Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

internet explorer hijacked

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: internet explorer hijacked

Unread postby Bobc5025 » August 12th, 2012, 2:32 pm

========== PROCESSES ==========
All processes killed
========== FILES ==========
C:\Program Files\RealArcade\Installer\bin\OCSetupHlp.dll moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.56.0 log created on 08112012_142330

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...



aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-11 14:25:32
-----------------------------
14:25:32.234 OS Version: Windows 5.1.2600 Service Pack 3
14:25:32.234 Number of processors: 1 586 0x4F02
14:25:32.234 ComputerName: GARN UserName:
14:25:32.609 Initialize success
14:27:45.625 AVAST engine defs: 12081101
14:28:32.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:28:32.312 Disk 0 Vendor: ST3808110AS 3.ADH Size: 76293MB BusType: 3
14:28:32.343 Disk 0 MBR read successfully
14:28:32.343 Disk 0 MBR scan
14:28:32.375 Disk 0 unknown MBR code
14:28:32.375 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
14:28:32.390 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 72778 MB offset 96390
14:28:32.421 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3459 MB offset 149147460
14:28:32.421 Disk 0 scanning sectors +156232125
14:28:32.500 Disk 0 scanning C:\WINDOWS\system32\drivers
14:28:42.828 Service scanning
14:28:59.187 Modules scanning
14:29:15.796 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**
14:29:17.187 Disk 0 trace - called modules:
14:29:17.203 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
14:29:17.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a27cab8]
14:29:17.203 3 CLASSPNP.SYS[ba0c8fd7] -> nt!IofCallDriver -> \Device\0000005b[0x8a25cf18]
14:29:17.203 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a38e940]
14:29:17.453 AVAST engine scan C:\WINDOWS
14:29:38.687 AVAST engine scan C:\WINDOWS\system32
14:31:59.859 AVAST engine scan C:\WINDOWS\system32\drivers
14:32:14.734 AVAST engine scan C:\Documents and Settings\Computer
14:40:17.734 AVAST engine scan C:\Documents and Settings\All Users
14:41:28.546 Scan finished successfully
14:41:57.140 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Computer\Desktop\logs\MBR.dat"
14:41:57.156 The log file has been saved successfully to "C:\Documents and Settings\Computer\Desktop\logs\aswMBR.txt"


Still having same problems Avast won't start should I uninstall and reinstall so I have a virus protection running or wait until we are done. thanks again for your help.
Bobc5025
Active Member
 
Posts: 8
Joined: July 31st, 2012, 5:49 pm
Advertisement
Register to Remove

Re: internet explorer hijacked

Unread postby deltalima » August 12th, 2012, 3:17 pm

Hi Bobc5025,

Still having same problems Avast won't start should I uninstall and reinstall so I have a virus protection running or wait until we are done


The logs are now looking clean and the rootkit has been removed so please go ahead and reinstall Avast and let me know how the computer is running.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: internet explorer hijacked

Unread postby deltalima » August 15th, 2012, 3:21 pm

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 55 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware