Internet explorer/crypted.exe virus in Temp folder (log files attached)
- Thread starter bhebepau
- Start date
- Status
All Processes Killed
[Registry - Safe List]
HOSTS file reset successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
[Files/Folders - Created Within 30 Days]
File C:\Combo-Fix not found!
File C:\Windows\SWXCACLS.exe not found!
File C:\Windows\SWREG.exe not found!
File C:\Windows\SWSC.exe not found!
File C:\Windows\NIRCMD.exe not found!
File C:\Windows\ERDNT not found!
File C:\Qoobox not found!
[Files/Folders - Modified Within 30 Days]
File C:\Windows\PEV.exe not found!
File C:\Windows\System32\coimtb.exe not found!
File C:\Windows\System32\wwialc.exe not found!
File C:\Windows\System32\bgdamv.exe not found!
File C:\Windows\System32\fcsgmg.exe not found!
File C:\Windows\MBR.exe not found!
[File - Lop Check]
File C:\Users\Admin\AppData\Roaming\BitTorrent not found!
C:\Users\Admin\AppData\Roaming\uTorrent folder moved successfully.
[Empty Temp Folders]
User: Admin
->Temp folder emptied: 3599353 bytes
->Temporary Internet Files folder emptied: 29309094 bytes
->Java cache emptied: 15549742 bytes
->FireFox cache emptied: 88707472 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 546598 bytes
RecycleBin emptied: 112560777 bytes
Total Files Cleaned = 238.68 mb
< End of fix log >
OTS by OldTimer - Version 3.1.4.0 fix logfile created on 11202009_192303
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
---------------------------------------------------------------
i have no problem with my pc now. i guess this is the end of your support for me.
thank you very much Bobbye and kritius for helping me!
[Registry - Safe List]
HOSTS file reset successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
[Files/Folders - Created Within 30 Days]
File C:\Combo-Fix not found!
File C:\Windows\SWXCACLS.exe not found!
File C:\Windows\SWREG.exe not found!
File C:\Windows\SWSC.exe not found!
File C:\Windows\NIRCMD.exe not found!
File C:\Windows\ERDNT not found!
File C:\Qoobox not found!
[Files/Folders - Modified Within 30 Days]
File C:\Windows\PEV.exe not found!
File C:\Windows\System32\coimtb.exe not found!
File C:\Windows\System32\wwialc.exe not found!
File C:\Windows\System32\bgdamv.exe not found!
File C:\Windows\System32\fcsgmg.exe not found!
File C:\Windows\MBR.exe not found!
[File - Lop Check]
File C:\Users\Admin\AppData\Roaming\BitTorrent not found!
C:\Users\Admin\AppData\Roaming\uTorrent folder moved successfully.
[Empty Temp Folders]
User: Admin
->Temp folder emptied: 3599353 bytes
->Temporary Internet Files folder emptied: 29309094 bytes
->Java cache emptied: 15549742 bytes
->FireFox cache emptied: 88707472 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 546598 bytes
RecycleBin emptied: 112560777 bytes
Total Files Cleaned = 238.68 mb
< End of fix log >
OTS by OldTimer - Version 3.1.4.0 fix logfile created on 11202009_192303
Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
---------------------------------------------------------------
i have no problem with my pc now. i guess this is the end of your support for me.
thank you very much Bobbye and kritius for helping me!
- Status
