also @ TechSpot: Bill Gates is once again the richest person in the world

Internet Explorer cannot connect but Firefox can. Virus?

Discussion in 'Virus and Malware Removal' started by Chanman1197, Jul 7, 2010.

Page 2 of 4

  1. Chanman1197 Newcomer, in training Posts: 44

    Okay I'm gonna do it in a sec. To be honest, I was pretty sure it wasn't malware from the beginning. But this completely eliminates it at least.
    Chanman1197, Jul 8, 2010
    #21

  2. Chanman1197 Newcomer, in training Posts: 44

    Even the first one was too long so I attached them both:

    Attached Files:

    Chanman1197, Jul 8, 2010
    #22

  3. Broni Malware Annihilator Posts: 39,189   +175

    Update your Java version here: http://www.java.com/en/download/installed.jsp
    Uninstall all previous Java versions, through Add\Remove (Programs & Features in Vista/7).

    ==============================================================

    Run OTL
    • Under the Custom Scans/Fixes box at the bottom, paste in the following

      Code:
      :OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Chandler\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 64 bytes -> C:\Users\Chandler\Desktop\WebCam_20100222_2133.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Chandler\Desktop\WebCam_20090721_1559(1).mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Chandler\Desktop\WebCam_20090719_2346.mpg:TOC.WMV

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.
    • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
    Broni, Jul 8, 2010
    #23

  4. Chanman1197 Newcomer, in training Posts: 44

    Okay, I uninstalled it and check it, said I don't have the updated versrion. So I downloaded and installed the newest one, and then I checked it again and it still says I don't have the right one. I went into the program files again and it's different, and it's version 6 which matches the newest version on the site. I don't see how this makes any sense? And I'm about to start the otl scan again.
    Chanman1197, Jul 8, 2010
    #24

  5. Chanman1197 Newcomer, in training Posts: 44

    Here is what it came up with :

    All processes killed
    ========== OTL ==========
    Service NwlnkFwd stopped successfully!
    Service NwlnkFwd deleted successfully!
    File C:\Windows\System32\DRIVERS\nwlnkfwd.sys not found.
    Service NwlnkFlt stopped successfully!
    Service NwlnkFlt deleted successfully!
    File C:\Windows\System32\DRIVERS\nwlnkflt.sys not found.
    Service IpInIp stopped successfully!
    Service IpInIp deleted successfully!
    File C:\Windows\System32\DRIVERS\ipinip.sys not found.
    Service EagleNT stopped successfully!
    Service EagleNT deleted successfully!
    File C:\Windows\System32\drivers\EagleNT.sys not found.
    Service catchme stopped successfully!
    Service catchme deleted successfully!
    File C:\Users\Chandler\AppData\Local\Temp\catchme.sys not found.
    Service blbdrive stopped successfully!
    Service blbdrive deleted successfully!
    File C:\Windows\System32\drivers\blbdrive.sys not found.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE87865-83C5-48c4-8357-2F5B1AA84522}\ not found.
    Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
    ADS C:\Users\Chandler\Desktop\WebCam_20100222_2133.mpg:TOC.WMV deleted successfully.
    ADS C:\Users\Chandler\Desktop\WebCam_20090721_1559(1).mpg:TOC.WMV deleted successfully.
    ADS C:\Users\Chandler\Desktop\WebCam_20090719_2346.mpg:TOC.WMV deleted successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Chandler
    ->Temp folder emptied: 482498 bytes
    ->Temporary Internet Files folder emptied: 107928 bytes
    ->Java cache emptied: 14150795 bytes
    ->FireFox cache emptied: 40580191 bytes
    ->Flash cache emptied: 2787 bytes

    User: Default
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 67 bytes

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: Guest
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 78991 bytes
    ->FireFox cache emptied: 88781404 bytes
    ->Flash cache emptied: 2458 bytes

    User: Public
    ->Temp folder emptied: 0 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 72098 bytes
    %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 3728284 bytes

    Total Files Cleaned = 141.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Chandler
    ->Flash cache emptied: 0 bytes

    User: Default

    User: Default User

    User: Guest
    ->Flash cache emptied: 0 bytes

    User: Public

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.8.1 log created on 05052010_112251

    Files\Folders moved on Reboot...

    Registry entries deleted on Reboot...
    Chanman1197, Jul 8, 2010
    #25

  6. Broni Malware Annihilator Posts: 39,189   +175

    OK. I'll see from new OTL scan, if Java installed.
    Broni, Jul 8, 2010
    #26
     

  7. Broni Malware Annihilator Posts: 39,189   +175

    Still:
    Broni, Jul 8, 2010
    #27

  8. Chanman1197 Newcomer, in training Posts: 44

    Here is the OTL quickscan Log : P.S. Ignore the time stamp on it, the Cmos battery on my Motherboard is completely dead so my computer clock is horribly wrong. :

    Attached Files:

    Chanman1197, Jul 8, 2010
    #28

  9. Broni Malware Annihilator Posts: 39,189   +175

    Java installed just fine.

    You should replace that battery, as soon, as possible, because it may be causing all kind of issues.

    Last scan...

    1. Download Temp File Cleaner (TFC)
    Double click on TFC.exe to run the program.
    Click on Start button to begin cleaning process.
    TFC will close all running programs, and it may ask you to restart computer.


    2. Go to Kaspersky website and perform an online antivirus scan.

    1. Disable your active antivirus program.
    2. Read through the requirements and privacy statement and click on Accept button.
    3. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    4. When the downloads have finished, click on Settings.
    5. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:

    • Spyware, Adware, Dialers, and other potentially dangerous programs
      [*] Archives
      [*] Mail databases
    6. Click on My Computer under Scan.
    7. Once the scan is complete, it will display the results. Click on View Scan Report.
    8. You will see a list of infected items there. Click on Save Report As....
    9. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. Then post it here.
    Broni, Jul 8, 2010
    #29

  10. Chanman1197 Newcomer, in training Posts: 44

    Allright. TFC removed 16MB worth of crap. And Kaspersky is downloading files currently. I'll have the logs in a bit.
    Chanman1197, Jul 8, 2010
    #30

  11. Broni Malware Annihilator Posts: 39,189   +175

    Kaspersky, usually, takes some time, so be patient :)
    Broni, Jul 8, 2010
    #31

  12. Chanman1197 Newcomer, in training Posts: 44

    Haha yeah. It is but its okay. I just wanna fix this crap. Like I play World of Wacraft and I usually take like 3 month breaks inbetween 1-2 month memberships and I want to get it working so I can play again when I want to. I don't know if you know anything about WoW, but currently my account is not active because I cancelled my recurring membership charges, so when I log in, it Shouldd* say "This account is not curently active please go to <link to account management page on their site> to add more play time" or something like that, but when I try to log in it sends me to the patch downloader which is reallllly weird. Because new patch hasn't come out and it shouldn't even let me get past the login screen with my account because I have no play time. so I don't know this whole thing is screwed up. and I know it has something to do with the IE issue so that's why I'm trying to get this fixed. And I can't post on the WoW forums because Blizzard (the company who created it) is lame and you have to have an active account to post on their forums. Hahah. And by the way, I really really appreciate your help and the time you're dedicating to help me get this problem fixed. So thank you very much!
    Chanman1197, Jul 8, 2010
    #32

  13. Broni Malware Annihilator Posts: 39,189   +175

    You're very welcome :)
    Broni, Jul 8, 2010
    #33

  14. Chanman1197 Newcomer, in training Posts: 44

    Okay it's scanning, but I'm afraid that we'll be stumped on what to do if malware is not the cause of thisss. :/
    Chanman1197, Jul 8, 2010
    #34

  15. Broni Malware Annihilator Posts: 39,189   +175

    In that case, you'll have to start new topic in Windows forum :)
    Broni, Jul 8, 2010
    #35

  16. Chanman1197 Newcomer, in training Posts: 44

    Haha oh greattt. And by the way, the scan has been running for 12 mins and it's at 4% O.o so it'll take a while. I hope you'll still be around.
    Chanman1197, Jul 8, 2010
    #36

  17. Broni Malware Annihilator Posts: 39,189   +175

    Two simple reasons:
    1. I'm too busy solving malware issues on several boards.
    2. The access to malware board is very limited (just you and me :))
    Broni, Jul 8, 2010
    #37

  18. Chanman1197 Newcomer, in training Posts: 44

    Haha I see. Well I really appreciate this. And it's at 6% Btw. >.<
    Chanman1197, Jul 8, 2010
    #38

  19. Broni Malware Annihilator Posts: 39,189   +175

    See you tomorrow....LOL
    Broni, Jul 8, 2010
    #39

  20. Chanman1197 Newcomer, in training Posts: 44

    Hahahahahaha it has to scan through every little file for the computer games I have installed..............................................................
    Chanman1197, Jul 8, 2010
    #40
Page 2 of 4
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.