Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

no access to internet for browsers and anti virus software

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

no access to internet for browsers and anti virus software

Unread postby Helmut13 » November 7th, 2014, 2:14 pm

Hello,

when I open an internet browser (Firefox or internet explorer) there is an error message concerning the proxy settings. Additionally it is not possible to update my anti virus and firewall. However, Outlook is running normal and in the windows 7 it looks that there is a normal connection to the internet.
When I change the Firefox settings to no proxy, which is not the usual setting I think, Firefox is working properly. A second computer in the same network is running normal with the stadard Firefox settings: "use proxy settings from the system".

I have attached the DDS logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344
Run by Helmut at 19:00:34 on 2014-11-07
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3574.2285 [GMT 1:00]
.
AV: COMODO Antivirus *Enabled/Outdated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\svchost.exe -k DailytoolsUpdateService
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.de/
uDefault_Page_URL = hxxp://www.dell.com
uProxyServer = hxxp=127.0.0.1:8897;https=127.0.0.1:8897
uProxyOverride = <-loopback>;www.joosoft.com
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.178.1
TCP: Interfaces\{188BEABF-B9F6-4835-8C92-8E17CF4698CB} : DHCPNameServer = 192.168.178.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\users\Helmut\AppData\Roaming\Mozilla\Firefox\Profiles\o2kyk3yy.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2014-3-25 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2014-3-25 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2014-3-25 48360]
R2 DailytoolsUpdateService;DailytoolsUpdateService;C:\Windows\System32\svchost.exe -k DailytoolsUpdateService [2009-7-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-3-25 2264280]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-10-20 111616]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);C:\Windows\System32\drivers\s0016bus.sys [2014-8-2 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;C:\Windows\System32\drivers\s0016mdfl.sys [2014-8-2 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;C:\Windows\System32\drivers\s0016mdm.sys [2014-8-2 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s0016mgmt.sys [2014-8-2 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);C:\Windows\System32\drivers\s0016nd5.sys [2014-8-2 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;C:\Windows\System32\drivers\s0016obex.sys [2014-8-2 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);C:\Windows\System32\drivers\s0016unic.sys [2014-8-2 151592]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
.
=============== Created Last 30 ================
.
2014-10-27 16:33:31 -------- d-----we C:\users
2014-10-23 09:54:25 -------- d-----w- C:\ProgramData\Malwarebytes
2014-10-23 09:52:20 493056 ----a-w- C:\Windows\SysWow64\dhRichClient3.dll
2014-10-23 09:52:20 338432 ----a-w- C:\Windows\SysWow64\sqlite36_engine.dll
2014-10-20 18:37:59 727040 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2014-10-20 18:36:02 276480 ----a-w- C:\Windows\System32\generaltel.dll
2014-10-20 18:36:01 507392 ----a-w- C:\Windows\System32\aepdu.dll
2014-10-20 18:36:01 424448 ----a-w- C:\Windows\System32\aeinv.dll
.
==================== Find3M ====================
.
2014-10-29 13:47:58 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-29 13:47:58 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-09-29 00:58:48 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-09-28 15:08:15 3675824 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-09-25 22:32:04 2017280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02 2108416 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 01:56:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-09-19 01:55:49 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-09-19 01:40:03 547328 ----a-w- C:\Windows\System32\vbscript.dll
2014-09-19 01:39:58 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-09-19 01:36:57 5829632 ----a-w- C:\Windows\System32\jscript9.dll
2014-09-19 01:26:00 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-09-19 01:25:49 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-09-19 01:25:12 4201472 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-09-19 01:25:09 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-09-19 01:18:02 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-09-19 01:01:47 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-09-19 01:01:03 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18 2309632 ----a-w- C:\Windows\System32\wininet.dll
2014-09-19 00:18:55 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11 1810944 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-09-18 02:00:42 3241472 ----a-w- C:\Windows\System32\msi.dll
2014-09-18 01:32:52 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-09-13 01:58:18 77312 ----a-w- C:\Windows\System32\packager.dll
2014-09-13 01:40:05 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-09-04 05:23:20 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-09-04 05:04:15 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
.
============= FINISH: 19:10:03,74 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 23.06.2014 09:32:17
System Uptime: 07.11.2014 18:29:40 (1 hours ago)
.
Motherboard: Dell Inc. | | 0HH807
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Microprocessor | 2793/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 41,047 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 811,811 GiB free.
E: is CDROM ()
F: is FIXED (NTFS) - 932 GiB total, 467,63 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP50: 28.10.2014 18:12:07 - Windows-Sicherung
RP51: 03.11.2014 10:08:04 - Windows-Sicherung
.
==== Installed Programs ======================
.
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09) - Deutsch
ArcSoft PhotoStudio 5.5
AVM FRITZ!Box Dokumentation
AVM FRITZ!Box Druckeranschluss
Canon MP Navigator EX 2.0
Canon Utilities Solution Menu
CanoScan LiDE 100 Scanner Driver
COMODO Internet Security Premium
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
dm-Fotowelt
ElsterFormular
Intel(R) Graphics Media Accelerator Driver
Microsoft .NET Framework 4.5.1
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Groove MUI (German) 2010
Microsoft Office InfoPath MUI (German) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Word MUI (German) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 32.0.3 (x86 de)
Mozilla Maintenance Service
PDFCreator
QuickTime
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
STAMP Remote Client 2.2.3
Steuer 2013
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
VLC media player 2.1.4
Windows 7 USB/DVD Download Tool
Yahoo Community Smartbar
.
==== End Of File ===========================

