Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

gameharbour.org adware infection


  • This topic is locked This topic is locked
4 replies to this topic

#1 Adrian028

Adrian028

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 09 September 2014 - 01:47 PM

Hello, 

 

I too have fallen victim to this extremely annoying adware and since I noticed most fixes for this issue are personalized I am now requesting your help. 

 

I am also providing the FRST logs in an attachment.

 

Thank you for your time.

 

Regards, 

Adrian

 

Attached Files



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 09 September 2014 - 03:32 PM

Hi Adrian,

is this adware gone after the following fix?


Please download this attached Attached File  fixlist.txt   218bytes   7 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#3 Adrian028

Adrian028
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:03:43 AM

Posted 10 September 2014 - 01:53 AM

Hello aharonov,

 

yes, it seems to have been fixed. Thank you for your assistance!

 

As requested, I have included the fixlog contents.

 

Regards,

Adrian

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-09-2014 01
Ran by Adrian at 2014-09-10 09:40:20 Run:1
Running from C:\Users\Adrian\Desktop\New folder
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-1614990400-2380831446-2441307492-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
CMD: type "C:\Program Files (x86)\ESET\EsetOnlineScanner\log.txt"
EmptyTemp:
*****************
 
HKU\S-1-5-21-1614990400-2380831446-2441307492-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
 
=========  type "C:\Program Files (x86)\ESET\EsetOnlineScanner\log.txt" =========
 
The system cannot find the path specified.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 16.9 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 10 September 2014 - 04:35 AM

Hello Adrian,

alright, apart from this your log looks good. Update your Java version to the most recent one and check in Control Panel if any Windows Updates are provided and install them. Then we're done.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:43 AM

Posted 19 September 2014 - 02:55 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users