bankerfox and mbam not allowing me to use my internet browsers

View previous topic View next topic Go down

bankerfox and mbam not allowing me to use my internet browsers

Post by nealmims on Wed Jan 13, 2010 4:34 pm

so a couple of days ago my computer got hold of the bankerfox.a virus i downloaded malwarebytes and removed the virus, after that i restarted my computer went to open google chrome, and nothing happend wouldnt even acknowledge me opening it, so i tried using my firefox, same thing nothing happend i dont have internet explorer on the pc so i'm not sure what else it could be, i have wireless and it allows me to run updates and connect to the internet i just cannot browse it.

here is my log info from combofix

ComboFix 10-01-12.05 - Neal Mims 01/13/2010 10:57:00.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.615 [GMT -5:00]
Running from: E:\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DOCUME~1\NEALMI~1\LOCALS~1\Temp\install_flash_player.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
C:\RECYCLER\S-1-5-21-319294890-3149517362-201515139-1003
C:\WINDOWS\system32\oem1.inf
C:\WINDOWS\system32\Thumbs.db

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


((((((((((((((((((((((((( Files Created from 2009-12-13 to 2010-01-13 )))))))))))))))))))))))))))))))
.

2010-01-13 15:03:43 . 2010-01-07 21:07:14 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-01-13 15:03:40 . 2010-01-13 15:03:46 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-13 15:03:40 . 2010-01-07 21:07:04 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
2010-01-12 15:14:21 . 2010-01-12 15:14:21 -------- d-----w- C:\Documents and Settings\All Users\Application Data\PopCap Games
2010-01-12 15:12:49 . 2010-01-12 15:12:49 -------- d-----w- C:\Documents and Settings\Guest\Local Settings\Application Data\Mozilla
2010-01-12 15:12:41 . 2010-01-12 15:12:41 -------- d-----w- C:\Documents and Settings\Guest\Local Settings\Application Data\Apple Computer
2010-01-12 15:08:12 . 2009-08-07 00:23:46 274288 ----a-w- C:\WINDOWS\system32\mucltui.dll
2010-01-12 15:08:12 . 2009-08-07 00:23:46 215920 ----a-w- C:\WINDOWS\system32\muweb.dll
2010-01-12 04:45:58 . 2010-01-12 04:45:58 -------- dc----w- C:\Documents and Settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-11 15:36:36 . 2010-01-11 15:37:22 -------- d-----w- C:\Program Files\iTunes
2010-01-11 15:36:36 . 2010-01-11 15:36:36 -------- d-----w- C:\Program Files\iPod
2010-01-11 15:33:05 . 2010-01-11 15:33:05 -------- d-----w- C:\Program Files\iPhoneBrowser
2010-01-11 15:28:49 . 2010-01-11 15:28:49 -------- d-----w- C:\Program Files\Yahoo!
2010-01-11 14:59:18 . 2010-01-12 04:39:02 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Lavasoft
2010-01-11 14:47:00 . 2010-01-11 15:26:45 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware(2)
2010-01-11 01:56:25 . 2010-01-13 15:03:49 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\Malwarebytes
2010-01-11 01:56:17 . 2010-01-13 15:03:40 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-01-11 01:37:15 . 2010-01-11 15:27:22 -------- d-----w- C:\Program Files\Spyware Doctor
2010-01-11 01:37:15 . 2010-01-11 15:27:19 -------- d-----w- C:\Program Files\Common Files\PC Tools
2009-12-30 18:22:11 . 2009-12-30 18:22:11 -------- d-----w- C:\Anti Christ (2009)DVDr.nl.subs.NLT-Release (DivX)
2009-12-30 18:22:06 . 2010-01-11 15:28:03 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\.ABC
2009-12-30 18:20:33 . 2010-01-11 15:28:04 -------- d-----w- C:\Program Files\ABC
2009-12-22 23:53:07 . 2010-01-08 06:31:40 25 ----a-w- C:\WINDOWS\popcinfot.dat
2009-12-18 00:01:01 . 2010-01-05 16:53:47 664 ----a-w- C:\WINDOWS\system32\d3d9caps.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-13 16:07:13 . 2009-10-09 05:16:15 -------- d-----w- C:\Program Files\Trillian
2010-01-11 15:36:36 . 2009-10-21 09:30:37 -------- d-----w- C:\Program Files\iPod(2)
2010-01-11 15:36:36 . 2009-10-21 09:30:05 -------- d-----w- C:\Program Files\iTunes(2)
2010-01-11 15:36:36 . 2009-04-12 23:37:49 -------- d-----w- C:\Program Files\Common Files\Apple
2010-01-11 15:35:12 . 2009-11-04 05:11:35 -------- d-----w- C:\Program Files\Microsoft Silverlight
2010-01-11 15:34:38 . 2008-12-19 08:02:15 -------- d-----w- C:\Program Files\Microsoft Works
2010-01-11 15:32:59 . 2010-01-11 15:32:47 -------- d-----w- C:\Program Files\AIM6
2010-01-11 15:32:47 . 2009-04-01 19:49:11 -------- d-----w- C:\Documents and Settings\All Users\Application Data\AOL
2010-01-11 15:32:46 . 2010-01-11 15:28:49 -------- d-----w- C:\Program Files\BitLord
2010-01-11 15:32:22 . 2010-01-11 15:32:22 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\acccore
2010-01-11 15:31:57 . 2010-01-11 15:31:57 -------- d-----w- C:\Program Files\Common Files\AOL
2010-01-11 15:31:53 . 2010-01-11 15:31:53 -------- d-----w- C:\Program Files\DigiDNA
2010-01-11 15:31:52 . 2010-01-11 15:31:48 -------- d-----w- C:\Program Files\iPhoneRingToneMaker
2010-01-11 15:31:51 . 2009-04-20 15:23:12 -------- d-----w- C:\Documents and Settings\Neal Mims\Application Data\iPhoneRingToneMaker
2010-01-11 15:31:44 . 2009-04-05 15:28:30 -------- d-----w- C:\Program Files\Mozilla Thunderbird
2010-01-11 15:31:36 . 2009-04-05 14:49:32 -------- d-----w- C:\Program Files\Miranda IM
2010-01-11 15:31:03 . 2010-01-11 15:28:55 -------- d-----w- C:\Program Files\WinSCP
2010-01-11 15:30:58 . 2010-01-11 15:30:58 -------- d-----w- C:\Program Files\Viewpoint
2010-01-11 15:30:58 . 2010-01-11 15:30:58 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Viewpoint
2010-01-09 21:11:48 . 2009-04-05 20:08:03 4898 ----a-w- C:\Documents and Settings\Neal Mims\Application Data\wklnhst.dat
2009-12-06 19:44:59 . 2009-04-01 18:06:00 50776 ----a-w- C:\Documents and Settings\Neal Mims\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-29 07:46:59 . 2007-08-14 09:54:10 832512 ----a-w- C:\WINDOWS\system32\wininet(2).dll
2009-10-29 07:46:58 . 2007-08-14 09:54:10 1168384 ----a-w- C:\WINDOWS\system32\urlmon(2).dll
2009-10-29 07:46:58 . 2007-08-14 09:44:30 105984 ----a-w- C:\WINDOWS\system32\url(2).dll
2009-10-29 07:46:54 . 2007-08-14 09:34:04 268288 ----a-w- C:\WINDOWS\system32\iertutil(2).dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Documents and Settings\Neal Mims\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-04-01 18:06:31 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2008-02-15 13:46:46 135168]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2008-02-15 13:46:46 159744]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2008-02-15 13:46:18 131072]
"IDTSysTrayApp"="sttray.exe" [2008-08-30 00:03:24 442477]
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" [2008-08-30 00:03:24 442477]
"AESTFltr"="C:\WINDOWS\system32\AESTFltr.exe" [2008-08-28 15:16:34 471040]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2008-07-31 18:58:42 1343488]
"HP Mobile Broadband"="c:\SWsetup\HPQWWAN\HPMobileBroadband.exe" [2008-07-08 22:30:44 439600]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 22:51:00 488752]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2009-03-09 15:49:18 37888]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2009-09-05 05:54:42 417792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2009-09-09 01:09:42 305440]

C:\Documents and Settings\Neal Mims\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2009-4-2 3450608]
Trillian.lnk - C:\Program Files\Trillian\trillian.exe [2009-9-29 1916768]
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-18 4742184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\BitLord\\BitLord.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=

R3 AESTAud;AE Audio Service;C:\WINDOWS\system32\drivers\AESTAud.sys [12/19/2008 2:48:34 AM 112128]
S0 Lbd;Lbd;C:\WINDOWS\system32\DRIVERS\Lbd.sys --> C:\WINDOWS\system32\DRIVERS\Lbd.sys [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe" --> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [?]
.
Contents of the 'Scheduled Tasks' folder

2009-04-12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34:12 . 2008-07-30 16:34:12]

2009-10-31 C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-237175547-915715685-1265754114-1006Core1ca59edecb4d278.job
- C:\Documents and Settings\Neal Mims\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-01 18:06:42 . 2009-04-01 18:06:31]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride =
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-ccleaner - C:\Program Files\CCleaner\ccleaner.exe
AddRemove-ABC - C:\Program Files\ABC\Uninstall.exe
AddRemove-CCleaner - C:\Program Files\CCleaner\uninst.exe
AddRemove-Spyware Doctor - C:\Program Files\Spyware Doctor\unins000.exe
AddRemove-Google Chrome - C:\Documents and Settings\Neal Mims\Local Settings\Application Data\Google\Chrome\Application\4.0.249.43\Installer\setup.exe

nealmims
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2010-01-13
OS OS : windows xp
Points Points : 25193
# Likes # Likes : 0

View user profile

Back to top Go down

Re: bankerfox and mbam not allowing me to use my internet browsers

Post by Belahzur on Wed Jan 13, 2010 6:46 pm

Hello.
Can you post the final bit of the log? think it might have got cut off there.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum