WiredWX Christian Hobby Weather Tools
Would you like to react to this message? Create an account in a few clicks or log in to continue.

WiredWX Christian Hobby Weather ToolsLog in

 


bankerfox and mbam not allowing me to use my internet browsers

2 posters

descriptionbankerfox and mbam not allowing me to use my internet browsers Emptybankerfox and mbam not allowing me to use my internet browsers13th January 2010, 4:34 pm

more_horiz
so a couple of days ago my computer got hold of the bankerfox.a virus i downloaded malwarebytes and removed the virus, after that i restarted my computer went to open google chrome, and nothing happend wouldnt even acknowledge me opening it, so i tried using my firefox, same thing nothing happend i dont have internet explorer on the pc so i'm not sure what else it could be, i have wireless and it allows me to run updates and connect to the internet i just cannot browse it.

here is my log info from combofix

ComboFix 10-01-12.05 - Neal Mims 01/13/2010 10:57:00.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.615 [GMT -5:00]
Running from: E:\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\NEALMI~1\LOCALS~1\Temp\install_flash_player.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
C:\RECYCLER\S-1-5-21-319294890-3149517362-201515139-1003
C:\WINDOWS\system32\oem1.inf
C:\WINDOWS\system32\Thumbs.db

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


((((((((((((((((((((((((( Files Created from 2009-12-13 to 2010-01-13 )))))))))))))))))))))))))))))))
.

2010-01-13 15:03:43 . 2010-01-07 21:07:14 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-01-13 15:03:40 . 2010-01-13 15:03:46 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-13 15:03:40 . 2010-01-07 21:07:04 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2010-01-12 15:14:21 . 2010-01-12 15:14:21 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PopCap Games
2010-01-12 15:12:49 . 2010-01-12 15:12:49 -------- d-----w- C:\Documents and Settings\Guest\Local Settings\Application Data\Mozilla
2010-01-12 15:12:41 . 2010-01-12 15:12:41 -------- d-----w- C:\Documents and Settings\Guest\Local Settings\Application Data\Apple Computer
2010-01-12 15:08:12 . 2009-08-07 00:23:46 274288 ----a-w- C:\WINDOWS\system32\mucltui.dll
2010-01-12 15:08:12 . 2009-08-07 00:23:46 215920 ----a-w- C:\WINDOWS\system32\muweb.dll
2010-01-12 04:45:58 . 2010-01-12 04:45:58 -------- dc----w- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-11 15:36:36 . 2010-01-11 15:37:22 -------- d-----w- C:\Program Files\iTunes
2010-01-11 15:36:36 . 2010-01-11 15:36:36 -------- d-----w- C:\Program Files\iPod
2010-01-11 15:33:05 . 2010-01-11 15:33:05 -------- d-----w- C:\Program Files\iPhoneBrowser
2010-01-11 15:28:49 . 2010-01-11 15:28:49 -------- d-----w- C:\Program Files\Yahoo!
2010-01-11 14:59:18 . 2010-01-12 04:39:02 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-01-11 14:47:00 . 2010-01-11 15:26:45 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware(2)
2010-01-11 01:56:25 . 2010-01-13 15:03:49 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\Malwarebytes
2010-01-11 01:56:17 . 2010-01-13 15:03:40 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-11 01:37:15 . 2010-01-11 15:27:22 -------- d-----w- C:\Program Files\Spyware Doctor
2010-01-11 01:37:15 . 2010-01-11 15:27:19 -------- d-----w- C:\Program Files\Common Files\PC Tools
2009-12-30 18:22:11 . 2009-12-30 18:22:11 -------- d-----w- C:\Anti Christ (2009)DVDr.nl.subs.NLT-Release (DivX)
2009-12-30 18:22:06 . 2010-01-11 15:28:03 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\.ABC
2009-12-30 18:20:33 . 2010-01-11 15:28:04 -------- d-----w- C:\Program Files\ABC
2009-12-22 23:53:07 . 2010-01-08 06:31:40 25 ----a-w- C:\WINDOWS\popcinfot.dat
2009-12-18 00:01:01 . 2010-01-05 16:53:47 664 ----a-w- C:\WINDOWS\system32\d3d9caps.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 16:07:13 . 2009-10-09 05:16:15 -------- d-----w- C:\Program Files\Trillian
2010-01-11 15:36:36 . 2009-10-21 09:30:37 -------- d-----w- C:\Program Files\iPod(2)
2010-01-11 15:36:36 . 2009-10-21 09:30:05 -------- d-----w- C:\Program Files\iTunes(2)
2010-01-11 15:36:36 . 2009-04-12 23:37:49 -------- d-----w- C:\Program Files\Common Files\Apple
2010-01-11 15:35:12 . 2009-11-04 05:11:35 -------- d-----w- C:\Program Files\Microsoft Silverlight
2010-01-11 15:34:38 . 2008-12-19 08:02:15 -------- d-----w- C:\Program Files\Microsoft Works
2010-01-11 15:32:59 . 2010-01-11 15:32:47 -------- d-----w- C:\Program Files\AIM6
2010-01-11 15:32:47 . 2009-04-01 19:49:11 -------- d-----w- C:\Documents and Settings\All Users\Application Data\AOL
2010-01-11 15:32:46 . 2010-01-11 15:28:49 -------- d-----w- C:\Program Files\BitLord
2010-01-11 15:32:22 . 2010-01-11 15:32:22 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\acccore
2010-01-11 15:31:57 . 2010-01-11 15:31:57 -------- d-----w- C:\Program Files\Common Files\AOL
2010-01-11 15:31:53 . 2010-01-11 15:31:53 -------- d-----w- C:\Program Files\DigiDNA
2010-01-11 15:31:52 . 2010-01-11 15:31:48 -------- d-----w- C:\Program Files\iPhoneRingToneMaker
2010-01-11 15:31:51 . 2009-04-20 15:23:12 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\iPhoneRingToneMaker
2010-01-11 15:31:44 . 2009-04-05 15:28:30 -------- d-----w- C:\Program Files\Mozilla Thunderbird
2010-01-11 15:31:36 . 2009-04-05 14:49:32 -------- d-----w- C:\Program Files\Miranda IM
2010-01-11 15:31:03 . 2010-01-11 15:28:55 -------- d-----w- C:\Program Files\WinSCP
2010-01-11 15:30:58 . 2010-01-11 15:30:58 -------- d-----w- C:\Program Files\Viewpoint
2010-01-11 15:30:58 . 2010-01-11 15:30:58 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Viewpoint
2010-01-09 21:11:48 . 2009-04-05 20:08:03 4898 ----a-w- C:\Documents and Settings\Neal Mims\Application Data\wklnhst.dat
2009-12-06 19:44:59 . 2009-04-01 18:06:00 50776 ----a-w- C:\Documents and Settings\Neal Mims\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 07:46:59 . 2007-08-14 09:54:10 832512 ----a-w- C:\WINDOWS\system32\wininet(2).dll
2009-10-29 07:46:58 . 2007-08-14 09:54:10 1168384 ----a-w- C:\WINDOWS\system32\urlmon(2).dll
2009-10-29 07:46:58 . 2007-08-14 09:44:30 105984 ----a-w- C:\WINDOWS\system32\url(2).dll
2009-10-29 07:46:54 . 2007-08-14 09:34:04 268288 ----a-w- C:\WINDOWS\system32\iertutil(2).dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Documents and Settings\Neal Mims\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-01 18:06:31 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-02-15 13:46:46 135168]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-02-15 13:46:46 159744]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-02-15 13:46:18 131072]
"IDTSysTrayApp"="sttray.exe" [2008-08-30 00:03:24 442477]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [2008-08-30 00:03:24 442477]
"AESTFltr"="C:\WINDOWS\system32\AESTFltr.exe" [2008-08-28 15:16:34 471040]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-31 18:58:42 1343488]
"HP Mobile Broadband"="c:\SWsetup\HPQWWAN\HPMobileBroadband.exe" [2008-07-08 22:30:44 439600]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 22:51:00 488752]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2009-03-09 15:49:18 37888]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2009-09-05 05:54:42 417792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-09-09 01:09:42 305440]

C:\Documents and Settings\Neal Mims\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2009-4-2 3450608]
Trillian.lnk - C:\Program Files\Trillian\trillian.exe [2009-9-29 1916768]
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-18 4742184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R3 AESTAud;AE Audio Service;C:\WINDOWS\system32\drivers\AESTAud.sys [12/19/2008 2:48:34 AM 112128]
S0 Lbd;Lbd;C:\WINDOWS\system32\DRIVERS\Lbd.sys --> C:\WINDOWS\system32\DRIVERS\Lbd.sys [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" --> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [?]
.
Contents of the 'Scheduled Tasks' folder

2009-04-12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34:12 . 2008-07-30 16:34:12]

2009-10-31 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-237175547-915715685-1265754114-1006Core1ca59edecb4d278.job
- C:\Documents and Settings\Neal Mims\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-01 18:06:42 . 2009-04-01 18:06:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.Yahoo.com
mStart Page = hxxp://www.Yahoo.com
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride =
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-ccleaner - C:\Program Files\CCleaner\ccleaner.exe
AddRemove-ABC - C:\Program Files\ABC\Uninstall.exe
AddRemove-CCleaner - C:\Program Files\CCleaner\uninst.exe
AddRemove-Spyware Doctor - C:\Program Files\Spyware Doctor\unins000.exe
AddRemove-Google Chrome - C:\Documents and Settings\Neal Mims\Local Settings\Application Data\Google\Chrome\Application\4.0.249.43\Installer\setup.exe

descriptionbankerfox and mbam not allowing me to use my internet browsers EmptyRe: bankerfox and mbam not allowing me to use my internet browsers13th January 2010, 6:46 pm

more_horiz
Hello.
Can you post the final bit of the log? think it might have got cut off there.

............................................................................................

Site Admin / Security Administrator

Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
bankerfox and mbam not allowing me to use my internet browsers DXwU4
bankerfox and mbam not allowing me to use my internet browsers VvYDg
privacy_tip Permissions in this forum:
You cannot reply to topics in this forum