Thank you very much
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm
Advertisement
Register to Remove

Re: no access to internet for browsers and anti virus softwa

Unread postby Cypher » November 8th, 2014, 11:08 am

Hi and welcome back to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Remember, absence of symptoms does not mean the infection is all gone.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Next.

I need you to run further scans for me.
Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
Important: Save all tools i ask you to download to your Desktop, if you don't know how to do this just ask.



Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Right click on adwcleaner.exe and select " Run as administrator " to run it.
  • Click on Scan.
  • When the scan has finished, uncheck any entries you don't want to remove, then click on Clean.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next.

Please download RogueKiller by Tigzy and save it to your desktop.
  • Allow the download if prompted by your security software and please close all your programs.
  • Right click on RogueKiller.exe and select " Run as administrator " to run it.
  • If it does not run, please try a few times.
  • Wait for PreScan to finish, then click on Scan.
  • Once completed, a log called RKreport[1].txt will be created on the desktop. It can also be accessed via the Report button.
  • Please copy and paste the contents of that log in your next reply.

Next.

Please download FRST ... by Farbar, from the link below and save it to your Desktop.

For 32 bit Systems

For 64 bit Systems

  • Right-click FRST.exe and select " Run as administrator " to run it.
  • When the tool opens click Yes to the disclaimer.
  • Press Scan button. ... When finished a log will be created, FRST.txt.
  • Please post the content of the FRST.txt in your next reply.
  • The first time the tool is run, it will create another log... Addition.txt.
  • Please post the content of the Addition.txt in your next reply.

Logs/Information to Post in your Next Reply

  • AdwCleaner log.
  • RKreport.
  • FRST.txt and Addition.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 8th, 2014, 2:50 pm

Hello,

first of all thank you very much for your help!

Below is the log of the registry backup because there were some errors:

