Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE5 Index.dat infected?


  • This topic is locked This topic is locked
20 replies to this topic

#1 K92littlered

K92littlered

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 05 March 2010 - 06:36 PM

I've been trying to run a full scan of Malwarebytes. Each time I try to, it always freezes on this file. Recently, I downloaded SUPERAntiSpyware. When attempting a full scan I found that it froze on the same file. I selected the specific folder and set that to be ignored when scanning. After that, it was able to complete the full scan, removing a few tracking cookies that had been left on the computer.
I don't know what to do. I'm sure that the file is somehow infected, but I don't know what to do since I can't scan it, and it's a non-deletable file. Help?

This is the file.


c:\documents and settings\andrea\local settings\history\history.ie5\mshist012008121820081219\index.dat



BC AdBot (Login to Remove)

 


#2 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:31 AM

Posted 06 March 2010 - 02:58 PM

Hi,

Please download ATF Cleaner by Atribune & save it to your desktop. alternate download link
  • Close all open browsers before using, especially FireFox. <-Important!!!
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Notes: On Vista, "Windows Temp" is disabled. To empty Temp, ATF-Cleaner must be Run As Administrator.
The Prefetch cleaning feature has been disabled for Vista Users. Tabs for applications that are not installed are grayed out.


Then try running your scans again - do they still stall?

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#3 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 07 March 2010 - 11:50 AM

Thanks for getting back to me so quickly.
Unfortunately, this didn't solve my problem. The file wasn't deleted and my computer froze yet again while scanning. Not only did the ATF Cleaner fail in removing it, so did CCleaner. I've tried both. The file is still there.

#4 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:07:31 AM

Posted 07 March 2010 - 12:11 PM

Can you clear your history through IE itself?

Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:31 AM

Posted 07 March 2010 - 01:05 PM

Download, and install Unlocker: http://ccollomb.free.fr/unlocker/
Restart computer.
It'll install under right click menu.

Open Windows Explorer.
Navigate to offending folder/file.

Right click on a folder/file. Click Unlocker
Select Delete from drop-down menu:

Posted Image

Click OK.
A folder/file will refuse to be deleted, but Unlocker will give you an option to delete on reboot:

Posted Image

Click Yes.
Restart computer.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 07 March 2010 - 05:10 PM

Windows IE has been deleted from my computer.

Windows IE has been deleted from my computer.

What should I do?

#7 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:31 AM

Posted 07 March 2010 - 05:16 PM

You can't delete IE. It's part of Windows.
What does make you think, it was deleted?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#8 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 07 March 2010 - 08:57 PM

Because I followed instructions from microsoft and deleted the browser. I've been trying to reinstall it via windows updates, but it's taking an extremely long time.

#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:31 AM

Posted 07 March 2010 - 09:51 PM

What instructions (link)?
When you uninstall IE it only reverts itself to a previous version.
As I said, it can't be completely uninstalled.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 08 March 2010 - 08:59 AM

The windows update restored IE version 7 to my computer. I tried to find the link of the webpage, but I couldn't seem to find it.
I usually save the links in a document, or I print them, but it wasn't there. I'll try to find it again and post the information.

In the meantime, should I follow the directions and use the Unlocker?

And thank you for being so patient with me... :thumbsup:

#11 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:31 AM

Posted 08 March 2010 - 12:22 PM

should I follow the directions and use the Unlocker?

Go ahead. You won't hurt anything.

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#12 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 08 March 2010 - 03:11 PM

I attempted to use the unlocker. However, when trying to navigate to the problem file, I received and error message stating that Windows Explorer has encountered a problem and needs to close.

#13 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 08 March 2010 - 03:37 PM

I think I know what I'm doing wrong. I'm using the cleaners on the wrong user. The problem files are from a different user.
This is somewhat confusing. Since I have administrator permission, I would have figured that the cleaners affected the other user accounts. I re-downloaded the ATF cleaner to the problem user. I think that did the trick. I used the SuperAntiSpyware to scan the specific folder, and it scanned right through without freezing. I'm going to attempt a full scan with malwarebytes. If it scans through, I'll be sure that it worked.

:flowers: *feels extremely idiotic right now* :thumbsup:

#14 K92littlered

K92littlered
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 08 March 2010 - 04:01 PM

Though SuperAntiSpyware was able to scan through, Malwarebytes couldn't scan past. Though, the file name isn't the same.

c:\documents and settings\andrea\local settings\history\history.ie5\mshist012008121820081219\index.dat
Was the original file.

Now, it froze at

c:\documents and settings\andrea\local settings\history\history.ie5\mshist012004110920041110\index.dat

#15 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:31 AM

Posted 08 March 2010 - 04:06 PM

Since you deleted index.dat file, new one was created after computer, or IE restart.
Use ATF Cleaner one more time, don't start IE, or restart computer afterwards.
Run MBAM right away. Are you using full scan, or quick scan?

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users