will not change the system
time by more than +54000 seconds. Verify that your time and time zone
are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.21.17:123) is working properly.

Error: (01/01/2000 00:04:21 AM) (Source: Service Control Manager) (User: )
Description: The Panda Cloud Antivirus Service service hung on starting.

Error: (01/01/2000 00:03:11 AM) (Source: W32Time) (User: )
Description: The time service has detected that the system time needs to be
changed by +383687435 seconds. The time service will not change the system
time by more than +54000 seconds. Verify that your time and time zone
are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.21.24:123) is working properly.

Error: (01/01/2000 00:02:57 AM) (Source: Service Control Manager) (User: )
Description: The Ant Toolbar updater service service failed to start due to the following error:
%%1053

Error: (01/01/2000 00:02:57 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Ant Toolbar updater service service to connect.

Error: (01/01/2000 00:02:17 AM) (Source: W32Time) (User: )
Description: The time service has detected that the system time needs to be
changed by +383550972 seconds. The time service will not change the system
time by more than +54000 seconds. Verify that your time and time zone
are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.1.100:123->65.55.21.22:123) is working properly.

Error: (01/01/2000 00:02:19 AM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (01/01/2000 00:02:19 AM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)


Microsoft Office Sessions:
=========================
Error: (02/23/2012 10:41:40 AM) (Source: Application Error)(User: )
Description: yahoomessenger.exe11.5.0.155ntdll.dll5.1.2600.605500019af2

Error: (01/01/2000 00:16:12 AM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\shared\sectools.cpp162GetLastError() == 122L

Error: (02/19/2012 01:31:49 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/19/2012 01:02:58 PM) (Source: Application Hang)(User: )
Description: YahooMessenger.exe11.5.0.155hungapp0.0.0.000000000

Error: (02/18/2012 03:26:42 PM) (Source: Application Error)(User: )
Description: yahoomessenger.exe11.5.0.155ylog.dll1.0.0.5579900002183

Error: (02/18/2012 00:20:23 PM) (Source: Application Hang)(User: )
Description: wmplayer.exe9.0.0.4503hungapp0.0.0.000000000

Error: (02/18/2012 09:46:11 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/18/2012 09:46:11 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/18/2012 09:45:21 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (02/18/2012 09:45:20 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


=========================== Installed Programs ============================

µTorrent (Version: 3.1.2)
32 Bit HP CIO Components Installer (Version: 6.1.1)
4shared Toolbar
4Sync
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin (Version: 11.1.102.55)
Ant.com IE add-on (Version: 2.2.1.75)
BlackBerry USB and Modem Drivers 5.0.1 (Version: 5.0.1.37)
BufferChm (Version: 140.0.212.000)
CCleaner (Version: 3.15)
Coupon Printer for Windows (Version: 5.0.0.0)
D2600 (Version: 140.0.690.000)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DeviceDiscovery (Version: 140.0.212.000)
DJ_SF_05_D2600_Software_Min (Version: 140.0.690.000)
Easy Access Button Support
ffdshow [rev 3154] [2009-12-09] (Version: 1.0)
GOM Player (Version: 2.1.37.5085)
Google Chrome (Version: 17.0.963.56)
GPBaseService2 (Version: 140.0.211.000)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet D2600 Printer Driver Software 14.0 Rel. 5 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.002.002.002)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
InterVideo WinDVD
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MarketResearch (Version: 140.0.212.000)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 2.0 Service Pack 1 (Version: 2.1.21022)
Microsoft .NET Framework 3.0 Service Pack 1 (Version: 3.1.21022)
Microsoft .NET Framework 3.5
Microsoft .NET Framework 3.5 (Version: 3.5.21022)
Microsoft Broadband Networking (Version: 2.2.731)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.4734.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 10.0.1 (x86 en-US) (Version: 10.0.1)
Opera 11.61 (Version: 11.61.1250)
Panda Cloud Antivirus (Version: 1.05.01.0000)
Panda Cloud Antivirus (Version: 1.5.1)
Panda Security Toolbar (Version: 2.0.0.17)
Panda Security URL Filtering (Version: 2.0.0.10)
S3 Graphics Utilities
Shop for HP Supplies (Version: 14.0)
SmartWebPrinting (Version: 140.0.186.000)
Softonic toolbar on IE and Chrome
SolutionCenter (Version: 140.0.213.000)
SoundMAX2
Status (Version: 140.0.212.000)
Synaptics TouchPad
Tether 1.4.3.7
Toolbar Cleaner 1.0
Toolbox (Version: 140.0.428.000)
TP-LINK Wireless Client Utility (Version: 7.0)
TrayApp (Version: 140.0.212.000)
Twister and Utilities
Update for Microsoft Office 2010 (KB2553092)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
WebFldrs XP (Version: 9.50.5318)
WebReg (Version: 140.0.212.017)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
XML Paper Specification Shared Components Pack 1.0
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Search Protection
Yahoo! Software Update
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 495.48 MB
Available physical RAM: 125.11 MB
Total Pagefile: 1156.02 MB
Available Pagefile: 352.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1962.62 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:18.62 GB) (Free:7.44 GB) NTFS

========================= Users: ========================================

User accounts for \\INDRO-MAHO

Administrator ASPNET Guest
HelpAssistant Owner SUPPORT_388945a0


**** End of log ****

ESETScanner:
C:\APLIKASI\AVGKeygen.exe a variant of Win32/Keygen.AQ application cleaned by deleting - quarantined
C:\APLIKASI\Partition_Magic.exe MSIL/Solimba application deleted - quarantined
C:\APLIKASI\RegistryReviverSetup.exe a variant of Win32/RegistryReviver application deleted - quarantined
C:\APLIKASI\SoftonicDownloader_for_gom-player.exe a variant of Win32/SoftonicDownloader.A application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\Local Settings\Temp\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\Local Settings\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application deleted - quarantined
C:\Documents and Settings\Owner\Local Settings\TempDIR\BetterInstaller.exe a variant of Win32/Adware.Somoto.A application cleaned by deleting - quarantined
C:\Documents and Settings\Owner\My Documents\etypesetup.exe a variant of Win32/Adware.Somoto.A application deleted - quarantined

Edited by carwash, 28 February 2012 - 05:09 AM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 28 February 2012 - 11:16 AM

IMPORTANT NOTE: The practice of using cracking tools, keygens, warez or any pirated software is not only considered illegal activity but it is a serious security risk.

Cracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.

trendmicro.com/vinfo

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.

University of Washington spyware study

...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.

Bad Web Sites: Malware

When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

Before we can continue, I need you to remove all cracks and keygens immediately to reduce the risk of infection/reinfection. If not, then we are just wasting time trying to clean your system. Further, other tools used during the disinfection process may detect crack and keygens so we need to ensure they have been removed.

Using these types of programs or the websites you visited to get them is almost a guaranteed way to get yourself infected!!
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#5 carwash

carwash
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 28 February 2012 - 09:48 PM

Hi I think I ve deleted all the keygen n cracks

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 28 February 2012 - 10:30 PM

Ok lets see what else is left in malware as these also like to drop rootkits.

Please download CKScanner and save it to your Desktop. <-Important!!!
  • Double-click on CKScanner.exe and click Search For Files.
  • If using Vista, right-click on it and Run As Administrator.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A text file will be created on your desktop named ckfiles.txt.
  • Click OK at the file saved message box.
  • Double-click the ckfiles.txt icon on your desktop to open the log and copy/paste the contents in your next reply.
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.



Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
Click the "Scan" button to start scan:
Posted Image

On completion of the scan click "Save log", save it to your desktop and post in your next reply:
Posted Image

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#7 carwash

carwash
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:06:00 AM

Posted 02 March 2012 - 09:07 AM

I can't even download the files, the browser won't let me, now what should I do?

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,348 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:00 AM

Posted 02 March 2012 - 12:18 PM

Are you using Opera? Try IE or Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users