Can someone please check my logs?
- Thread starter satoodles
- Start date
- Status
tw0rld
Posts: 549 +6
RunHJT again and remove the following:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
Uninstall Google web accelerator, yahoo Toolbar and Idabar Toolbar (Control Panel > Add/Remove Programs)
You have five instances of IE running which may be related to iespell.dll. It is best to Uninstall IE8. It is Beta verison, which means it is not the final product, thus may be very buggy.
Also follow the Instructions found here; https://www.techspot.com/vb/topic109461.html
Post Logs when done.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=presario&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
Uninstall Google web accelerator, yahoo Toolbar and Idabar Toolbar (Control Panel > Add/Remove Programs)
You have five instances of IE running which may be related to iespell.dll. It is best to Uninstall IE8. It is Beta verison, which means it is not the final product, thus may be very buggy.
Also follow the Instructions found here; https://www.techspot.com/vb/topic109461.html
Post Logs when done.
Its a bug in IE8. Which as tw0rld stated...it's a beta. I would not suggest internet explorer anyways. Personally i suggest firefox.
http://www.mozilla.com/en-US/firefox/
http://www.mozilla.com/en-US/firefox/
SpiritWind
Posts: 162 +0
Hi Satoodles :
In addition, you have the malware-prone Adobe Reader . Recently, Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/153/Rise-Of-The-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has successfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.
Use of PDF-files is becoming more and more popular among malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.
Based on this Info, I recommend you uninstall Adobe & get the safer
"Foxit Reader" .
In addition, you have the malware-prone Adobe Reader . Recently, Researchers found a new hackertoolkit that uses nothing but Adobe securityleaks in order to infect systems. "PDF Xploit Pack" ( http://www.trustedsource.org/blog/153/Rise-Of-The-PDF-Exploits )adds all kind of exploits to PDF-files. When a certain exploit has successfully infected the OS, the IP address is sent to the attackers, so they need to try again. This to reduce the time it takes to manage the bots.
Use of PDF-files is becoming more and more popular among malcreants, this because other toolkits also have PDF exploits now. A year ago only 3% of the exploits were PDF directed.
Based on this Info, I recommend you uninstall Adobe & get the safer
"Foxit Reader" .
yahoo and Idabar weren't located in add/remove programs
tw0rld
Posts: 549 +6
You need to rollback IE to IE 7, by removing it from Control Panel =>Add/Remove Programs
After you have rolledback IE do the following
To use RIES in Internet Explorer 7, follow these steps:
1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.
Note If you cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
After you have rolledback IE do the following
To use RIES in Internet Explorer 7, follow these steps:
1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.
Note If you cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
tw0rld
Posts: 549 +6
Did you do this scan with IE running? You need to in order for me to see if the issue has been resolved. If yes...the problem is fixed.
Remove the following with HJT:
You need to do the IE reset procedure below
To use RIES in Internet Explorer 7, follow these steps:
1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.
Note If you cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
post new log when done
Remove the following with HJT:
You need to do the IE reset procedure below
To use RIES in Internet Explorer 7, follow these steps:
1. Click the Tools menu, and then click Internet Options.
2. On the Advanced tab, click Reset.
3. In the Reset Internet Explorer Settings dialog box, click Reset.
4. When Internet Explorer 7 finishes restoring the default settings, click Close, and then click OK two times.
5. Close Internet Explorer 7. The changes take effect the next time that you open Internet Explorer 7.
Note If you cannot start Internet Explorer 7 for some reason, use RIES from Internet Options in Control Panel.
post new log when done
- Status
