Solved: IE 11 stopped working - windows 7

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
i get the message every time i launch ie and can't do a thing with it.
Tried the following but error still popping up:
1- resetting the internet options from control panel/deleting browsing history etc.
2- restoring the system to an earlier saved point
3- deactivating/activating back ie from windows installed components

A site suggested to run internet explorer performance troubleshooter but didn't know where to find that...

My guess is a sort of malware but i am not sure, any help would be most appreciated.

Cheers
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
Go here, then click the large blue "Download Now @ Bleeping Computer" button to download and save AdwCleaner.exe to your desktop.

Close all open windows first, then double-click AdwCleaner.exe to load its main window.

Click the "Scan" button, then allow the scanning process to finish.

Click the "Logfile" button.

When the log appears, save it.

Return here to your thread, then copy-and-paste the ENTIRE log here.

-------------------------------------------------------------------
 

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
# AdwCleaner v4.111 - Logfile created 21/02/2015 at 14:29:33
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Sanfoura - MEYNU
# Running from : C:\Users\Sanfoura\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : TBSrv

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\windows\Reimage.ini
File Found : C:\windows\System32\roboot64.exe
Folder Found : C:\ProgramData\Tbccint
Folder Found : C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Folder Found : C:\Users\Sanfoura\AppData\Local\Tbccint
Folder Found : C:\Users\Sanfoura\AppData\LocalLow\BS_Player_ControlBar_B
Folder Found : C:\Users\Sanfoura\AppData\LocalLow\Tbccint

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Key Found : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Found : HKCU\Software\AppDataLow\Software\Tbccint
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\primeshare.tv
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.cn
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\Tbccint
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Reimage
Key Found : [x64] HKCU\Software\Tbccint
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Found : [x64] HKLM\SOFTWARE\Reimage
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Google Chrome v40.0.2214.111

[C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_app_14_40_ie&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0D0CtByDtD0EtDzytCtDyCtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyByEtA0BtAyC0CtG0AtDyB0CtGtAyByDyDtG0ByDyDtDtGyByDyC0C0CzyyC0AtD0C0AyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AyB0A0AtCtA0CtGtC0AtD0EtGyEtAtA0FtG0A0BtByEtGtDyC0AtDtD0EyE0FyD0C0C0B2Q&cr=1458120062&ir=
*************************

AdwCleaner[R0].txt - [4057 bytes] - [21/02/2015 14:29:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4116 bytes] ##########
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
Close all open windows first, then double-click AdwCleaner to load its main window.

Click the "Scan" button, then allow the scanning process to finish.

Click the "Cleaning" button, then click "OK".

Allow the cleaning process to finish.

When it's finished, click "OK" in each window that appears.

The computer will restart.

When the log appears during restart, save it.

Return here to your thread, then copy-and-paste the ENTIRE log here.

--------------------------------------------------------------------

What's the brand name and model name and model number of your computer?

--------------------------------------------------------------------
 

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
# AdwCleaner v4.111 - Logfile created 21/02/2015 at 14:48:47
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : Sanfoura - MEYNU
# Running from : C:\Users\Sanfoura\Downloads\AdwCleaner (1).exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : TBSrv

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\Users\Sanfoura\AppData\Local\Tbccint
Folder Deleted : C:\Users\Sanfoura\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Sanfoura\AppData\LocalLow\BS_Player_ControlBar_B
Folder Deleted : C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\END
File Deleted : C:\windows\Reimage.ini
File Deleted : C:\windows\System32\roboot64.exe

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\Reimage
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plarium.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\primeshare.tv
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.cn
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631


-\\ Google Chrome v40.0.2214.111

[C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_app_14_40_ie&cd=2XzuyEtN2Y1L1QzuyByE0FtDyC0D0CtByDtD0EtDzytCtDyCtN0D0Tzu0StCtDtDyBtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEyByEtA0BtAyC0CtG0AtDyB0CtGtAyByDyDtG0ByDyDtDtGyByDyC0C0CzyyC0AtD0C0AyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AyB0A0AtCtA0CtGtC0AtD0EtGyEtAtA0FtG0A0BtByEtGtDyC0AtDtD0EyE0FyD0C0C0B2Q&cr=1458120062&ir=

*************************

AdwCleaner[R0].txt - [4215 bytes] - [21/02/2015 14:29:33]
AdwCleaner[R1].txt - [4278 bytes] - [21/02/2015 14:47:38]
AdwCleaner[S0].txt - [4154 bytes] - [21/02/2015 14:48:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4213 bytes] ##########
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
ASUS NX90JQ

Add this site to your browser's favorites/bookmarks list so you can quickly refer to it when needed.

---------------------------------------------------------

I don't use the Google Chrome browser, and never will, so I can't address any issues with it.

---------------------------------------------------------

Are you still having an issue with Internet Explorer 11?

---------------------------------------------------------
 

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
Nothing changed, the pop-up keeps showing at ie launch and after closing it, keeps bouncing back so i am still unable to use ie?
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
Download and save and then install the free version of

Malwarebytes Anti-Malware 2.0.4.1028

SUPERAntiSpyware 6.0.1170

Make sure to update their definition files during the install process.

Make sure to uncheck and decline to install any extras, such as toolbars and homepages, they may offer.

Make sure to uncheck and decline to use the "Pro" or "Trial" version, if it's offered.

After they're installed and updated, DON'T do anything else with them yet.

-------------------------------------------------------
 

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
I rejected the free trial for the professional versions, was that right?
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
I rejected the free trial for the professional versions, was that right?
That's correct. You want to decline or reject using the "Pro" or "Trial" version.

Advise when you're done, then I'll give you detailed instructions for their use.

-----------------------------------------------------------
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
You might want to print off these instructions before you start so they're easier for you to follow.

Note: DON'T use the computer while each scan is in progress.

---------------------------------------------------------------------

Start Malwarebytes Anti-Malware.

Click "Settings". then click "Detection and Protection".

Make sure all boxes in "Detection Options" are checked.

Click "Scan", then select Threat Scan, then click "Scan Now".

Note: If it wants to update the definition files first, allow it to do so.

If problems are found during the scan, the number of "Detected Objects" will be highlighted in red.

When the scan is finished, make sure to select and quarantine EVERYTHING in the list.

If you're prompted to restart the computer to complete the process, do so.

Start Malwarebytes Anti-Malware again.

Click "History - Application Logs".

Double-click on the most recent scan log so it can open and be viewed.

Select "Export - Text File", then name it mbam, then save it on the desktop.

Return here, then copy-and-paste its ENTIRE contents here.

---------------------------------------------------------------------

Start SUPERAntiSpyware.

Click "System Tools".

Click "Preferences", then uncheck "Run in the background (system tray)", then click "Done".

Click "Advanced Settings", then uncheck "Follow shortcuts (*.lnk) during scan", then click "OK - Done".

Click "Click here to check for updates".

When the definition files have updated, click "OK".

Click "Scan This Computer", then click Quick Scan.

If problems are found during the scan, the number of them will be highlighted in red.

When the scan is finished, click "Continue".

Make sure that EVERYTHING in the list is selected, then click "Continue".

When the removal process is complete, click "Continue".

If you're prompted to restart to finish the removal process, do so.

Start SUPERAntiSpyware again.

Click "System Tools", then click "Scan Logs".

Select the most current scan log, then click on its magnifying glass icon so it can open and be viewed, then save it on the desktop.

Return here, then copy-and-paste its ENTIRE contents here.

----------------------------------------------------------------------
 

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/21/2015 at 03:50 PM

Application Version : 6.0.1170
Database Version : 11761

Scan type : Quick Scan
Total Scan Time : 00:01:16

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 590
Memory threats detected : 0
Registry items scanned : 57039
Registry threats detected : 0
File items scanned : 7981
File threats detected : 57

Adware.Tracking Cookie
track.adform.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\Users\Sanfoura\AppData\Roaming\Microsoft\Windows\Cookies\OAI52N5H.txtC:\Users\Sanfoura\AppData\Roaming\Microsoft\Windows\Cookies\OAI52N5H.txt [ /doubleclick.net ]
.doubleclick.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
dmp.adform.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
app.****buddy.co.uk [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.****buddy.co.uk [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
smahtrack.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pornhub.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.trafficjunky.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ads.trafficjunky.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficjunky.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.jckzz.banner.thrillmitten.biz [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
bs.serving-sys.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserving.unibet.com [ C:\USERS\SANFOURA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Trojan.Agent/Gen-Backdoor[FakeAlert]
C:\WINDOWS\TEMP\LSASS.EXE

============
End of Log
============
 

flavallee

Frank
Trusted Advisor
Joined
May 12, 2002
Messages
83,155
Trojan.Agent/Gen-Backdoor[FakeAlert]
C:\WINDOWS\TEMP\LSASS.EXE
AFTER you complete both sets of my previous instructions, do the following.

Go here, then click the large blue "Download Now @ Author's site" button to download and save TFC.exe (Temp File Cleaner by OldTimer) to your desktop.

After it's downloaded and saved, close all open windows.

Double-click it to load its main window.

Click the "Start" button.

If there are a large number of temp files and/or there are multiple user accounts, the temp file deletion process may appear to freeze or may take a few minutes, so be patient.

After the temp file deletion process is finished, restart the computer.

----------------------------------------------------------
 

poppea

Thread Starter
Joined
Sep 21, 2004
Messages
76
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 21/02/2015
Scan Time: 15:59:22
Logfile: MBAM.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.02.21.05
Rootkit Database: v2015.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sanfoura

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 344060
Time Elapsed: 25 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.SurfVox.A, C:\Users\Sanfoura\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.surfvox.com/" ],), Replaced,[7f3840e0c2c89c9afb902dd83fc7dc24]

Physical Sectors: 0
(No malicious items detected)


(end)
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top