[08.11.2014 - 19:17:02] System Variables
[08.11.2014 - 19:17:02] --------------------------------------------------------------------------------
[08.11.2014 - 19:17:02] Use Fallback Backup Method: 1 (0 = No, 1 = Yes)
[08.11.2014 - 19:17:02] VSS exe To Use: vss_7_8_2008_2012_64.exe
[08.11.2014 - 19:17:02] Windows Drive: C:
[08.11.2014 - 19:17:02] Windows Folder: Windows
[08.11.2014 - 19:17:02] Windows Path: C:\Windows
[08.11.2014 - 19:17:02] Registry File Location: C:\Windows\System32\Config
[08.11.2014 - 19:17:02] Current Profile: C:\Users\Helmut
[08.11.2014 - 19:17:02] Current Profile SID: S-1-5-21-2926892846-657510045-2730111532-1000
[08.11.2014 - 19:17:02] Current Profile Classes: S-1-5-21-2926892846-657510045-2730111532-1000_Classes
[08.11.2014 - 19:17:02] Profiles Location: C:\Users
[08.11.2014 - 19:17:02] Profiles Location 2: C:\Windows\ServiceProfiles
[08.11.2014 - 19:17:02] Local Settings AppData: AppData\Local
[08.11.2014 - 19:17:02] Computer Name: COMPUTER
[08.11.2014 - 19:17:02] OS: Microsoft Windows 7 Professional (64-bit)
[08.11.2014 - 19:17:02] OS Architecture: 64-bit
[08.11.2014 - 19:17:02] OS Version: 6.1.7601
[08.11.2014 - 19:17:02] OS Service Pack: Service Pack 1
[08.11.2014 - 19:17:02] --------------------------------------------------------------------------------

[08.11.2014 - 19:17:02] Backup Location: C:\RegBackup\

[08.11.2014 - 19:17:02] Starting: C:\Program Files (x86)\Tweaking.com\Registry Backup\files\vss_start.exe C:\RegBackup\COMPUTER\08.11.2014_19.17.02\Log_Vss.txt|vss_7_8_2008_2012_64.exe|B:

[08.11.2014 - 19:17:02] Waiting for Volume Shadow Copy snapshot...

[08.11.2014 - 19:17:58] Auto Delete Old Backups Enabled, Working...
[08.11.2014 - 19:17:58] --------------------------------------------------------------------------------
[08.11.2014 - 19:17:58] --------------------------------------------------------------------------------

[08.11.2014 - 19:17:58] Starting Backup...

[08.11.2014 - 19:17:58] Files To Backup:
[08.11.2014 - 19:17:58] --------------------------------------------------------------------------------
[08.11.2014 - 19:17:58] C:\Windows\System32\Config\components
[08.11.2014 - 19:17:58] C:\Windows\System32\Config\default
[08.11.2014 - 19:17:58] C:\Windows\System32\Config\sam
[08.11.2014 - 19:17:58] C:\Windows\System32\Config\security
[08.11.2014 - 19:17:58] C:\Windows\System32\Config\software
[08.11.2014 - 19:17:58] C:\Windows\System32\Config\system
[08.11.2014 - 19:17:58] C:\Users\Default\ntuser.dat
[08.11.2014 - 19:17:58] C:\Users\Helmut\AppData\Local\Microsoft\Windows\UsrClass.dat
[08.11.2014 - 19:17:58] C:\Users\Helmut\ntuser.dat
[08.11.2014 - 19:17:58] C:\Users\Monika\AppData\Local\Microsoft\Windows\UsrClass.dat
[08.11.2014 - 19:17:58] C:\Users\Monika\ntuser.dat
[08.11.2014 - 19:17:58] C:\Users\Rita\AppData\Local\Microsoft\Windows\UsrClass.dat
[08.11.2014 - 19:17:58] C:\Users\Rita\ntuser.dat
[08.11.2014 - 19:17:58] C:\Windows\ServiceProfiles\LocalService\ntuser.dat
[08.11.2014 - 19:17:58] C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
[08.11.2014 - 19:17:58] --------------------------------------------------------------------------------

[08.11.2014 - 19:17:58] Backing Up Files...:
[08.11.2014 - 19:17:58] --------------------------------------------------------------------------------
[08.11.2014 - 19:17:58] Backing Up File: C:\Windows\System32\Config\components
[08.11.2014 - 19:17:59] Result: Successful (42,25 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\System32\Config\components

[08.11.2014 - 19:17:59] Backing Up File: C:\Windows\System32\Config\default
[08.11.2014 - 19:17:59] Result: Successful (768,00 KB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\System32\Config\default

