Followed 8 step Viruses/Spyware/Malware Preliminary Removal

Status
Not open for further replies.
Z

Zanarkand90210

Hi, so im having the whole two iexplorer.exe problems... i followed all of it but it doesnt seem to go away =/
whenever i want to see a site on google i have to multiple times click and close the false site until the site i want decides to come up... and sometimes a popup comes up saying my computer is infected and to install some stupid program.
please help ><
 
OK

Use HJT to select then fix the following entries
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: (no name) - rsion - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: (no name) - {441F23E0-F689-438D-A4C6-2512FCDAE887} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: (no name) - {65E4C4FA-DC8E-4C73-A980-2835E4992406} - (no file)
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {F1DF9D79-EF52-4B26-8DA8-72C14837EC69} - (no file)
O2 - BHO: (no name) - {F4ADF370-33BB-4305-BD4E-4C314F2A5ED7} - (no file)
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O23 - Service: HBZCFNDZ - Unknown owner - C:\DOCUME~1\Tony\LOCALS~1\Temp\HBZCFNDZ.exe (file missing)
O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe (file missing)
O23 - Service: Wireless Zero Map (WZMSV) - Unknown owner - C:\WINDOWS\system32\wzmcv.exe (file missing)

Close IE then run Taskmgr and end the extra IExplore processes before running the the below!

Run MBAM again and attach new log.

Mike
 
ok i did it and those are the results
and whenever i close internet explorer both processes go away
could i still have a backdoor on my computer?
 
We are not finished yet! Yes you likely have more.

You did not elect to remove the malware on the last MBAM run as evidenced by the "No action taken".

So run it twice more, once to delete these the another to confirm they are gone. Attach logs!

A new HJT log!

Only when you get a clean log with MBAM do the below!!

Download ComboFix

Get it here: https://www.techspot.com/downloads/5587-combofix.html
Or here: http://subs.geekstogo.com/ComboFix.exe

Double click combofix.exe follow the prompts.

Install Recovery Console if connected to the Internet!

When finished, it will open a log.
Attach the log and a new HJT log in your next reply.

Note: Do not click combofix's window while its running. That may cause it to stall.

Mike
 
Status
Not open for further replies.

Similar threads

Scorpus
  • Locked
AMD Radeon RX 7900 XTX and 7900 XT launched at $999 and $899
2 3 4
Replies
81
Views
5K
EdmondRC
E
S
Solved Windows Task Manager crashes after opening
2
Replies
32
Views
10K
Broni
Broni
Julio Franco
5 alternatives to using WhatsApp in 2021
Replies
18
Views
3K
Danny101
Danny101

Latest posts

Back