| Other > Viruses and worms |
| C:\windows\system32\explorer.exe may have a malware infection? |
| << < (5/6) > >> |
| magna86:
Hi, Re-run OTL.exe. [*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box. [/list] --- Code: --- :Otl IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{5D6AE2F1-AFE9-4585-A47B-527225501C48}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd IE - HKLM\..\URLSearchHook: {b2ed7faf-72a0-46d1-9d9d-602226f5cb9f} - No CLSID value found IE - HKLM\..\SearchScopes\{5D6AE2F1-AFE9-4585-A47B-527225501C48}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^XP^xdm114^LENCA^ca&si=CN-xifCKjrACFbEBQAod103BpA&ptb=4ADD6BD3-8DF2-406B-BC17-F220EF8B3E6A&psa=&ind=2012052001&st=sb&n=77ed7a21&searchfor={searchTerms} FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/08/11 08:25:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Everett\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll O2:[b]64bit:[/b] - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll File not found O3 - HKU\S-1-5-21-1573336260-1148118520-3100803624-1002\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. :files C:\Program Files (x86)\AVG ipconfig /flushdns /c netsh int ip reset c:\resetlog.txt /c ipconfig /release /c ipconfig /renew /c :commands [CREATERESTOREPOINT] [emptytemp] --- End code --- [*]Then click the Run Fix button at the top. [*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.[/list] **************************** Re-run OTLScan [*] Make sure all other windows are closed and to let it run uninterrupted. [*] Click on Scan All Users [*] Paste this into Custom Scans/Fixes box at the bottom [/list] --- Code: --- /md5start explorer.exe /md5stop C:\windows\system32\explorer.exe /md5 --- End code --- [*] Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. [*] When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. [*] Please attach them in this thread. [/list] [/list] |
| REDACTED:
Ok here is the OTL from the first step. I had to force restart and while it was restarting it just stopped and the screen went black for a long while. I had to use the shutdown button to restart it. |
| REDACTED:
Once again I have not gotten an extras.txt from my scan. I just got this. |
| magna86:
Re-run OTL.exe. [*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box. [/list] --- Code: --- :processes killallprocesses :Otl IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{5D6AE2F1-AFE9-4585-A47B-527225501C48}: "URL" = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Everett\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\plugins/avgnpss.dll O2:[b]64bit:[/b] - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found. :commands [Reboot] --- End code --- [*]Then click the Run Fix button at the top. [*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.[/list] ********************* detected explorer.exe is leght and it's catch via heuristics. How's your computer running now? |
| REDACTED:
Here is the log after the reboot. My computer is running fine now. Thank you for all of the help :D |
| Navigation |
| Message Index |
| Next page |
| Previous page |