Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy virus


  • This topic is locked This topic is locked
3 replies to this topic

#1 DarkSt4r0251

DarkSt4r0251

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 24 May 2014 - 12:21 PM

Hello, I have been getting a lot of pop-ups when I am on google chrome and I have been getting redirected to websites like : adsdelivery1.com and 123srv.com I also noticed that my LAN settings have been set to a proxy server and If I untick the box and save it all the redirects disappear and so do the pop-ups but it resets itself back to the proxy server around every 3 minutes. This is what the proxy server address and port is : 127.0.0.1:8118 DDS : DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.55.2 Run by Ryan at 18:17:47 on 2014-05-24 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8119.1258 [GMT 1:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\mfevtps.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe C:\Program Files (x86)\Clownfish\Clownfish.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\MSR\Privoxy\privoxy.exe C:\Windows\SysWOW64\DllHost.exe C:\Program Files\McAfee\MSC\McAPExe.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Java\jre7\bin\javaw.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Java\jre7\bin\javaw.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank mStart Page = about:blank uProxyServer = hxxp=127.0.0.1:8118;https=127.0.0.1:8118 mWinlogon: Userinit = userinit.exe, BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll uRun: [Clownfish] "C:\Program Files (x86)\Clownfish\Clownfish.exe" uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TP-LIN~1.LNK - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 TCP: NameServer = 192.168.0.1 TCP: Interfaces\{885A993A-3C18-4580-A18A-23424797A169} : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{B0FEDDD1-883A-4C6A-AA66-F387E64CEF54} : DHCPNameServer = 172.20.10.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mStart Page = about:blank x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - x64-SSODL: WebCheck - . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-12-5 783864] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2014-3-17 345456] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984] R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472] R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-4-21 328928] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-4-21 328928] R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2014-4-21 178528] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-4-21 328928] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-4-21 328928] R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-4-21 328928] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2014-4-21 328928] R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2014-4-21 1025712] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2014-4-21 219752] R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2014-4-21 185792] R2 System Update kb70007;System Update kb70007;C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe [2014-4-30 16384] R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-4-18 5024576] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-4-14 96768] R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2014-3-17 70592] R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2014-5-9 66728] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2014-3-17 311600] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2014-3-17 522360] R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2014-1-21 422712] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-4-21 197704] S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2014-1-21 96592] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-8-6 23040] S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2012-7-31 38992] S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2014-3-24 42184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2013-3-18 54784] . =============== Created Last 30 ================ . 2014-05-23 15:00:08 -------- d-----w- C:\Users\Ryan\IdeaProjects 2014-05-23 14:59:49 -------- d-----w- C:\Users\Ryan\AppData\Roaming\JetBrains 2014-05-23 14:58:15 -------- d-----w- C:\Program Files (x86)\JetBrains 2014-05-17 14:51:10 -------- d-----w- C:\Users\Ryan\AppData\Roaming\FlvtoConverter 2014-05-17 14:51:10 -------- d-----w- C:\Users\Ryan\AppData\Local\FlvtoYoutubeDownloader 2014-05-17 14:50:34 -------- d-----w- C:\Users\Ryan\AppData\Local\Flvto Youtube Downloader 2014-05-13 16:45:49 -------- d-----w- C:\Users\Ryan\AppData\Local\CrashDumps 2014-05-11 17:50:58 -------- d-----w- C:\Users\Ryan\AppData\Local\Roblox 2014-05-11 10:01:33 -------- d-----w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-05-11 10:01:32 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2014-05-09 19:45:35 -------- d-----w- C:\Users\Ryan\AppData\Local\Flvto Plugin for Google Chrome 2014-05-09 16:48:51 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine 2014-05-09 16:32:55 66728 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys 2014-05-09 16:32:55 -------- d-----w- C:\Program Files\Virtual Audio Cable 2014-05-08 15:47:48 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Screaming Bee 2014-05-08 15:46:26 -------- d-----w- C:\Program Files (x86)\Screaming Bee 2014-05-06 19:29:05 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-05-06 19:29:05 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-05-06 19:29:05 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-05-06 19:29:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-05-06 15:37:30 12872 ----a-w- C:\Windows\System32\bootdelete.exe 2014-05-06 15:33:08 -------- d-----w- C:\ProgramData\HitmanPro 2014-05-03 16:23:51 -------- d-----w- C:\$WINDOWS.~BT 2014-05-02 18:12:25 -------- d-----w- C:\ProgramData\boost_interprocess 2014-05-02 18:11:28 35344 ----a-w- C:\Windows\System32\drivers\asd2fsm.sys 2014-05-02 18:11:26 -------- d-----w- C:\ProgramData\Anvisoft 2014-05-02 18:11:21 -------- d-----w- C:\Program Files (x86)\Anvisoft 2014-05-02 16:07:53 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Ubisoft 2014-05-02 15:52:25 -------- d-----w- C:\ProgramData\Tages 2014-05-02 15:47:09 -------- d-----w- C:\Users\Ryan\AppData\Local\Google 2014-05-02 15:29:41 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-05-02 15:29:14 -------- d-----w- C:\ProgramData\Malwarebytes 2014-05-02 15:22:25 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys 2014-05-02 15:22:25 314016 ----a-w- C:\Windows\System32\drivers\atksgt.sys 2014-05-02 15:19:22 -------- d-----w- C:\AdwCleaner 2014-05-02 01:09:55 536870912 --sha-w- C:\WinPEpge.sys 2014-05-01 18:56:46 81920 ----a-w- C:\Windows\eSellerateControl350.dll 2014-05-01 18:56:46 356352 ----a-w- C:\Windows\eSellerateEngine.dll 2014-05-01 18:56:46 274432 ----a-w- C:\Windows\SysWow64\ssleay32.dll 2014-05-01 18:56:46 1122304 ----a-w- C:\Windows\SysWow64\libeay32.dll 2014-05-01 18:56:26 -------- d-----w- C:\Users\Ryan\AppData\Local\Programs 2014-05-01 17:32:57 -------- d-----w- C:\Users\Ryan\AppData\Local\Purplizer 2014-05-01 17:21:07 -------- d-----w- C:\NPE 2014-05-01 17:19:27 -------- d-----w- C:\Users\Ryan\AppData\Local\NPE 2014-05-01 17:19:27 -------- d-----w- C:\ProgramData\Norton 2014-04-30 20:36:35 -------- d-----w- C:\Program Files\Enigma Software Group 2014-04-30 20:36:07 -------- d-----w- C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP 2014-04-30 17:17:24 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll 2014-04-30 16:44:47 -------- d-----w- C:\Windows\Microsoft 2014-04-30 16:44:37 -------- d-----w- C:\Program Files (x86)\MSR 2014-04-30 16:44:06 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Wise 2014-04-27 18:58:55 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2014-04-26 16:17:32 -------- d-----w- C:\Users\Ryan\AppData\Roaming\.minecraft . ==================== Find3M ==================== . 2014-05-14 17:54:16 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-05-14 17:54:16 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-04-23 19:21:14 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2014-04-23 19:21:07 281872 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2014-04-23 19:21:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2014-04-19 22:18:22 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2014-04-14 14:54:59 0 ----a-w- C:\Windows\ativpsrm.bin 2014-03-27 05:24:32 47632 ----a-w- C:\Windows\System32\drivers\asdids.sys 2014-03-24 20:12:06 42184 ----a-w- C:\Windows\System32\drivers\taphss6.sys 2014-03-17 18:02:08 70592 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2014-03-17 17:54:54 345456 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2014-03-17 17:54:26 185792 ----a-w- C:\Windows\System32\mfevtps.exe 2014-03-17 17:49:44 783864 ----a-w- C:\Windows\System32\drivers\mfehidk.sys 2014-03-17 17:47:30 522360 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2014-03-17 17:45:38 311600 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2014-03-17 17:44:40 180272 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys . ============= FINISH: 18:18:21.91 ===============

BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:06:45 PM

Posted 26 May 2014 - 07:22 AM

Hi DarkSt4r0251 and welcome to BC.

Please take note of the following:

1. Please do not run any other tools unless instructed.
2. Please don't install or uninstall anything unless asked.
3. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
4. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
5. Please reply to this thread. Do not start a new topic.

The report is very difficult to read, posted like that.
The reason for the jumbled report is that Wordwrap is turned on within Notepad.
Wordwrap needs to be turned off.
Open a Notepad document, Click the Format tab, UNtick Wordwrap.
That should sort it in the future.


For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.
  • Double-click the downloaded icon to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator

    frsticon_zpsdc3cbdc3.png
  • When the tool opens click Yes to disclaimer.

    frstdis_zps7f598f12.png
  • Make sure that Addition.txt is selected at the bottom
  • Press Scan button.

    newfrst_zpsa63ffa3d.png
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
In your next reply, please submit:
Both reports from FRST


Thanks.

Edited by Starbuck, 26 May 2014 - 07:23 AM.

BBPP6nz.png


#3 DarkSt4r0251

DarkSt4r0251
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:45 PM

Posted 28 May 2014 - 05:58 AM

Thanks for the help Starbuck,

 

I got in contact with one of my friends who works in developing virus software, He managed to remove it from my pc somehow (not sure how)

 

But thanks for replying :)



#4 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,149 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:06:45 PM

Posted 28 May 2014 - 11:11 AM

Thank you for letting me know.

Safe surfing. Computer_addict__by_Sinister_Starfeesh.g

This thread will now be closed.

If you need this topic reopened, please contact one of the moderating team by PM and we will reopen it for you.
Include the address of this thread in your request.
If you should have a new issue, please start a new topic.
This applies only to the original topic starter.

Everyone else please begin a New Topic.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users