Welcome Guest ( Login | Register )
        


Problem Accessing certain sites in IE9 and... Expand / Collapse
Author
Message
Posted 9/15/2013 3:34 AM
New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 5/29/2008 12:25 PM
Posts: 45, Visits: 34
Hi
I cannot log in to some sites(Fire Fox and IE9). It says HTTP cookies are disabled. I'm attaching the screen shots for the error message. I can access those sites from different machines. I tried to reset privacy setting, security setting and also allowing those sites in exception list in privacy setting but does nto work. Could be virus, I'm not sure.
I will appreciate your assistance.


PS**
Sorry tried to attach the images but could not.
"This system requires the use of HTTP cookies to verify authentication information....."

thanx
SSC-NY


S[sup]2C
  Post #265727
 
Posted 9/15/2013 3:58 AM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 36,777, Visits: 54,734
You need to follow the steps in your previous topic here:- http://tweaks.com/forum/Topic265681-91-1.aspx

___________________________________________________________







  Post #265728
 
Posted 9/15/2013 9:53 AM
New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 5/29/2008 12:25 PM
Posts: 45, Visits: 34
This issue is with my work pc running windows 7.
Do I follow all the steps like disabling add-ons etc or just the previous post?

thanks
ssc-ny


S[sup]2C
  Post #265729
 
Posted 9/15/2013 11:38 AM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 36,777, Visits: 54,734
Do I follow all the steps like disabling add-ons etc or just the previous post?

Yes,follow the disabling add-ons etc steps first.

If the issue persists follow the steps above and run the scans.

___________________________________________________________







  Post #265731
 
Posted 9/17/2013 10:31 AM
New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 5/29/2008 12:25 PM
Posts: 45, Visits: 34
Hi Richie
Thanks for your support.
In my work machine(windows 7 ultimate) I ran the tools. as a result some sites I can access now, but there one online system that gives the same message saying: " This system requires the use of HTTP cookies to verify authorization information. Our system has detected that your browser has disabled HTTP cookies, or does not support them. Please refer to the Help page in your browser for more information on how to correctly configure your browser for use with this system"

Also in my IE9 it would open multiple tabs on a single click and would give a dialog box saying IE stopped working and would ask me to close the program. So
I have done those steps again today. Below I'm attaching all the log of both run.
I hope things get ok without requiring a restoration.

First Run Log
===============
# AdwCleaner v3.004 - Report created 16/09/2013 at 11:13:02
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : 00052831 - JCC-T320
# Running from : C:\Users\00052831\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\00052831\AppData\Roaming\Mozilla\Firefox\Profiles\uqcdth0e.default\searchplugins\WebSearch.xml
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\ConduitEngine
Folder Found C:\Program Files\Messenger_Plus_Saudi
Folder Found C:\Program Files\WebSearch
Folder Found C:\ProgramData\saavensHiare
Folder Found C:\ProgramData\SearchNewTab
Folder Found C:\Users\00052831\AppData\LocalLow\Conduit
Folder Found C:\Users\00052831\AppData\LocalLow\ConduitEngine
Folder Found C:\Users\00052831\AppData\LocalLow\Messenger_Plus_Saudi
Folder Found C:\Users\00052831\AppData\LocalLow\PriceGong
Folder Found C:\Users\00052831\AppData\LocalLow\saavensHiare
Folder Found C:\Users\00052831\AppData\LocalLow\SearchNewTab
Folder Found C:\Users\Administrator.JCC-T535\AppData\LocalLow\Conduit
Folder Found C:\Users\Administrator.JCC-T535\AppData\LocalLow\ConduitEngine
Folder Found C:\Users\Administrator.JCC-T535\AppData\LocalLow\Messenger_Plus_Saudi
Folder Found C:\Users\Administrator.JCC-T535\AppData\LocalLow\PriceGong
Folder Found C:\Users\jcc\AppData\LocalLow\Conduit
Folder Found C:\Users\jcc\AppData\LocalLow\ConduitEngine
Folder Found C:\Users\jcc\AppData\LocalLow\Messenger_Plus_Saudi
Folder Found C:\Users\owner\AppData\Local\Conduit
Folder Found C:\Users\owner\AppData\LocalLow\Conduit
Folder Found C:\Users\owner\AppData\LocalLow\ConduitEngine
Folder Found C:\Users\owner\AppData\LocalLow\Messenger_Plus_Saudi
Folder Found C:\Users\owner\AppData\LocalLow\PriceGong

***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\savesh~1\sprote~1.dll
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\websea~1\sprote~1.dll
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\Messenger_Plus_Saudi
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\Ask&Record
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}
Key Found : HKCU\Software\Zugo
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BEA81045-59F3-4702-AC46-A1D8AA38ED34}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2905295
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\Messenger_Plus_Saudi
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{14068390-F2A0-4C26-A657-DCDA64B7A8C4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15759F9B-69A5-4C28-8BDD-170D63A0A247}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4BBE497-884F-45E1-B816-41060C2B777C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEA81045-59F3-4702-AC46-A1D8AA38ED34}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Messenger_Plus_Saudi Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_8e303e95
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{9E1B5C68-1AB5-49FE-97A9-D3F777C51663}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8080.16413

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.the-searcheng.info/?pid=1250&r=2013/09/04&hid=9612662066671480710&lg=EN&cc=SA&unqvl=35
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.the-searcheng.info/?pid=1250&r=2013/09/04&hid=9612662066671480710&lg=EN&cc=SA&unqvl=35

-\\ Mozilla Firefox v

[ File : C:\Users\00052831\AppData\Roaming\Mozilla\Firefox\Profiles\uqcdth0e.default\prefs.js ]

Line Found : user_pref("aol_toolbar.default.homepage.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("browser.search.defaultenginename", "WebSearch");
Line Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Found : user_pref("browser.search.defaulturl", "hxxp://websearch.the-searcheng.info/?pid=1250&r=2013/09/04&hid=9612662066671480710&lg=EN&cc=SA&unqvl=35&l=1&q=");
Line Found : user_pref("browser.search.order.1", "WebSearch");
Line Found : user_pref("browser.search.order.1,S", "WebSearch");
Line Found : user_pref("browser.search.selectedEngine", "WebSearch");
Line Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Found : user_pref("browser.startup.homepage", "hxxp://websearch.the-searcheng.info/?pid=1250&r=2013/09/04&hid=9612662066671480710&lg=EN&cc=SA&unqvl=35");
Line Found : user_pref("extensions.AJJ7A.scode", "(function(){try{if(window.opener&&window.self==window.top&&-1==document.cookie.indexOf(\"xcddsa\")&&-1==window.self.location.href.indexOf(\"px.pluginh\")&&window.s[...]
Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Found : user_pref("extensions.pJWaZtGeH.scode", "if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top){var script=document.createElement('script');script.type='text/javascript';scrip[...]
Line Found : user_pref("keyword.URL", "hxxp://websearch.the-searcheng.info/?pid=1250&r=2013/09/04&hid=9612662066671480710&lg=EN&cc=SA&unqvl=35&l=1&q=");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");

[ File : C:\Users\jcc\AppData\Roaming\Mozilla\Firefox\Profiles\0hmrsgif.default\prefs.js ]


[ File : C:\Users\Administrator.JCC-T535\AppData\Roaming\Mozilla\Firefox\Profiles\3te4x5et.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\00052831\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9672 octets] - [16/09/2013 11:13:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9732 octets] ##########

JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Ultimate x86
Ran by 00052831 on Mon 09/16/2013 at 11:25:00.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70DD86E8-B5BC-4E4A-9D5C-B6234C24323C}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\saveshare"
Successfully deleted: [Folder] "C:\Program Files\yuna software"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 09/16/2013 at 11:26:30.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.16.01

Windows 7 x86 NTFS
Internet Explorer 9.0.8080.16413
00052831 :: JCC-T320 [administrator]

9/16/2013 11:31:29 AM
mbam-log-2013-09-16 (11-31-29).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 584641
Time elapsed: 1 hour(s), 18 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18C2F225-5178-3106-E930-01E4E824BC45} (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-18\$553d33ff5e74885c06f9ec093c66dd83\n.) Good: (fastprox.dll) -> Quarantined and repaired successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 4
C:\Users\AUNET\00052831 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\AUNET\00052831\AppData (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\AUNET\00052831\AppData\LocalLow (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\AUNET\00052831\AppData\LocalLow\freecordertoolbar (Trojan.Agent) -> Quarantined and deleted successfully.

Files Detected: 29
C:\ProgramData\InstallMate\{A1EE3193-6CD9-4AEF-A804-24FB7A0D1365}\Setup.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\{A1EE3193-6CD9-4AEF-A804-24FB7A0D1365}\TsuDll.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
c:\users\00052831\appdata\local\microsoft\windows\temporary internet files\content.ie5\ap3wm03s\h3m[1].exe (PUP.Optional.PreLoader.A) -> Quarantined and deleted successfully.
c:\users\00052831\appdata\local\microsoft\windows\temporary internet files\content.ie5\ap3wm03s\mtrqvmo[1].exe (PUP.Optional.PreLoader.A) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FLB8R7PY\search_defender_166[1].exe (PUP.Optional.SProtect.A) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FLB8R7PY\search_defender_alternate_166[1].exe (PUP.Optional.SProtect.A) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Temp\TVLBDE0.exe (PUP.Optional.Hao123.A) -> Quarantined and deleted successfully.
c:\users\00052831\appdata\local\temp\~!#831c.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Temp\00294823\aqW21yu.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Temp\00294823\VhIpmaHy.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Temp\18be6784\39Cs.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\00052831\AppData\Local\Temp\18be6784\HXp.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.
C:\Users\00052831\Downloads\MoyeaFLVEditorUltimate_downloader_by_Downloadhr.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$553d33ff5e74885c06f9ec093c66dd83\n (Trojan.0Access) -> Delete on reboot.
C:\$Recycle.Bin\S-1-5-18\$553d33ff5e74885c06f9ec093c66dd83\U\00000004.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$553d33ff5e74885c06f9ec093c66dd83\U\00000008.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$553d33ff5e74885c06f9ec093c66dd83\U\000000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-18\$553d33ff5e74885c06f9ec093c66dd83\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1753168565-768872172-2044928816-41423\$RYCS7VG.exe (PUP.Optional.Installrex) -> Quarantined and deleted successfully.
C:\$Recycle.Bin\S-1-5-21-1753168565-768872172-2044928816-41423\$553d33ff5e74885c06f9ec093c66dd83\n (Trojan.0Access) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files\WebSearch\sprotector.dll.vir (PUP.Optional.SProtect.A) -> Quarantined and deleted successfully.
C:\dell\drivers\R282234\HTML\UsrGuide\2CS57XX-CDUM607-R\BrazPort\em005.gif (Extension.Mismatch) -> Quarantined and deleted successfully.
D:\$RECYCLE.BIN\S-1-5-21-1753168565-768872172-2044928816-41423\$R4YZ2F7\arGram-4shared_Desktop_3.1.0.exe (PUP.Optional.4Squared) -> Quarantined and deleted successfully.
D:\OLD-D\Shibly\FreeCoder\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
D:\OLD-MyDoc\Downloads\App-Setups\ICON-EDITsdie_50351.exe (PUP.Adware.RKN) -> Quarantined and deleted successfully.
D:\SSC-PERS\PERS\App-Setups\ICON-EDITsdie_50351.exe (PUP.Adware.RKN) -> Quarantined and deleted successfully.
D:\SSC-PERS\personal\ArabicLang+XtrLit\arGram-4shared_Desktop_3.1.0.exe (PUP.Optional.4Squared) -> Quarantined and deleted successfully.
C:\Users\AUNET\00052831\AppData\LocalLow\freecordertoolbar\guid.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\AUNET\00052831\AppData\LocalLow\freecordertoolbar\setupCfg.xml (Trojan.Agent) -> Quarantined and deleted successfully.

(end)

===============
2nd Run Log
===============

# AdwCleaner v3.004 - Report created 17/09/2013 at 13:30:28
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : 00052831 - JCC-T320
# Running from : C:\Users\00052831\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8080.16413


-\\ Mozilla Firefox v

[ File : C:\Users\00052831\AppData\Roaming\Mozilla\Firefox\Profiles\uqcdth0e.default\prefs.js ]


[ File : C:\Users\jcc\AppData\Roaming\Mozilla\Firefox\Profiles\0hmrsgif.default\prefs.js ]


[ File : C:\Users\Administrator.JCC-T535\AppData\Roaming\Mozilla\Firefox\Profiles\3te4x5et.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\00052831\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9812 octets] - [16/09/2013 11:13:02]
AdwCleaner[R1].txt - [9872 octets] - [16/09/2013 11:15:09]
AdwCleaner[R2].txt - [1259 octets] - [17/09/2013 13:28:56]
AdwCleaner[S0].txt - [9239 octets] - [16/09/2013 11:16:04]
AdwCleaner[S1].txt - [1180 octets] - [17/09/2013 13:30:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1240 octets] ##########

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Ultimate x86
Ran by 00052831 on Tue 09/17/2013 at 13:33:24.09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 09/17/2013 at 13:34:55.23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

MBAM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.16.01

Windows 7 x86 NTFS
Internet Explorer 9.0.8080.16413
00052831 :: JCC-T320 [administrator]

9/17/2013 1:37:14 PM
mbam-log-2013-09-17 (13-37-14).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 585263
Time elapsed: 1 hour(s), 4 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore|DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Thanks for you assistance.

SSC-NY


S[sup]2C
  Post #265738
 
Posted 9/17/2013 11:08 AM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 36,777, Visits: 54,734
"This system requires the use of HTTP cookies to verify authorization information. Our system has detected that your browser has disabled HTTP cookies, or does not support them. Please refer to the Help page in your browser for more information on how to correctly configure your browser for use with this system"

Follow the steps in the link below at:- •Enabling Cookies in Internet Explorer.
Enabling Cookies to Access Secure Web Sites:
http://answers.vt.edu/kb/entry/1764/

Then after completing the above, scan your machine with ESET OnlineScan
* Hold down Control and click on this link to open ESET OnlineScan in a new window.
* Click the button.
* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
* Double click on the
icon on your desktop.
* Check "YES, I accept the Terms of Use."
* Click the Start button.
* Accept any security warnings from your browser.
* Under scan settings, check "Scan Archives" and "Remove found threats"
* Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology
* ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List Threats
* Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
* Click the Back button.
* Click the Finish button.

Also let me know what's happening now please.

___________________________________________________________







  Post #265739
 
Posted 9/19/2013 1:28 AM
New Member

New MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew MemberNew Member

Group: Forum Members
Last Login: 5/29/2008 12:25 PM
Posts: 45, Visits: 34
Hi Richie
I ran the ESETscan and did as you instructed. But The problems are not solved.

Upon clicking any link it shows the dialog box saying IE stopped working multiple times and open multiple tabs for the link clicked.

C:\Users\00052831\AppData\Local\Temp\00294823\logkgklpdlfefgjbppnofjaiicgidloi\MZOqP8dP.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\00052831\AppData\Local\Temp\18be6784\mekfbgggbpinmfodachpkmnlbnhndpkk\chMP.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\00052831\Downloads\sw\freecorder6-setup.exe multiple threats cleaned by deleting - quarantined
D:\OLD-MyDoc\Downloads\SoftonicDownloader_for_videopad-video-editor.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
D:\OLD-MyDoc\Downloads\App-Setups\FCTBSetup(2).exe Win32/OpenCandy application cleaned by deleting - quarantined
D:\OLD-MyDoc\Downloads\App-Setups\FCTBSETUP.EXE Win32/OpenCandy application cleaned by deleting - quarantined
D:\OLD-MyDoc\Downloads\App-Setups\nero7PremiumReloaded.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined
D:\OLD-MyDoc\Downloads\App-Setups\ORBITDOWNLOADERSETUP.EXE Win32/OpenCandy application cleaned by deleting - quarantined
D:\OLD-MyDoc\Downloads\App-Setups\Util-Cnet\advsyscare-setup.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
D:\SSC-PERS\PERS\App-Setups\nero7PremiumReloaded.exe Win32/Toolbar.AskSBar application cleaned by deleting - quarantined

Thanks
SSC-NY


S[sup]2C
  Post #265743
 
Posted 9/19/2013 3:15 AM


Senior Forum Moderator

Senior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum ModeratorSenior Forum Moderator

Group: Moderators
Last Login: 8/9/2008 10:14 AM
Posts: 36,777, Visits: 54,734
Try resetting IE9 to it's default settings.
Reset Internet Explorer 9 settings:
http://windows.microsoft.com/en-gb/windows7/reset-internet-explorer-settings-in-internet-explorer-9

If the above didn't help,try updating to IE10.
Download Internet Explorer 10:
http://windows.microsoft.com/en-us/internet-explorer/ie-10-worldwide-languages


___________________________________________________________







  Post #265744
 
« Prev Topic | Next Topic »



All times are GMT -6:00, Time now is 9:35am

Powered By InstantForum.NET v4.1.4 © 2014
Execution: 0.079. 10 queries. Compression Disabled.
Terms of Service - Privacy Policy - Contact    © 2014 Advanced PC Media LLC, all rights reserved.