Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE very slow and keeps closing...


  • This topic is locked This topic is locked
3 replies to this topic

#1 Lilliaz

Lilliaz

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:40 AM

Posted 05 October 2009 - 08:25 PM

Hi!

A few days ago Superantipyware removed something from my pc (Adware HB Helper and a Tracking cookie...) ...so I decided to run a scan....

Panda didn't find anything...

Malwarebytes found some kind of Trojan and aparently cleaned it.

The next day as I openned IE, the home page was no longer google and I had a Browser Hijacker Deskbar installed...

I uninstalled it (via conrol pannel) but now when I open a new tab I get a strange page that wasn't there before: "welcome to tabbed browsing"....

Appart from that, IE is extremely slow and keeps shutting down every window after warning me that there was an error and apologyzing for ny inconvenience...

Can anyone help?....

Thanks in advance!

Here is the DDs log...

DDS (Ver_09-09-29.01) - NTFSx86
Run by Utilizador at 0:59:53,28 on 06-10-2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.351.2070.18.2047.1251 [GMT 1:00]

AV: Panda Antivirus 2008 *On-access scanning enabled* (Updated) {EEE2D94A-D4C1-421A-AB2C-2CE8FE51747A}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Programas\Panda Security\Panda Antivirus 2008\pavsrv51.exe
C:\Programas\Panda Security\Panda Antivirus 2008\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programas\CyberLink\PowerDVD\PDVDServ.exe
C:\Programas\Nero\Nero8\InCD\NBHGui.exe
C:\Programas\Nero\Nero8\InCD\InCD.exe
C:\Programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programas\Lexmark 2300 Series\lxcgmon.exe
C:\Programas\Lexmark 2300 Series\ezprint.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programas\Logitech\Video\LogiTray.exe
C:\Programas\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE
C:\Programas\Ficheiros comuns\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programas\Java\jre6\bin\jusched.exe
C:\Programas\Search Guard Plus\SearchGuardPlus.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexStoreSvr.exe
C:\Programas\Messenger\msmsgs.exe
C:\Programas\Bonjour\mDNSResponder.exe
C:\Programas\DAEMON Tools Lite\daemon.exe
C:\Programas\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programas\Nero\Nero8\InCD\InCDsrv.exe
C:\Programas\Java\jre6\bin\jqs.exe
C:\Programas\Microsoft Office\Office12\ONENOTEM.EXE
C:\Programas\Ficheiros comuns\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Programas\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Programas\Nero\Nero8\InCD\NBHRegInCDSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programas\Panda Security\Panda Antivirus 2008\PsCtrls.exe
C:\Programas\Ficheiros comuns\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Programas\Panda Security\Panda Antivirus 2008\PsImSvc.exe
C:\Programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Programas\Ficheiros comuns\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\lxcgcoms.exe
C:\Programas\Panda Security\Panda Antivirus 2008\WebProxy.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\Utilizador\Ambiente de trabalho\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.pt/
uSearch Page =
uSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
uSearch Bar =
mSearchMigratedDefaultURL = 687474703a2f2f7777772e676f6f676c652e636f6d2f
uInternet Settings,ProxyOverride = *.local
mSearchURL = about:blank
mSearchAssistant =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\programas\ficheiros comuns\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\programas\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\programas\microsoft office\office12\GrooveShellExtensions.dll
BHO: Programa Auxiliar de Início de Sessão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\programas\ficheiros comuns\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: PDFCreator Toolbar Helper: {c451c08a-ec37-45df-aaad-18b51ab5e837} - c:\programas\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\programas\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\programas\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\programas\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Search Assistant: {f0626a63-410b-45e2-99a1-3f2475b2d695} - c:\programas\sgpsa\BHO.dll
BHO: : {fcaddc14-bd46-408a-9842-cdbe1c6d37ec} - \\UTILIZAD-02DB08\DiscoLocal$\Canon.dll
BHO: : {fcaddc14-bd46-408a-9842-cdbe1c6d37ed} - \\UTILIZAD-02DB08\DiscoLocal$\Shion.dll
BHO: : {fcaddc14-bd46-408a-9842-cdbe1c6d37ee} - \\UTILIZAD-02DB08\DiscoLocal$\Regulus.dll
TB: PDFCreator Toolbar: {31cf9ebe-5755-4a1d-ac25-2834d952d9b4} - c:\programas\pdfcreator toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\programas\windows live\toolbar\wltcore.dll
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\programas\ficheiros comuns\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [MSMSGS] "c:\programas\messenger\msmsgs.exe" /background
uRun: [DAEMON Tools Lite] "c:\programas\daemon tools lite\daemon.exe" -autorun
uRun: [SUPERAntiSpyware] c:\programas\superantispyware\SUPERAntiSpyware.exe
uRun: [eMuleAutoStart] c:\programas\dreamule\emule.exe -AutoStart
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; InfoPath.2)" -"http://bcs.whfreeman.com/thelifewire/content/chp43/4303002.html"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [RemoteControl] c:\programas\cyberlink\powerdvd\PDVDServ.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NeroFilterCheck] "c:\programas\ficheiros comuns\nero\lib\NeroCheck.exe"
mRun: [SecurDisc] c:\programas\nero\nero8\incd\NBHGui.exe
mRun: [InCD] c:\programas\nero\nero8\incd\InCD.exe
mRun: [NBKeyScan] "c:\programas\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [GrooveMonitor] "c:\programas\microsoft office\office12\GrooveMonitor.exe"
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "nwiz.exe" /install
mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [LXCGCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCGtime.dll,_RunDLLEntry@16
mRun: [lxcgmon.exe] "c:\programas\lexmark 2300 series\lxcgmon.exe"
mRun: [EzPrint] "c:\programas\lexmark 2300 series\ezprint.exe"
mRun: [FaxCenterServer] "c:\programas\lexmark fax solutions\fm3032.exe" /s
mRun: [LVCOMSX] c:\windows\system32\LVCOMSX.EXE
mRun: [LogitechVideoRepair] c:\programas\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] c:\programas\logitech\video\LogiTray.exe
mRun: [APVXDWIN] "c:\programas\panda security\panda antivirus 2008\APVXDWIN.EXE" /s
mRun: [Microsoft Works Update Detection] "c:\programas\ficheiros comuns\microsoft shared\works shared\WkUFind.exe"
mRun: [Adobe Reader Speed Launcher] "c:\programas\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Ad-Watch] c:\programas\lavasoft\ad-aware\AAWTray.exe
mRun: [SunJavaUpdateSched] "c:\programas\java\jre6\bin\jusched.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\programas\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [QuickTime Task] "c:\programas\quicktime\qttask.exe" -atboottime
mRun: [SGPUpdater] c:\programas\search guard plusu\sgpUpdaters.exe
mRun: [FBSearch] c:\programas\search guard plus\SearchGuardPlus.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\utiliz~1\menuin~1\progra~1\arranque\adobeg~1.lnk - c:\programas\ficheiros comuns\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\utiliz~1\menuin~1\progra~1\arranque\inicia~1.lnk - c:\programas\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\menuin~1\progra~1\arranque\logite~1.lnk - c:\programas\logitech\desktop messenger\8876480\program\LDMConf.exe
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
IE: &Search - ?p=ZJman000
IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - c:\programas\ficheiros comuns\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\programas\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\programas\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\programas\panda security\panda antivirus 2008\pavlsp.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://tky09.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_en_US.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} - hxxp://downloads.ewido.net/ewidoOnlineScan.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - hxxp://www.nanoscan.com/as/cabs/ascstubie.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\programas\microsoft office\office12\GrooveSystemServices.dll
Handler: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\programas\lizardtech\express view\expressview.dll
Handler: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - c:\programas\lizardtech\express view\expressview.dll
Notify: !SASWinLogon - c:\programas\superantispyware\SASWINLO.DLL
Notify: avldr - avldr.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\programas\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\programas\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-4-16 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-4-14 28544]
R1 SASDIFSV;SASDIFSV;c:\programas\superantispyware\sasdifsv.sys [2009-3-23 9968]
R1 SASKUTIL;SASKUTIL;c:\programas\superantispyware\SASKUTIL.SYS [2009-3-23 74480]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2008-5-27 38968]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\programas\nero\nero8\incd\NBHRegInCDSrv.exe [2008-2-28 53032]
R2 Panda Software Controller;Panda Software Controller;c:\programas\panda security\panda antivirus 2008\PsCtrlS.exe [2008-5-27 169264]
R2 pavdrv;pavdrv;c:\windows\system32\drivers\pavdrv51.sys [2008-5-27 83896]
R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2008-5-27 178872]
R2 PavPrSrv;Panda Process Protection Service;c:\programas\ficheiros comuns\panda software\pavshld\PavPrSrv.exe [2008-5-27 63024]
R2 PAVSRV;Panda anti-virus service;c:\programas\panda security\panda antivirus 2008\PAVSRV51.EXE [2008-5-27 148272]
R2 SeaPort;SeaPort;c:\programas\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R3 SASENUM;SASENUM;c:\programas\superantispyware\SASENUM.SYS [2009-3-23 7408]
S2 gupdate1c9fd81d28cdda;Serviço Google Update (gupdate1c9fd81d28cdda);c:\programas\google\update\GoogleUpdate.exe [2009-7-5 133104]
S2 SystemUpdate;SystemUpdate;c:\windows\servupdate.exe --> c:\windows\ServUpdate.exe [?]
S3 aswArKrn;aswArKrn;\??\c:\docume~1\utiliz~1\defini~1\temp\aswarkrn.sys --> c:\docume~1\utiliz~1\defini~1\temp\aswArKrn.sys [?]
S3 getPlus® Helper;getPlus® Helper;c:\programas\nos\bin\getPlus_HelperSvc.exe [2009-4-15 33176]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\programas\lavasoft\ad-aware\AAWService.exe [2009-3-9 1028432]

=============== Created Last 30 ================

2009-10-01 15:29 <DIR> --d----- c:\programas\Search Guard PlusU
2009-10-01 15:29 <DIR> --d----- c:\programas\Search Guard Plus
2009-10-01 15:29 <DIR> --d----- c:\programas\SGPSA
2009-10-01 15:29 <DIR> --d----- C:\users
2009-09-09 11:23 153,088 -c------ c:\windows\system32\dllcache\triedit.dll

==================== Find3M ====================

2009-09-22 23:42 12,626 a------- c:\docume~1\utiliz~1\applic~1\etec.drv
2009-09-22 23:42 685 a------- c:\docume~1\utiliz~1\applic~1\atec.drv
2009-09-10 14:54 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-10 14:53 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-08-22 01:01 311,686 a------- c:\windows\java\servupdate.exe
2009-08-19 01:08 244,736 a------- c:\windows\play.exe
2009-08-19 01:07 705,024 a------- c:\windows\Regulus.dll
2009-08-19 01:06 458,240 a------- c:\windows\Shion.dll
2009-08-19 01:06 934,912 a------- c:\windows\Smiles.exe
2009-08-06 11:20 494,916 a------- c:\windows\system32\perfh016.dat
2009-08-06 11:20 86,542 a------- c:\windows\system32\perfc016.dat
2009-08-05 10:00 205,824 a------- c:\windows\system32\mswebdvd.dll
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-17 20:03 58,880 a------- c:\windows\system32\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-06-27 20:05 34 a------- c:\documents and settings\utilizador\jagex_runescape_preferences.dat
2008-12-14 00:11 47,360 a------- c:\docume~1\utiliz~1\applic~1\pcouffin.sys
2008-12-14 00:10 16,944,264 a------- c:\programas\vsoConvertXtoDVD3_setup.exe
2008-12-13 03:53 14,968,808 a------- c:\programas\spybotsd160.exe
2008-10-21 21:06 8,284,912 a------- c:\programas\exview_setup.exe
2008-10-21 20:29 3,079,604 a------- c:\programas\Setup_MagicISO.exe
2008-04-28 23:48 14,286 a------- c:\programas\settings.dat
2008-04-28 22:17 15,895,117 a------- c:\programas\PDFCreator-0_9_5_setup.exe
2008-05-21 14:39 32,768 a--sh--- c:\windows\system32\config\systemprofile\definições locais\histórico\history.ie5\mshist012008052120080522\index.dat

============= FINISH: 1:00:27,06 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:40 AM

Posted 22 October 2009 - 06:48 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


And

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.

    First Location
    Second Location
    Third Location

  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:40 AM

Posted 22 October 2009 - 06:49 PM

I will keep this topic open for three days before closing it.

Edited by m0le, 22 October 2009 - 06:50 PM.

Posted Image
m0le is a proud member of UNITE

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:40 AM

Posted 25 October 2009 - 07:26 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :(

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users