Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Problem with Internet Explorer - SOLVED!


  • Please log in to reply

#1
estiew2002

estiew2002

    Member

  • Member
  • PipPip
  • 32 posts
Few issues, not sure if related:

My Internet Explorer will not display any pages. Firefox works fine, except IE tab which will not show any site.

Something is preventing me from running Windows Updates, Avast updates, Malwarebytes updates and I get a message that it can't connect to server.Because I could not update Malwarebytes the log is from an older version and OTL would not work at all. It started working and froze when checking something connected to Internet Explorer (I saw it at the bottom of a program). In further attempts to run OTL, the program doesn't respond. So no log from it.

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/26 23:35
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEDC27000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7ACE000 Size: 8192 File Visible: No Signed: -
Status: -

Name: gIdzoff.sys
Image Path: gIdzoff.sys
Address: 0xF7590000 Size: 61440 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF6E78000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f6b8

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f574

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6fa52

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f14c

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f64e

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f08c

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f0f0

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f76e

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f72e

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f8ae

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0xedd2bf20

==EOF==


Malwarebytes' Anti-Malware 1.37
Database version: 2290
Windows 5.1.2600 Service Pack 3

26-Aug-09 11:28:50 PM
mbam-log-2009-08-26 (23-28-50).txt

Scan type: Quick Scan
Objects scanned: 88442
Time elapsed: 5 minute(s), 15 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
C:\program files\relevantknowledge\rlvknlg.exe (Spyware.Marketscore) -> Unloaded process successfully.

Memory Modules Infected:
C:\program files\relevantknowledge\rlls.dll (Spyware.Marketscore) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\relevantknowledge\rlls.dll (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlservice.exe (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlvknlg.exe (Spyware.Marketscore) -> Quarantined and deleted successfully.

Edited by estiew2002, 26 August 2009 - 04:08 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP