Inactive Internet Explorer does not work after Malwarebytes... I'm dying!

Status
Not open for further replies.
K

KaseyG

I got something called Cloud AV 2012 so I downloaded malwarebytes and had a lot of viruses. When it was done I deleted them went to open internet explorer and it was nothing just a blank page. I googled similar problems and people were saying go to Tools Internet Connection then Reset...well the internect connection in the tools wasnt even clickable. So I did in Safe Mode and nothing happened in regular. I'm completely lost my computer knowledge is turning it on and googling.

This is the log for the first one I did that gave me problems after.

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8235

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

11/24/2011 8:33:08 PM
mbam-log-2011-11-24 (20-33-08).txt

Scan type: Full scan (C:\|)
Objects scanned: 469304
Time elapsed: 47 minute(s), 27 second(s)

Memory Processes Infected: 3
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 7
Registry Data Items Infected: 1
Folders Infected: 4
Files Infected: 19

Memory Processes Infected:
c:\program files (x86)\CA421\lvvm.exe (Malware.Packer) -> 1472 -> Unloaded process successfully.
c:\Users\Kasey\AppData\Roaming\BADCA\CCCFD.exe (Malware.Packer) -> 2660 -> Unloaded process successfully.
c:\program files (x86)\LP\FDBB\564.exe (Malware.Packer) -> 2928 -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\564.exe (Malware.Packer) -> Value: 564.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LPCG (Rogue.LivePCGuard) -> Value: LPCG -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bppmmG55sQ6 (Malware.Packer) -> Value: bppmmG55sQ6 -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\564.exe (Malware.Packer) -> Value: 564.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Backdoor.CycBot) -> Value: Load -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TqhhYYCwkUVrOBx8234A (Trojan.FakeAlert.CLGen) -> Value: TqhhYYCwkUVrOBx8234A -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Malware.Packer) -> Bad: (C:\Users\Kasey\AppData\Roaming\CA421\lvvm.exe) Good: () -> Quarantined and deleted successfully.

Folders Infected:
c:\Users\Kasey\AppData\Roaming\microsoft\Windows\start menu\Programs\cloud av 2012 (Rogue.CloudAV2012) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\program files (x86)\CA421\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\BADCA\CCCFD.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\program files (x86)\LP\FDBB\564.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\3560079\LP3560.exe (Rogue.LivePCGuard) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\dwme.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\microsoft\FDBB\564.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\CA421\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\Installr\1.bin\F3EZSETP.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\program files (x86)\funwebproducts\Installr\1.bin\F3PLUGIN.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\program files (x86)\funwebproducts\Installr\1.bin\NPFUNWEB.DLL (PUP.FunWebProducts) -> Not selected for removal.
c:\Users\Double A\AppData\Local\Temp\Low\R66v.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Local\Temp\dwme.exe (Malware.Packer) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\microsoft\FDBB\1150.tmp (Malware.Packer) -> Quarantined and deleted successfully.
c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Not selected for removal.
c:\Users\Kasey\AppData\Roaming\ahst.lni (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\iexplore.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Users\Kasey\Desktop\cloud av 2012.lnk (Rogue.CloudAV2012) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\microsoft\Windows\start menu\Programs\cloud av 2012\cloud av 2012.lnk (Rogue.CloudAV2012) -> Quarantined and deleted successfully.
c:\Users\Kasey\AppData\Roaming\hmmmhh6sw\cloud av 2012v121.exe (Trojan.FakeAlert.CLGen) -> Quarantined and deleted successfully.
 
Welcome aboard
yahooo.gif


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================================================

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Check "Include All Files" option.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.
 
Status
Not open for further replies.

Similar threads

wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni

Latest posts

Back