Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91701 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Unwanted pop ups and programs on computer - please help [Solved]


  • This topic is locked This topic is locked
44 replies to this topic

#1 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 03:13 AM

hi.  I am writing concerning unwanted programs and pop ups on my wife's / children's computer.

 

it uses windows 8.

 

I am unable to post from my wifes computer - cannot seem to copy and paste the hijack log.  gave up trying and am posting from my computer.

 

(OTL DDS Hijack this )    when downloading the programs to run, I was only able to d/l hijack this.   there was a pop up box saying because of the security settings it wont be able to run a full scan.   I have pasted what it found below.  also one of the popups mentioned problems with enabling java.  I googled how to enable java, and tried, but the box I needed to click on internet options was greyed out so I didn't carry on.

 

Back to the computer in question - programs that have been downloaded to the computer and are hard to remove are optimizer pro, speed up my pc, safe search.  

 

when I use internet explorer or chrome random web pages pop up - for example - safe search, pc repair, pc driver, windows pc repair.    when i do a google search the result pops up, sometimes, under a new webpage called search.smartshopping.com.  web pages will pop up asking if i want to download drivers for a video player and porn chat sites called Jasmine.  ( though I don't think anyone has viewed porn on this computer )

 

the problem stems from my daughter I believe -  who downloads video players and editors, (she likes taking videos and editing them ) - and she doesn't read what else she might be downloading and just clicks accept accept accept.   when downloading you normally get 2 or 3 extra pop up boxes which asks if you want to download some random program that you don't want or need.

 

if you are able to start assisting me, can you please provide the website to download otl or dds.

 

thanks for any help, and any questions pls ask.

 

 

 

 

 

 

 

 

hijack this log

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:21:46, on 02/07/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
C:\Program Files (x86)\SoftPlanet Software Assistant\spassist.exe
C:\Program Files (x86)\HomeTab\WBrowserArmor.exe
C:\Program Files (x86)\HomeTab\WBrokerProductivity.exe
C:\Users\monthita\AppData\Local\fst_gb_36\upfst_gb_36.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\ProgramData\Updater\updater.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
C:\Program Files (x86)\fst_gb_36\fst_gb_36.exe
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
C:\ProgramData\ZombieAlert\ZombieAlert.exe
C:\WINDOWS\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\program files (x86)\hq-video-pro-1.6\hq-video-pro-1.6-bg.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\HomeTab\IE\wdapimng.exe
C:\Users\monthita\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.safesearc...dd-944a026cda73
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certif...F5B&st=chrome=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...F5B&st=chrome=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certif...F5B&st=chrome=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.safesearc...dd-944a026cda73
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=344457d1f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...&q={searchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certif...F5B&st=chrome=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?t...psd&t=344457d1f
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...F5B&st=chrome=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperba...014&type=hp7000
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certif...F5B&st=chrome=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.certif...5074BE9F5B&q=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.certif...5074BE9F5B&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: KainggCouapuon - {04A327F7-1820-C7E3-F8BF-DAF9EC1DBDD7} - C:\ProgramData\KainggCouapuon\C.dll
O2 - BHO: CrossriderApp0052924 - {11111111-1111-1111-1111-110511291124} - C:\Program Files (x86)\HQ-Video-Pro-1.6\HQ-Video-Pro-1.6-bho.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Yahoo Community Smartbar (by Linkury)Engine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll
O2 - BHO: PETN - {6918B055-65BB-46DF-A1EA-18728587BC31} - C:\Users\monthita\AppData\Local\TidyNetwork\petn.dll (file missing)
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\IPS\IPSBHO.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
O2 - BHO: HomeTab - {8b617b00-279e-42ff-beac-1f7a8f41ca13} - C:\Program Files (x86)\HomeTab\IE\HomeTab.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SafeSearch - {e27d5867-80de-4449-9c03-71707c0db05b} - C:\Program Files\SafeSearch\ie\adxloader.dll
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - (no file)
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\coIEPlg.dll
O3 - Toolbar: SafeSearch Toolbar - {fc0c0170-4eb0-430d-a7f3-939ee7ea1a25} - C:\Program Files\SafeSearch\ie\adxloader.dll
O3 - Toolbar: FindWide Toolbar - {C82F7DC7-1240-4BA9-8ADF-6B1E5FA33E44} - C:\Program Files (x86)\TNT2\Profiles\10811\passport.dll
O3 - Toolbar: Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O3 - Toolbar: HomeTab - {8b617b00-279e-42ff-beac-1f7a8f41ca13} - C:\Program Files (x86)\HomeTab\IE\HomeTab.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Updater] C:\ProgramData\Updater\Updater.exe
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [Registry Helper] "C:\Program Files (x86)\Registry Helper\RegistryHelper.Exe" /boot
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [fst_gb_36] "C:\Program Files (x86)\fst_gb_36\fst_gb_36.exe"
O4 - HKLM\..\RunOnce: [upfst_gb_36.exe] C:\Users\monthita\AppData\Local\fst_gb_36\upfst_gb_36.exe -runonce
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\monthita\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Updater] C:\ProgramData\Updater\updater.exe
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [PriceMeterW] "C:\Users\monthita\AppData\Local\PriceMeter\pricemeterw.exe"
O4 - HKUS\S-1-5-21-3474511871-1524528776-1052004353-1005\..\Run: [Updater] C:\ProgramData\Updater\updater.exe (User 'barbi_000')
O4 - HKUS\S-1-5-21-3474511871-1524528776-1052004353-1005\..\Run: [Facebook Update] "C:\Users\barbi_000\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver (User 'barbi_000')
O4 - Startup: Monitor Ink Alerts - HP Photosmart 5520 series.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: buuoujqmrk64 - Unknown owner - C:\Program Files\003\buuoujqmrk64.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\21.3.0.12\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PriceMeterLiveUpdate Service (pricemeterliveUpdate) (pricemeterliveUpdate) - PriceMeter - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
O23 - Service: PriceMeterLiveUpdate Service (pricemeterliveUpdatem) (pricemeterliveUpdatem) - PriceMeter - C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SupraSavingsService64 - Unknown owner - C:\Program Files (x86)\785674F4-68DB-4E63-B2CD-6B988044FC9A\SupraSavingsService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zombie Alert (ZombieAlert) - Creative Island Media, LLC - C:\ProgramData\ZombieAlert\ZombieAlertService.exe