[08.11.2014 - 19:17:59] Backing Up File: C:\Windows\System32\Config\sam
[08.11.2014 - 19:17:59] Result: Successful (256,00 KB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\System32\Config\sam

[08.11.2014 - 19:17:59] Backing Up File: C:\Windows\System32\Config\security
[08.11.2014 - 19:17:59] Result: Successful (256,00 KB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\System32\Config\security

[08.11.2014 - 19:17:59] Backing Up File: C:\Windows\System32\Config\software
[08.11.2014 - 19:18:01] Result: Successful (65,75 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\System32\Config\software

[08.11.2014 - 19:18:01] Backing Up File: C:\Windows\System32\Config\system
[08.11.2014 - 19:18:01] Result: Successful (13,25 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\System32\Config\system

[08.11.2014 - 19:18:01] Backing Up File: C:\Users\Default\ntuser.dat
[08.11.2014 - 19:18:01] Result: Successful (256,00 KB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Users\Default\ntuser.dat

[08.11.2014 - 19:18:01] Backing Up File: C:\Users\Helmut\AppData\Local\Microsoft\Windows\UsrClass.dat
[08.11.2014 - 19:18:01] Result: Failed - Error: 32: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


[08.11.2014 - 19:18:01] Backing Up File: C:\Users\Helmut\ntuser.dat
[08.11.2014 - 19:18:01] Result: Failed - Error: 32: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


[08.11.2014 - 19:18:01] Backing Up File: C:\Users\Monika\AppData\Local\Microsoft\Windows\UsrClass.dat
[08.11.2014 - 19:18:01] Result: Successful (2,25 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Users\Monika\AppData\Local\Microsoft\Windows\UsrClass.dat

[08.11.2014 - 19:18:01] Backing Up File: C:\Users\Monika\ntuser.dat
[08.11.2014 - 19:18:02] Result: Successful (1,25 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Users\Monika\ntuser.dat

[08.11.2014 - 19:18:02] Backing Up File: C:\Users\Rita\AppData\Local\Microsoft\Windows\UsrClass.dat
[08.11.2014 - 19:18:02] Result: Successful (1,25 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Users\Rita\AppData\Local\Microsoft\Windows\UsrClass.dat

[08.11.2014 - 19:18:02] Backing Up File: C:\Users\Rita\ntuser.dat
[08.11.2014 - 19:18:02] Result: Successful (1,00 MB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Users\Rita\ntuser.dat

[08.11.2014 - 19:18:02] Backing Up File: C:\Windows\ServiceProfiles\LocalService\ntuser.dat
[08.11.2014 - 19:18:02] Result: Successful (256,00 KB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\ServiceProfiles\LocalService\ntuser.dat

[08.11.2014 - 19:18:02] Backing Up File: C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
[08.11.2014 - 19:18:02] Result: Successful (512,00 KB) - C:\RegBackup\COMPUTER\08.11.2014_19.17.02\C\Windows\ServiceProfiles\NetworkService\ntuser.dat

[08.11.2014 - 19:18:02] Total Size: 129,25 MB

[08.11.2014 - 19:18:02] --------------------------------------------------------------------------------

[08.11.2014 - 19:18:02] Creating DOS restore bat file for use in the Windows Recovery Console:
[08.11.2014 - 19:18:02] --------------------------------------------------------------------------------
[08.11.2014 - 19:18:02] Already Exists: C:\Windows\tweaking.com-regbackup-COMPUTER-Microsoft-Windows-7-Professional-(64-bit).dat for use in the dos_restore.cmd file
[08.11.2014 - 19:18:02] Done: C:\RegBackup\COMPUTER\08.11.2014_19.17.02\dos_restore.cmd
[08.11.2014 - 19:18:02] --------------------------------------------------------------------------------
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 8th, 2014, 2:51 pm

# AdwCleaner v4.100 - Bericht erstellt am 08/11/2014 um 19:26:11
# DB v2014-11-07.1
# Aktualisiert 08/11/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Helmut - COMPUTER
# Gestartet von : C:\users\Helmut\Desktop\adwcleaner_4.100.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : DailytoolsUpdateService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Dailytools
Ordner Gelöscht : C:\Program Files (x86)\Search
Ordner Gelöscht : C:\Program Files\Dailytools
Ordner Gelöscht : C:\Users\Helmut\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Monika\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\Monika\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Monika\AppData\Roaming\OpenCandy
Datei Gelöscht : C:\Windows\SysWOW64\update1.dll

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsInstallerService]
Wert Gelöscht : HKLM\SOFTWARE\microsoft\windows nt\currentversion\svchost [DailytoolsUpdateService]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v32.0.3 (x86 de)


*************************

AdwCleaner[R0].txt - [3903 octets] - [08/11/2014 19:22:01]
AdwCleaner[S0].txt - [3739 octets] - [08/11/2014 19:26:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3799 octets] ##########
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 8th, 2014, 2:52 pm

RogueKiller V10.0.4.0 [Oct 29 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Helmut [Administrator]
Mode : Scan -- Date : 11/08/2014 19:40:20

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 66 ¤¤¤
[Hj.Name] (X64) HKEY_USERS\RK_Default_ON_D_2411\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe -> Found
[Hj.Name] (X86) HKEY_USERS\RK_Default_ON_D_2411\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe -> Found
[Hj.Name] (X64) HKEY_USERS\RK_Default_ON_F_E0A7\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe -> Found
[Hj.Name] (X86) HKEY_USERS\RK_Default_ON_F_E0A7\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe -> Found
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
[PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com -> Found
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : www.google.com -> Found
[PUM.StartMenu] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X64) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X64) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] o2kyk3yy.default : user_pref("browser.startup.homepage", "www.google.de"); -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD080HJ/P ATA Device +++++
--- User ---
[MBR] cf98189a72125b067836d2521205c493
[BSP] 6832a645c4af6fdac5fa13740ebd2657 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 76191 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SAMSUNG HD103SJ ATA Device +++++
--- User ---
[MBR] ad67814fbd8520eb544d37a0f6df8cdb
[BSP] 4f0ce7a892be822d9904587220ec4c9b : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ST310005 28AS USB Device +++++
--- User ---
[MBR] 7435b395373533bcd39085cd12602a0e
[BSP] 3a263ec662f61a27d74cd7a536bc3337 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 953867 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Die Anforderung wird nicht unterstützt. )
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 8th, 2014, 2:53 pm

for the FRST64 scan I have no logs, because after the scan there was some message from windows the the file ...txt does not exist and if I want to create it, but I was not able to create it.
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Cypher » November 8th, 2014, 3:03 pm

Helmut13 wrote:for the FRST64 scan I have no logs, because after the scan there was some message from windows the the file ...txt does not exist and if I want to create it, but I was not able to create it.

Ok lets try a different scanner, but first i need to to run a fix with RogueKiller.

  • Right click on RogueKiller.exe and select " Run as administrator " to run it.
  • If it does not run, please try a few times.
  • Wait for PreScan to finish, then click on Scan.
  • When the Status box shows Scan Finished, click the Registry tab and locate these detections:
    [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyEnable : 1 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_D_8064\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Monika_ON_F_46B4\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_D_91B0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\RK_Rita_ON_F_7DC9\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-2926892846-657510045-2730111532-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
    [PUM.Proxy] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:8897;https=127.0.0.1:8897 -> Found
  • Place a checkmark next to each of these items, leave the others unchecked.
  • Now press the Delete button.
  • Once completed, a log called RKreport[1].txt will be created on the desktop. It can also be accessed via the Report button.
  • Please copy and paste the contents of that log in your next reply.

Next.

Please download OTL by Old Timer and save it to your Desktop.

  • Right click on OTL.exe And select Run as administrator to run it.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Logs/Information to Post in your Next Reply

  • RKreport.
  • OTL.txt and Extra.txt contents.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 10th, 2014, 1:21 pm

Today it was the first time after my last post that I started the computer. Unfortunately during start a blue screen appeared and after a few seconds the computer restarted. My system is in german, so the wording (my translation to english) in the following sentences is probably not the same on english system. After the restart there were to options: to start windows normally -> same result, blue screen or to start windows with help. For start with help windows was searching for problems and asked me to do a recovery to a former status. I made it and than windows started. There are three user profiles installed and when I click on mine (administrator) it took some time to create the desktop. In the end I was only in a temporary profile and not my desktop, documents and so on.

Maybe I have to mention, that I have all the user data on a separate hard disk and a link from the system drive to the other hard disk.

I do not know how to continue. Maybe I can do your last task from this temporary profile, but I am not sure.
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Cypher » November 10th, 2014, 2:11 pm

Try this then let me know the result.

Last Known Good Configuration
  • If the computer is still on shut it down.
  • Turn the computer on, and begin tapping the F8 key (if this doesn't work try the F5 key).
  • When the Windows Advanced Options menu appears, use the ARROW keys to select Last Known Good Configuration (your most recent settings that worked), and then press ENTER.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 10th, 2014, 2:22 pm

I started in last known good configuration and I got to a temporary pofile like before.
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Cypher » November 10th, 2014, 2:37 pm

Next thing to try is restoring your computer to an earlies point.

  • Please click Start, right-click on computer then go to properties > System protection.
  • In the pop-up window that opens click System restore > Next.
  • You should now see a list of system restore points.
  • If you don't, check/tick Show more restore points.
  • Chose the restore point just prior to this problem starting.
  • Then click Next, then follow the prompts.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 10th, 2014, 3:35 pm

I used the restore point from Nov 3rd, which was before my posts including the logs, but unfortunately it is the same situation like before (temporary profile), despite there was a windows message after the restart that the restoring was successful.

Is it possible to use my backup of the registry?

I also saw in my security software (COMODO) that Websearch is downloading several megabytes from the internet.
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Cypher » November 11th, 2014, 7:02 am

Helmut13 wrote:I used the restore point from Nov 3rd, which was before my posts including the logs, but unfortunately it is the same situation like before (temporary profile), despite there was a windows message after the restart that the restoring was successful.
We need to sort this problem out before we can continue to clean your computer.
As i see it you have two options, i can direct you to a forum that deals with these type of problems, then you can come back hear and we can help you clean the machine.
Or you can reformat the computer and reinstall the operating system, i think this is your best and quickest option.
What would you like to do?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: no access to internet for browsers and anti virus softwa

Unread postby Helmut13 » November 11th, 2014, 12:51 pm

I think you are right that a reinstallation is the best solution. As I already mentioned, I shifted the user profiles to a second hard disk and created a link with the following command, when windows is started from DVD:
mklink e:\users d:\users /j

Does it mean that after the windows reinstallation I only have to delete the users folder on the system drive and created this link again and everything (user profiles including documents, settings, ...) is like before?

The tutorial I used for the shift of the profiles can be found here (in german):

http://www.com-magazin.de/praxis/window ... erschieben
Helmut13
Regular Member
 
Posts: 75
Joined: May 30th, 2011, 3:05 pm

Re: no access to internet for browsers and anti virus softwa

Unread postby Cypher » November 11th, 2014, 12:57 pm

Helmut13 wrote:I think you are right that a reinstallation is the best solution. As I already mentioned, I shifted the user profiles to a second hard disk and created a link with the following command, when windows is started from DVD:
mklink e:\users d:\users /j

Does it mean that after the windows reinstallation I only have to delete the users folder on the system drive and created this link again and everything (user profiles including documents, settings, ...) is like before?

The tutorial I used for the shift of the profiles can be found here (in german):

http://www.com-magazin.de/praxis/window ... erschieben

You can give it a try and see if it works, but you might have do a complete reformat to factory settings.
I know this is something you may not want to do, but it might be the only option.
Let me know how it goes.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 46 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware