Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extended Ultimate Popup


  • This topic is locked This topic is locked
4 replies to this topic

#1 coelhinhatop

coelhinhatop

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:58 PM

Posted 12 September 2014 - 06:18 PM

Hi this is my first post, recently when I start my laptop a cmd popup comes on and when it disappear chrome opens in a russian site extendedunlimited.org and sometimes change to gameharbor.org .
 
I already tried some fixes but nothing is working.
 
I run FRST here are the logs

 

Attached File  Addition.txt   60.95KB   2 downloads

 

Attached File  FRST.txt   62.64KB   4 downloads

 

Thank you in advance! :)



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 PM

Posted 13 September 2014 - 06:59 AM

Hi,

this should do it:


Please download this attached Attached File  fixlist.txt   151bytes   4 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#3 coelhinhatop

coelhinhatop
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:05:58 PM

Posted 13 September 2014 - 07:19 AM

Problem solve, thank you so much for the help :)

 

Here is the fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Filipa at 2014-09-13 13:09:23 Run:2
Running from C:\Users\Filipa\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-2879410981-3726918230-1455250003-1002\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************
 
HKU\S-1-5-21-2879410981-3726918230-1455250003-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
EmptyTemp: => Removed 96.2 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 PM

Posted 13 September 2014 - 07:28 AM

Ok. Uninstall the old Java version and update Firefox.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:58 PM

Posted 19 September 2014 - 03:25 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users