--
End of file - 15997 bytes

 

 


    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 02 July 2014 - 05:25 AM

:welcome:

 

Glad you posted back about your wifes computer, since this is windows 8 , DDS and some other programs wont work

 

Lets see if we can get aswMBR and AdwCleaner to run

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
 
I just want to see the report....Please Do Not Fix Anything
 
 
 
 
 
 
-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
 
 
 
 
thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  •  
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 

Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#3 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 07:54 AM

hi

 

I am making progress but I cannot seem to copy /paste results or attach a doc.     I will have to do a school run now, and email myself the results and reply visa my own computer.  hopefully within 1  1/2 hours

 

bye for now



#4 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 02 July 2014 - 08:11 AM

Great, take your time 


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#5 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 08:53 AM

  ( I am posting from my computer - not my wifes )

 

hi  the mbr.dat cannot be attached - your website wont allow me,  and I cannot open it

 

FYI - while I have been running the programs - I have had a web page pop up asking to download  software updater. 

 

I am running adwcleaner now

Attached Files



#6 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 02 July 2014 - 09:01 AM

I dont need to see the aswMBR..dat file so not to worry.  Do not install software updater.  Looking at your logs now


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#7 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 09:16 AM

I am carrying on using adwcleaner.  it is a bit slow

 

this is the file after I services.    I am scanning folders now

Attached Files



#8 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 09:33 AM

folders

Attached Files



#9 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 02 July 2014 - 09:33 AM

Where on a roll.  When your done with AdwCleaner lets run Malwarebytes 

 

 
 
bullseye_zpse9eaf36e.gif Malwarebytes' Anti-Malware
 
Download Malwarebytes' Anti-Malware (save it to your desktop).  
  •  
  •  
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
 
 
  • Select the Scan tab.
 
MBAMDashboard_zpsddef9b5f.gif
 
 
  • Select type of scan to perform:
 
MBAMScanTab_zps2c5e74bd.gif
 
  •  
  • Threat Scan < --- Select this type of scan
  • Custom Scan
  • Hyper Scan
 
 
  • Next click the Scan Now button.
  • When the scan is complete, if no malicious items are found you can close the program.
  • If malicious items are found be sure that everything is checked, and click Quarantine .
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
 
 

Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#10 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 09:47 AM

files

Attached Files


    Advertisements

Register to Remove


#11 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 10:00 AM

shortcuts

Attached Files



#12 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 10:22 AM

registry

Attached Files



#13 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 10:56 AM

internet exp

Attached Files



#14 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 02 July 2014 - 11:01 AM

:thumbup:

 

Lets see what Malwarebytes finds


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#15 kunash

kunash

    Authentic Member

  • Authentic Member
  • PipPip
  • 73 posts

Posted 02 July 2014 - 11:14 AM

chrome

Attached Files


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users