Jump to content

Recommended Posts

After removing malware, my Internet Explorer can't connect to any site, but Firefox works fine. Here is my scan:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/5/2010 1:03:54 PM

mbam-log-2010-06-05 (13-03-54).txt

Scan type: Quick scan

Objects scanned: 131413

Time elapsed: 8 minute(s), 36 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 4

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 2

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\toolbar.tb (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\toolbar.tb.1 (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wtnigagg (Rogue.AntivirusSuite.Gen) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asam (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Program Files\WinBudget (Adware.Admedia) -> Quarantined and deleted successfully.

C:\Program Files\WinBudget\bin (Adware.Admedia) -> Quarantined and deleted successfully.

Files Infected:

C:\Documents and Settings\Owner\Local Settings\Application Data\asam.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Documents and Settings\Owner\Local Settings\Application Data\syssvc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Program Files\WinBudget\bin\matrix.dat (Adware.Admedia) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Hi Sambo2 -

Your version of Malwarebytes seems to be about 1 month old - Current version is 4172 - Yours is 4052 and needs updating now -

Try this first - (The first part can also be done in > Control Panel > Internet Options only if you can not open I.E.) -

STEP 01 - For XP

  • Open Internet Explorer
  • Note: It MUST be Internet Explorer, not Firefox, Opera, Chrome or any other internet browser
  • Click on Tools at the top and select Internet Options
  • Note: If you do not see Tools, press the Alt key on your keyboard and it will show up
  • Click on the Connections tab
  • Click on the LAN settings button
  • Under Automatic configuration make sure that the box next to Automatically detect settings is checked, if it is not, then click the box next to it to check it
  • Click on the OK button to close the Local Area Network (LAN) Settings window
  • Click on the OK button to close the Internet Options window
  • Use this diagram as a guide
  • Try updating Malwarebytes' Anti-Malware again and if it does not work then please proceed to Step 02

STEP 02

Disable Internet Explorer Proxy Settings and Reset TCP/IP

It is very important that these steps be carried out exactly as shown otherwise the fix will not work.

If you have any questions please ask before moving on.

  • Please start Notepad and using your mouse make sure you select and copy all the information below in the Code box into your new document.
  • Then save the file as "fixme.bat" to your Desktop - The .bat extension is important
  • In the drop down box for Save as type: make sure you select All Files (*.*) and keep the quotes on the name as well. Then close the new file.
    @ECHO OFF
    reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyServer /f
    reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyOverride /f
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v ProxyEnable /t REG_DWORD /d 0 /f
    reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings" /v GlobalUserOffline /t REG_DWORD /d 0 /f
    netsh int ip reset resetlog.txt


  • On Windows XP you can double-click the file to run it.
  • On Vista/Win7 you need to Right click the file and choose Run as administrator to run it. With User Account Control on it should ask permission to run it. Click Yes
  • This will flash a black DOS box very quickly and go away, this is normal.
  • Restart your computer now.
  • Launch Internet Explorer and see if you can connect to the Internet.
  • Launch MBAM and check for Updates

STEP 03

Ping the Content Delivery Network

For Windows XP:

Click on START - RUN and type in or Copy/Paste the following and verify that you get a response

CMD.EXE /K PING mbam-cdn.malwarebytes.org

Thank You - :P

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.