Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problem with Internet Explorer - SOLVED!

Started by estiew2002 , Aug 26 2009 03:01 PM

  • Please log in to reply

#1
estiew2002
Posted 26 August 2009 - 03:01 PM

estiew2002

    Member

  • Member
  • PipPip
  • 32 posts
Few issues, not sure if related:

My Internet Explorer will not display any pages. Firefox works fine, except IE tab which will not show any site.

Something is preventing me from running Windows Updates, Avast updates, Malwarebytes updates and I get a message that it can't connect to server.Because I could not update Malwarebytes the log is from an older version and OTL would not work at all. It started working and froze when checking something connected to Internet Explorer (I saw it at the bottom of a program). In further attempts to run OTL, the program doesn't respond. So no log from it.

ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/08/26 23:35
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xEDC27000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF7ACE000 Size: 8192 File Visible: No Signed: -
Status: -

Name: gIdzoff.sys
Image Path: gIdzoff.sys
Address: 0xF7590000 Size: 61440 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xF6E78000 Size: 49152 File Visible: No Signed: -
Status: -

SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f6b8

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f574

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6fa52

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f14c

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f64e

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f08c

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f0f0

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f76e

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f72e

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xedc6f8ae

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0xedd2bf20

==EOF==


Malwarebytes' Anti-Malware 1.37
Database version: 2290
Windows 5.1.2600 Service Pack 3

26-Aug-09 11:28:50 PM
mbam-log-2009-08-26 (23-28-50).txt

Scan type: Quick Scan
Objects scanned: 88442
Time elapsed: 5 minute(s), 15 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 3

Memory Processes Infected:
C:\program files\relevantknowledge\rlvknlg.exe (Spyware.Marketscore) -> Unloaded process successfully.

Memory Modules Infected:
C:\program files\relevantknowledge\rlls.dll (Spyware.Marketscore) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\RelevantKnowledge (Spyware.Marketscore) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\relevantknowledge\rlls.dll (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlservice.exe (Spyware.Marketscore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rlvknlg.exe (Spyware.Marketscore) -> Quarantined and deleted successfully.

Edited by estiew2002, 26 August 2009 - 04:08 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP