Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Internet Explorer has stopped working

Started by Middlegrove , Jun 04 2011 07:59 AM

  • This topic is locked This topic is locked

#46
Render
Posted 16 June 2011 - 01:55 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

Please follow the steps below:

Step 1

To clear the Java Plug-in cache:
  • Click Start then on Control Panel and then on Programs.
  • Double-click the Java (32 bit) icon in the control panel.
    The Java Control Panel appears.
    Posted Image
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
    Posted Image
  • Click Delete Files.
    The Delete Temporary Files dialog box appears.
    Posted Image
  • Click OK on Delete Temporary Files window.
    Note: This deletes all the Downloaded Applications and Applets from the cache.
  • Click OK on Temporary Files Settings window.
    Note: If you want to delete a specific application and applet from the cache, click on View Application and View Applet options respectively.

Step 2

Please delete Combofix.exe on your desktop if present.

Please download ComboFix from Here or Here to your Desktop.

Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop.

  • If you are using Firefox, make sure that your download settings are as follows:
  • Tools->Options->Main tab
  • Set to "Always ask me where to Save the files".
During the download, rename Combofix to Combo-Fix as follows:

Posted Image

Posted Image

<li>It is important you rename Combofix during the download, but not after.
<li>Please do not rename Combofix to other names, but only to the one indicated.
<li>Restart your machine into Safe mode.

To restart the computer in safe mode
Reboot then continually press F8 as the system starts booting
Once a menu appears select safe mode

<li>Double click on Combo-Fix.exe & follow the prompts.
<li>When finished, it will produce a report for you.
<li>Please post the "C:\Combo-Fix.txt" for further review

Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall.
  • 0

Advertisements

#47
Middlegrove
Posted 16 June 2011 - 05:04 PM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Render,

Combo-Fix report...

ComboFix 11-06-15.02 - Dawn McKenna Carr 06/16/2011 17:40:39.1.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3032.2568 [GMT -4:00]
Running from: c:\users\Dawn McKenna Carr\Desktop\Combo-Fix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-05-16 to 2011-06-16 )))))))))))))))))))))))))))))))
.
.
2011-06-16 22:05 . 2011-06-16 22:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-16 21:26 . 2011-06-16 21:26 -------- d-----w- C:\Combo-Fix
2011-06-15 11:31 . 2011-06-15 11:31 -------- d-----w- C:\_OTL
2011-06-15 01:44 . 2011-06-15 01:45 -------- d-----w- C:\699f43997c4c775a0af4
2011-06-14 22:45 . 2011-06-16 21:32 -------- d-----w- C:\32788R22FWJFW
2011-06-14 19:09 . 2011-05-03 05:21 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-14 19:09 . 2011-05-03 04:50 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-14 19:08 . 2011-04-27 02:57 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-06-14 19:08 . 2011-04-25 05:32 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-14 19:08 . 2011-04-25 02:44 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-14 19:08 . 2011-05-04 02:51 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-14 19:08 . 2011-05-04 02:51 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 19:08 . 2011-05-04 02:51 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-14 19:08 . 2011-05-28 03:07 3133952 ----a-w- c:\windows\system32\win32k.sys
2011-06-14 19:08 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-14 19:08 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-06-14 19:07 . 2011-04-29 03:13 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-14 19:07 . 2011-04-29 03:12 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-14 19:07 . 2011-04-29 03:12 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-14 19:07 . 2010-12-18 06:13 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-14 19:07 . 2010-12-18 05:31 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-13 23:03 . 2009-10-22 17:54 40464 ----a-w- c:\windows\system32\drivers\55488022.sys
2011-06-13 23:03 . 2009-10-10 03:30 352784 ----a-w- c:\windows\system32\drivers\5548802.sys
2011-06-13 23:03 . 2009-09-25 21:59 157712 ----a-w- c:\windows\system32\drivers\55488021.sys
2011-06-13 22:15 . 2009-10-22 17:54 40464 ----a-w- c:\windows\system32\drivers\17839042.sys
2011-06-13 22:15 . 2009-10-10 03:30 352784 ----a-w- c:\windows\system32\drivers\1783904.sys
2011-06-13 22:15 . 2009-09-25 21:59 157712 ----a-w- c:\windows\system32\drivers\17839041.sys
2011-06-13 01:37 . 2011-06-13 23:05 -------- d-----w- c:\programdata\Kaspersky Lab
2011-06-13 01:37 . 2009-10-22 17:54 40464 ----a-w- c:\windows\system32\drivers\18905552.sys
2011-06-13 01:37 . 2009-10-10 03:30 352784 ----a-w- c:\windows\system32\drivers\1890555.sys
2011-06-13 01:37 . 2009-09-25 21:59 157712 ----a-w- c:\windows\system32\drivers\18905551.sys
2011-06-02 18:58 . 2011-05-29 13:11 39984 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-02 18:58 . 2011-06-02 18:58 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-31 22:08 . 2011-05-31 22:08 -------- d-----w- c:\users\Dawn McKenna Carr\AppData\Roaming\Malwarebytes
2011-05-31 22:08 . 2011-06-01 01:43 -------- d-----w- c:\programdata\Malwarebytes
2011-05-25 19:20 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-19 11:19 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-19 11:19 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 18:01 . 2010-09-17 13:27 9984 ---ha-w- c:\windows\system32\drivers\mfeclnk.sys
2011-04-14 18:01 . 2010-09-17 13:27 149032 ----a-w- c:\windows\system32\mfevtps.exe
2011-04-14 18:01 . 2010-09-17 13:27 94992 ---ha-w- c:\windows\system32\drivers\mferkdet.sys
2011-04-14 18:01 . 2010-09-17 13:27 75160 ---ha-w- c:\windows\system32\drivers\mfenlfk.sys
2011-04-14 18:01 . 2010-09-17 13:27 63056 ---ha-w- c:\windows\system32\drivers\cfwids.sys
2011-04-14 18:01 . 2010-09-17 13:27 530304 ---ha-w- c:\windows\system32\drivers\mfehidk.sys
2011-04-14 18:01 . 2010-09-17 13:27 441840 ---ha-w- c:\windows\system32\drivers\mfefirek.sys
2011-04-14 18:01 . 2010-09-17 13:27 283744 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-04-14 18:01 . 2010-09-17 13:27 190520 ---ha-w- c:\windows\system32\drivers\mfeavfk.sys
2011-04-14 18:01 . 2010-09-17 13:27 121376 ---ha-w- c:\windows\system32\drivers\mfeapfk.sys
2011-04-09 06:45 . 2011-05-11 11:49 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 11:49 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 11:49 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-03-25 03:23 . 2011-05-11 11:49 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 03:23 . 2011-05-11 11:49 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 03:23 . 2011-05-11 11:49 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 03:22 . 2011-05-11 11:49 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 03:22 . 2011-05-11 11:49 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-03-25 03:22 . 2011-05-11 11:49 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 03:22 . 2011-05-11 11:49 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
c:\users\Dawn McKenna Carr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
setup_9.0.0.722_13.06.2011_03-02.lnk - c:\users\Dawn McKenna Carr\Desktop\Virus Removal Tool2\setup_9.0.0.722_13.06.2011_03-02\startup.exe [N/A]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wdfsgusbV3;Stenograph WDF USB Writer Service V3;c:\windows\system32\DRIVERS\wdfsgusb.sys [x]
R4 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
R4 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-12 136176]
R4 lxdp_device;lxdp_device;c:\windows\system32\lxdpcoms.exe [2008-02-27 1044648]
R4 lxdpCATSCustConnectService;lxdpCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxdpserv.exe [2009-04-28 29184]
R4 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
R4 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2009-09-17 656624]
S0 17839042;17839042 Boot Guard Driver;c:\windows\system32\DRIVERS\17839042.sys [x]
S0 18905552;18905552 Boot Guard Driver;c:\windows\system32\DRIVERS\18905552.sys [x]
S0 55488022;55488022 Boot Guard Driver;c:\windows\system32\DRIVERS\55488022.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 17839041;17839041;c:\windows\system32\DRIVERS\17839041.sys [x]
S1 18905551;18905551;c:\windows\system32\DRIVERS\18905551.sys [x]
S1 55488021;55488021;c:\windows\system32\DRIVERS\55488021.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S1 setup_9.0.0.722_13.06.2011_03-02drv;setup_9.0.0.722_13.06.2011_03-02drv;c:\windows\system32\DRIVERS\5548802.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-12 17:12]
.
2011-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-12 17:12]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10o.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Completion time: 2011-06-16 18:33:10 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-16 22:32
.
Pre-Run: 189,120,294,912 bytes free
Post-Run: 188,754,964,480 bytes free
.
- - End Of File - - 802FF0567DC327952C485C4783731244
  • 0

#48
Render
Posted 17 June 2011 - 07:35 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
And what is wrong with this computer?
  • 0

#49
Middlegrove
Posted 17 June 2011 - 10:28 AM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
mcafee found FakeAlert trojan. used malwarebytes to remove it. next day upon turning computer on would not connect to internet using wireless. Window pops up "Internet explorer has stopped working. a problem caused the program to stop working correctly. windows will close the program and notify you if a solution is available."

followed microsoft prompts to find solution and could not. assumed it had something to do with trojan from the day before.

I'm assuming you see no virus/trojan/malware problem?
  • 0

#50
Render
Posted 17 June 2011 - 10:39 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

I don't see it from logs but I can feel it from your computer behaviour. I've asked our experts for help. First suggestion was to run CF in safe mode.
I will be back when there will be some more ideas.
  • 0

#51
Middlegrove
Posted 17 June 2011 - 10:59 AM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Okay. Thank you.

Also, I plugged ethernet from modem, which didn't work, so I don't believe it's a problem connecting to the wireless network.

Also, for whatever it's worth, the whole desktop is different looking as well. the start button is on the side, rather than the bottom of the screen where it was originally. aside from desktop icons, the screen is black, where it originally came with a default artwork/wallpaper.

Also, in Network and Sharing Center it has me connected to an "unidentified network, public network" and
my actual network states "limited access." Obviously, other computer in home has no problem connecting to that network.

So, shall I run run combo-fix again in safe mode and, if so, do I need to download it again first?
  • 0

#52
Render
Posted 17 June 2011 - 11:04 AM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
No, need to run CF again.
  • 0

#53
Middlegrove
Posted 17 June 2011 - 11:33 AM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts

No, need to run CF again.


did you mean "No need to" or "no, you need to"?
  • 0

#54
Render
Posted 17 June 2011 - 12:17 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Sorry. Don't run CF.:)
  • 0

#55
Middlegrove
Posted 17 June 2011 - 12:52 PM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
no problem.
  • 0

Advertisements

#56
Render
Posted 17 June 2011 - 01:55 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi,

Please try to uninstall Internet Explorer 9 and see if problems remains with Internet Explorer 8.

How to unistall program in Windows 7:

  • Open Programs and Features by clicking the Start button Posted Image, clicking Control Panel, clicking Programs, and then clicking Programs and Features.
  • Select a program(s) listed above, and then click Uninstall. Some programs include the option to change or repair the program in addition to uninstalling it. But many simply offer the option to uninstall. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

  • 0

#57
Middlegrove
Posted 17 June 2011 - 01:59 PM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
internet explorer is not listed in programs to uninstall...
  • 0

#58
Render
Posted 17 June 2011 - 02:07 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Yes, you have to click on Turn Windows features on and off in Uninstall and or change a program window and then in Windows Features window unthick little box before Internet Explorer 9 and click on OK button.
  • 0

#59
Middlegrove
Posted 17 June 2011 - 02:46 PM

Middlegrove

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
okay, I clicked on Internet Explorer 9 in Turn windows features on or off. It's still not listed as a program to remove. Or, is that all I needed to do?

I should note that the desktop icon for IE is no longer on the desktop. Also, where would I find IE 8?
  • 0

#60
Render
Posted 17 June 2011 - 03:10 PM

Render

    Trusted Helper

  • Malware Removal
  • 4,195 posts
Hi and sorry for my somehow delayed replays as I'm currently ill.

Please do the following:

  • Click the Start button, type Programs and Features in the search box, and then click View installed updates in the left pane.
  • Under Uninstall an update, scroll down to the Microsoft Windows section.
  • Right-click Windows Internet Explorer 9, click Uninstall, and then, when prompted, click Yes.
  • Click Restart now (to finish the process of uninstalling Internet Explorer 9, and restore the previous version of Internet Explorer).

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP