TechSpot

Internet Explorer does not work after Malwarebytes... I'm dying!

By KaseyG
Nov 25, 2011
  1. I got something called Cloud AV 2012 so I downloaded malwarebytes and had a lot of viruses. When it was done I deleted them went to open internet explorer and it was nothing just a blank page. I googled similar problems and people were saying go to Tools Internet Connection then Reset...well the internect connection in the tools wasnt even clickable. So I did in Safe Mode and nothing happened in regular. I'm completely lost my computer knowledge is turning it on and googling.

    This is the log for the first one I did that gave me problems after.

    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org

    Database version: 8235

    Windows 6.1.7600 (Safe Mode)
    Internet Explorer 8.0.7600.16385

    11/24/2011 8:33:08 PM
    mbam-log-2011-11-24 (20-33-08).txt

    Scan type: Full scan (C:\|)
    Objects scanned: 469304
    Time elapsed: 47 minute(s), 27 second(s)

    Memory Processes Infected: 3
    Memory Modules Infected: 0
    Registry Keys Infected: 2
    Registry Values Infected: 7
    Registry Data Items Infected: 1
    Folders Infected: 4
    Files Infected: 19

    Memory Processes Infected:
    c:\program files (x86)\CA421\lvvm.exe (Malware.Packer) -> 1472 -> Unloaded process successfully.
    c:\Users\Kasey\AppData\Roaming\BADCA\CCCFD.exe (Malware.Packer) -> 2660 -> Unloaded process successfully.
    c:\program files (x86)\LP\FDBB\564.exe (Malware.Packer) -> 2928 -> Unloaded process successfully.

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\activex.DLL (Adware.180Solutions) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\564.exe (Malware.Packer) -> Value: 564.exe -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LPCG (Rogue.LivePCGuard) -> Value: LPCG -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bppmmG55sQ6 (Malware.Packer) -> Value: bppmmG55sQ6 -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\564.exe (Malware.Packer) -> Value: 564.exe -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Backdoor.CycBot) -> Value: Load -> Delete on reboot.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TqhhYYCwkUVrOBx8234A (Trojan.FakeAlert.CLGen) -> Value: TqhhYYCwkUVrOBx8234A -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Malware.Packer) -> Bad: (C:\Users\Kasey\AppData\Roaming\CA421\lvvm.exe) Good: () -> Quarantined and deleted successfully.

    Folders Infected:
    c:\Users\Kasey\AppData\Roaming\microsoft\Windows\start menu\Programs\cloud av 2012 (Rogue.CloudAV2012) -> Quarantined and deleted successfully.
    c:\program files (x86)\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files (x86)\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files (x86)\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Files Infected:
    c:\program files (x86)\CA421\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\BADCA\CCCFD.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\program files (x86)\LP\FDBB\564.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\3560079\LP3560.exe (Rogue.LivePCGuard) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\dwme.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\microsoft\FDBB\564.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\CA421\lvvm.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\program files (x86)\funwebproducts\Installr\1.bin\F3EZSETP.DLL (PUP.FunWebProducts) -> Not selected for removal.
    c:\program files (x86)\funwebproducts\Installr\1.bin\F3PLUGIN.DLL (PUP.FunWebProducts) -> Not selected for removal.
    c:\program files (x86)\funwebproducts\Installr\1.bin\NPFUNWEB.DLL (PUP.FunWebProducts) -> Not selected for removal.
    c:\Users\Double A\AppData\Local\Temp\Low\R66v.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Local\Temp\dwme.exe (Malware.Packer) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\microsoft\FDBB\1150.tmp (Malware.Packer) -> Quarantined and deleted successfully.
    c:\Windows\assembly\temp\kwrd.dll (PUP.BitMiner) -> Not selected for removal.
    c:\Users\Kasey\AppData\Roaming\ahst.lni (Malware.Trace) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\iexplore.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
    c:\Users\Kasey\Desktop\cloud av 2012.lnk (Rogue.CloudAV2012) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\microsoft\Windows\start menu\Programs\cloud av 2012\cloud av 2012.lnk (Rogue.CloudAV2012) -> Quarantined and deleted successfully.
    c:\Users\Kasey\AppData\Roaming\hmmmhh6sw\cloud av 2012v121.exe (Trojan.FakeAlert.CLGen) -> Quarantined and deleted successfully.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,915   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===========================================================

    Please download Farbar Service Scanner and run it on the computer with the issue.
    • Check "Include All Files" option.
    • Press "Scan".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...