Browsers Stopped Working Properly. Help!

[iSheesh]

It was yesterday 17 of September 2012, when i was downloading a song from "http://www.2shared.com/" clicked on the link and then it automatically downloaded a software instead it was dxDownloader or something i can't remember as i unistalled it, when i am done installing it,
Google Chrome that was still running crashed so i closed & open to access to the net eventually prompts from Microsoft Windows kept popping out saying "Google Chrome has stopped working", same goes to my Internet Explorer & Firefox ever since.

This are the scan logs that i did as following:

• RKreport.txt from RogueKiller
  Malwarebytes Anti-Malware log
  TDSSKiller log - : No threats found(i will post when requested)
  HitmanPro log
  MGlogs

[chaslang]

Welcome to Major Geeks!

We need to correct log from MGtools which is C:\MGlogs.zip as stated in the instructions. What you attached is a hijackthis log that you renamed to MGlogs.log

Also you need to attach the correct log from RogueKiller.

[iSheesh]

I hope this the right one, by the way i am running on a Windows Vista, 32 bit

[chaslang]

Quote:

Originally Posted by iSheesh

It was yesterday 17 of September 2012, when i was downloading a song from "http://www.2shared.com/" clicked on the link and then it automatically downloaded a software instead it was dxDownloader or something i

Do you mean the below which I see on your PC? I need to know exactly before continuing:

http://www.portablefreeware.com/?id=1217


I do see the below in your RogueKiller log:

[TASK][SUSP PATH] WxDFastUpdaterTask{45BCB617-994D-431D-9837-38BDF6650BA1}.job : C:\ProgramData\Premium\WxDFast\WxDFast.exe -> FOUND
[TASK][SUSP PATH] OptimizerPro1UpdaterTask{9E8F7B10-91C8-4FE7-887E-4D232701C2C0}.job : C:\ProgramData\Premium\OptimizerPro1\OptimizerPro1.exe -> FOUND

And the below shows in your installed programs list
WxDFast

And I see the below was recently installed. Why and are you sure it is not the cause of your problem?
sprotector 1.62


See things it can do >>http://grvq.com/showpad.php?title=Network%20Security%20Protector&company=Getfreefile


Also Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista or Win 7, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"

After clicking Fix, exit HJT.

Then delete the below folder
C:\Program Files\Common Files\Spigot

[iSheesh]

I followed the steps as instructed but problems isn't resolved:


Yes it's the WxDFast that is seen on my PC and while it was installing somehow OptimizerPro1 also automatically installs
there's another Microsoft Windows prompt which i am getting is :
Windows host process (RUNdll32) has stopped working

And as for sprotector 1.62 i don't remember installing it any any point of time, it's a malware shown when i scan my PC with HitmanPRO but i don't know how to deal with it

This two were identified treats to HitmanPro:
sprotector.dll
C:\Program files\Sprotector\
sprote~1.dll
C:\progra~1.dll\sprote~1\

[chaslang]

So go to Add/Remove Programs and uninstall each of the below:
OptimizerPro1
sprotector 1.62
WxDFast

Then reboot your PC. After reboot, do the below.

Rerun Hitman and allow it to fix anything it finds from the above programs. If it does find anything to remove, reboot afterwards and then run a new Hitman scan to and save a new log to attach.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• the new Hitman log
• C:\MGlogs.zip

[iSheesh]

Done as instructed, everything seems to be normal now all browsers worked perfectly
my google homepage was back and the stubborn automatic gadgetbox homepage was gone!

Here are the logs :

[chaslang]

Excellent news.

I would also delete the below folder:
C:\ProgramData\SpeedyPC Software


If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware. You can uninstall RogueKiller and HitManPro.
2. Go back to step 6 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
4. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
5. Go to add/remove programs and uninstall HijackThis.
6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders
   related to MGtools and some other items from our cleaning procedures.
7. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
   • Refer to the cleaning procedures pointed to by step 7 of the READ ME
     for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
   • Then reboot and Enable System Restore to create a new clean Restore Point.
8. After doing the above, you should work thru the below link:
   • How to Protect yourself from malware!