Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Chitka/facebook pop-up


  • This topic is locked This topic is locked
9 replies to this topic

#1 Danyah

Danyah

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:27 PM

Posted 15 March 2013 - 03:06 PM

Hello, good evening,

 

 

I recently started getting pop-ups in firefox, and my virusscanner, nor malwarebytes seem to be able to find anything. I was wondering if anyone has advice on how to get rid of it?

 

 

greetings,

 

 

Danyah



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:27 AM

Posted 15 March 2013 - 03:12 PM

Welcome Danyah

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Report IE Proxy Settings
  • List Installed Programs
  • Hosts

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Danyah

Danyah
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:27 PM

Posted 15 March 2013 - 04:10 PM

Thank you very much:

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by The Planet Ego (administrator) on 15-03-2013 at 22:09:09
Running from "C:\Users\The Planet Ego\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

::1             localhost



198.15.104.132 www.google-analytics.com.
198.15.104.132 ad-emea.doubleclick.net.
198.15.104.132 www.statcounter.com.
72.29.93.243 www.google-analytics.com.
72.29.93.243 ad-emea.doubleclick.net.
72.29.93.243 www.statcounter.com.

127.0.0.1       localhost


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 6.2.1)
7-Zip 9.20
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (Version: 11.6.602.180)
Adobe Reader 9.4.7 (Version: 9.4.7)
Adobe Reader 9.5.4 (Version: 9.5.4)
avast! Free Antivirus (Version: 8.0.1483.0)
Baldur's Gate™ II - Shadows of Amn™
Belgium e-ID middleware 3.5.3 (build 6295) (Version: 3.5.6295)
Bing Bar (Version: 7.0.850.0)
BitComet 1.29 (Version: 1.29)
BufferChm (Version: 130.0.331.000)
CCleaner (Version: 2.30)
Compatibiliteitspakket voor het 2007 Microsoft Office system (Version: 12.0.6612.1000)
Copy (Version: 130.0.366.000)
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
Diagnostisch hulpprogramma voor hardware (Version: 6.0.5247.34)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
DJ_AIO_06_F2400_SW_Min (Version: 130.0.373.000)
Dropbox (Version: 1.1.35)
Easy MP3 Alarm Clock 1.0
EasyRename
F2400 (Version: 130.0.373.000)
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP Advisor (Version: 3.3.12286.3436)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Odometer (Version: 2.10.0000)
HP Print Projects 1.0 (Version: 1.0)
HP Product Detection (Version: 11.14.0001)
HP Remote Solution (Version: 1.1.11.0)
HP Remote Solution (Version: 1.1.12.0)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (Version: 6.0.5.4)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
K-Lite Mega Codec Pack 6.9.0 (Version: 6.9.0)
LabelPrint (Version: 2.5.2017)
LightScribe System Software (Version: 1.18.8.1)
Magic: The Gathering - Duels of the Planeswalkers
Magic: The Gathering — Duels of the Planeswalkers 2012
Magic: The Gathering - Duels of the Planeswalkers 2013
MagicDisc 2.7.106
Malwarebytes Anti-Malware versie 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office PowerPoint Viewer 2007 (Dutch) (Version: 12.0.6612.1000)
Microsoft Office XP Professional (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 19.0.2 (x86 nl) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3405)
QuickTime
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
Recovery Manager (Version: 5.5.2216)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.373.000)
Steam (Version: 1.0.0.0)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Trend Micro RUBotted 2.0 Beta (Version: 2.0.0.1030)
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 2.0.5 (Version: 2.0.5)
WebReg (Version: 130.0.132.017)
Winamp (Version: 5.621 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
ZoneAlarm LTD Toolbar

**** End of log ****
 


Edited by Danyah, 15 March 2013 - 04:19 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:27 AM

Posted 15 March 2013 - 04:19 PM

You're welcome

 

Your orial51.html"]HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go [url="http://support.microsoft.com/kb/972034"]HERE[/url] click the MSFixit.png button.  Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

I'll be back on in a couple hours.


 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Danyah

Danyah
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:27 PM

Posted 15 March 2013 - 04:55 PM

Some of it is in dutch:

 

# AdwCleaner v2.114 - Verslag gemaakt op 15/03/2013 om 22:48:04
# Geactualiseerd op 05/03/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : The Planet Ego - THEPLANETEGO-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\The Planet Ego\Desktop\AdwCleaner.exe
# Optie [Verwijderen]


***** [Diensten] *****


***** [Files / Mappen] *****

Map Verwijdert : C:\Users\The Planet Ego\AppData\Roaming\Mozilla\Firefox\Profiles\en5r9sq0.default\jetpack (removed)

***** [Register] *****


***** [Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[OK] Het register bevat geen enkele ongeoorloofde invoer. (no illegitimate entry)

-\\ Mozilla Firefox v19.0.2 (nl)

File : C:\Users\The Planet Ego\AppData\Roaming\Mozilla\Firefox\Profiles\en5r9sq0.default\prefs.js

[OK] De file bevat geen enkele ongeoorloofde invoer. (no illegitimate entry)

*************************

AdwCleaner[R1].txt - [9169 octets] - [15/03/2013 10:06:40]
AdwCleaner[S1].txt - [9276 octets] - [15/03/2013 10:07:04]
AdwCleaner[S2].txt - [1027 octets] - [15/03/2013 22:48:04]

########## EOF - C:\AdwCleaner[S2].txt - [1087 octets] ##########

 

 

Thank you very much, I''ll be back on tommorow.
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:27 AM

Posted 15 March 2013 - 07:55 PM

Dutch is OK,we have 2 Dutch staffers ,so f I get stuck I can ask.

The pop is gone?

 

Go into Control Panel>>Programs>>Uninstall and uninstall these.....(x64 or 64bits if asked)

These apps when outdated can be exploited by malware.

 

Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Reader 9.4.7 (Version: 9.4.7)
Adobe Reader 9.5.4 (Version: 9.5.4)

Java 7 Update 15 (Version: 7.0.150)

 

Reboot then install these

NOTE: untick any boxes that want to install additional items like Toolbars etc..

Adobe AIR 3.6

Adobe Reader XI

Java Version 7 Update 17 


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Danyah

Danyah
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:27 PM

Posted 16 March 2013 - 07:30 AM

Hello,

 

 

I uninstalled the outdated software, replaced them, but it didn't seem to work. The pop-up is still there.

 

 

Thanks



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:27 AM

Posted 16 March 2013 - 10:02 AM

Then it is being protected and we to dig it out.

 

I think we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Danyah

Danyah
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:27 PM

Posted 10 April 2013 - 11:16 AM

After being away for a while I did as aked here:

 

http://www.bleepingcomputer.com/forums/t/491298/chitka-pop-up-problem-in-mozilla-bottom-left-and-right-corner/

 

Thanks!



 


Edited by Danyah, 10 April 2013 - 11:16 AM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:27 AM

Posted 10 April 2013 - 03:33 PM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 2 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users