Jump to content

Unknown virus on my Toshiba laptop


Recommended Posts

Hello, about a week ago I posted a thread in this forum about a virus on my Toshiba laptop. Jeff was dealing with it. However today it seems to have been deleted and the site seems to have no recollection of me owning an account here. So I've registered again with the same name and email. Is this a problem with my laptop or the site?

Anyway, the last thing that Jeff asked me to do was the AdwCleaner, so here's the log. I'm specifically having trouble with Firefox displaying ads and slowing the laptop down:

# AdwCleaner v2.006 - Logfile created 11/01/2012 at 15:18:42

# Updated 30/10/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Buddha Watt - BUDDHAWATT-TOSH

# Boot Mode : Normal

# Running from : C:\Users\Buddha Watt\Downloads\AdwCleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Users\Buddha Watt\AppData\Roaming\Mozilla\Firefox\Profiles\u25wcabf.default\searchplugins\Startsear.xml

Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com

Folder Found : C:\Program Files (x86)\vShare.tv plugin

Folder Found : C:\ProgramData\Partner

Folder Found : C:\Users\Buddha Watt\AppData\LocalLow\boost_interprocess

Folder Found : C:\Users\Buddha Watt\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Found : HKCU\Software\StartSearch

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Found : HKLM\SOFTWARE\Software

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default

File : C:\Users\Buddha Watt\AppData\Roaming\Mozilla\Firefox\Profiles\u25wcabf.default\prefs.js

Found : user_pref("browser.search.defaultengine", "Web Search");

Found : user_pref("browser.search.defaultenginename", "Web Search");

Found : user_pref("browser.search.order.1", "Web Search");

Found : user_pref("extensions.nurit5562nurit235.scode", "(function(){try{for(i=0;i<5;i++){window.setTimeout([...]

-\\ Google Chrome v [unable to get version]

File : C:\Users\Buddha Watt\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3526 octets] - [01/11/2012 15:18:42]

########## EOF - C:\AdwCleaner[R1].txt - [3586 octets] ##########

Link to post
Share on other sites

Hi:

There was a technical problem with the forum yesterday.

Some posts and some new member profiles were lost.

http://forums.malwar...howtopic=117534

Please start a new topic back over in the malware removal section and include your helper's name (was it jeffce?) in the subject line, as well as posting the log you just posted here (since we don't deal with malware removal in this area of the forum).

He'll pick back up with you ASAP. :)

Thanks,

daledoc1

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.