Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to run browsers


  • Please log in to reply
4 replies to this topic

#1 KenWA

KenWA

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 01 January 2014 - 08:36 AM

I re3cently found myself unable to run any browser although I had Internet access and could download my email with Thunderbird.  Advice from a Help forum suggested running AdwCleaner which I did but without any effect on the problem.  I eventually tracked down the culprit through the tedious Clean Boot procedure as an AddOn to Firefox but am fascinated by the list of unwelcome files which AdwCleaner deleted and thse restored.  I would be very grateful if anyone has the time to explain the significance of the items listed as I do not recognise any of them apart from Re3gistry Mechanic which I used to have installed a long time ago.

 

Many thanks

 

Mod Edit: No logs posted, moved from MRL to Am I Infected

Roger


Edited by rotor123, 01 January 2014 - 09:44 AM.


BC AdBot (Login to Remove)

 


#2 KenWA

KenWA
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 01 January 2014 - 10:03 AM

I guess the log was mislaid somehow.  How do I post it now?  There does not seem to be any way of attaching the log here so I am inserting it.

 

# AdwCleaner v3.016 - Report created 31/12/2013 at 15:19:10
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ken Arntsen - BALGLAZE
# Running from : J:\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\simplitec
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Users\Ken Arntsen\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\Ken Arntsen\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Ken Arntsen\AppData\Roaming\registry mechanic
File Deleted : C:\Users\Ken Arntsen\AppData\Roaming\Mozilla\Firefox\Profiles\t4171jdx.New Profile\searchplugins\zonealarm.xml
File Deleted : C:\Users\Ken Arntsen\AppData\Roaming\Mozilla\Firefox\Profiles\q9dg4aas.default\user.js
File Deleted : C:\Users\Ken Arntsen\AppData\Roaming\Mozilla\Firefox\Profiles\t4171jdx.New Profile\user.js
File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_quick-view-plus_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_quick-view-plus_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\Smart PC Cleaner
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\NCH Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v26.0 (en-GB)

[ File : C:\Users\Ken Arntsen\AppData\Roaming\Mozilla\Firefox\Profiles\q9dg4aas.default\prefs.js ]


[ File : C:\Users\Ken Arntsen\AppData\Roaming\Mozilla\Firefox\Profiles\t4171jdx.New Profile\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Ken Arntsen\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5815 octets] - [31/12/2013 15:18:27]
AdwCleaner[S0].txt - [4823 octets] - [31/12/2013 15:19:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4883 octets] ##########
 



#3 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:10:01 PM

Posted 01 January 2014 - 12:04 PM

Hi KenWA,

 

AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer. It also restores default settings.

 

Anything you need assistance with?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#4 KenWA

KenWA
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 01 January 2014 - 12:18 PM

I re3cently found myself unable to run any browser although I had Internet access and could download my email with Thunderbird.  Advice from a Help forum suggested running AdwCleaner which I did but without any effect on the problem.  I eventually tracked down the culprit through the tedious Clean Boot procedure as an AddOn to Firefox but am fascinated by the list of unwelcome files which AdwCleaner deleted and thse restored.  I would be very grateful if anyone has the time to explain the significance of the items listed as I do not recognise any of them apart from Re3gistry Mechanic which I used to have installed a long time ago.

 

Many thanks

 

Mod Edit: No logs posted, moved from MRL to Am I Infected

Roger



#5 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:10:01 PM

Posted 01 January 2014 - 01:14 PM

Hi KenWA,

 

I do not understand why you are quoting the whole of the first post again.

 

I think I covered this already:

I would be very grateful if anyone has the time to explain the significance of the items listed as I do not recognise any of them apart from Re3gistry Mechanic which I used to have installed a long time ago.

The rest seems to be background?

 

If you explain what you want me to answer/do then I can help you. Re-quoting the whole thing does not help me.

 

xXToffeeXx~


Edited by xXToffeeXx, 01 January 2014 - 01:14 PM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users