Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help! Network taken over


  • This topic is locked This topic is locked
11 replies to this topic

#1 gtrockefellar

gtrockefellar

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 03 April 2016 - 09:41 AM

My PC has been running slow. I downloaded adwcleaner and tried to clear off my PC. I also have cc cleaner and Malwarebytes.

I can no longer visit this website through my computers. I am visiting through my phone.

I have attached the log from adwcleaner

BC AdBot (Login to Remove)

 


#2 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 03 April 2016 - 09:53 AM

# AdwCleaner v5.108 - Logfile created 03/04/2016 at 10:51:13
# Updated 30/03/2016 by Xplode
# Database : 2016-04-03.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : LCAP - LCAP-PC
# Running from : C:\Users\LCAP\Desktop\adwcleaner_5.108.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : hhbgpoakplhahbklhkcfbpicgjcaoglk

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2386 bytes] - [31/03/2016 14:15:33]
C:\AdwCleaner\AdwCleaner[C2].txt - [1507 bytes] - [01/04/2016 12:23:57]
C:\AdwCleaner\AdwCleaner[C3].txt - [1766 bytes] - [03/04/2016 09:51:10]
C:\AdwCleaner\AdwCleaner[C4].txt - [1622 bytes] - [03/04/2016 10:15:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [2193 bytes] - [31/03/2016 14:11:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1327 bytes] - [01/04/2016 12:22:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [1731 bytes] - [03/04/2016 09:49:47]
C:\AdwCleaner\AdwCleaner[S4].txt - [1599 bytes] - [03/04/2016 10:14:32]
C:\AdwCleaner\AdwCleaner[S5].txt - [1335 bytes] - [03/04/2016 10:51:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1408 bytes] ##########

#3 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 03 April 2016 - 11:02 AM

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:56:56 AM, on 4/3/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Users\LCAP\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Users\LCAP\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\LCAP\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\LCAP\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\LCAP\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\XFastUSB\XFastUsb.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\LCAP\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\LCAP\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [XFastUSB] "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\LCAP\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] "C:\Users\LCAP\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\LCAP\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_CE2AFAD3A814DDB260B51C586CE89DC3] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - Startup: Dropbox.lnk = LCAP\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\appinit_dll.dll,C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASRock\XFast LAN\spd.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlingAgentService - Sling Media Inc. - C:\Program Files (x86)\Sling Media\SlingAgent\SlingAgentService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12235 bytes

#4 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 03 April 2016 - 11:23 AM

Farbar scan

Attached Files



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:50 AM

Posted 03 April 2016 - 12:49 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: IPCONFIG /release
cmd: IPCONFIG /renew

HKU\S-1-5-21-705435072-479048358-2761214846-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-705435072-479048358-2761214846-1000\...\Run: [zASRockInstantBoot] => [X]
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-705435072-479048358-2761214846-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-705435072-479048358-2761214846-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Extension: (Chrome Web Store Payments) - C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D49FCCBF-4D76-4537-A0F3-984C1185FDCD} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FDE6B015-412A-41DC-8303-FE63F96657C4} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

Please let me know what problem persists with this computer.

If the problem persists boot to Safe Mode with Internet connectivity.
How is it now?

#6 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 04 April 2016 - 10:01 AM

Hi.  Thanks.  My machine seems to be running much more smoothly.  I did some checks and I still get these files that pop up on my computer after running adwcleaner.  I scanned my laptop and it comes up with something similar that is a bunch of gibberish text.  Not sure if that's something I should be concerned about.  Anyway, log file included.  

 

Found : hhbgpoakplhahbklhkcfbpicgjcaoglk

 

# AdwCleaner v5.108 - Logfile created 04/04/2016 at 10:54:25
# Updated 30/03/2016 by Xplode
# Database : 2016-04-03.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : LCAP - LCAP-PC
# Running from : C:\Users\LCAP\Desktop\adwcleaner_5.108.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask search
[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : mysearch.avg.com
[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : yahoo.com search
[C:\Users\LCAP\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : hhbgpoakplhahbklhkcfbpicgjcaoglk
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [2386 bytes] - [31/03/2016 14:15:33]
C:\AdwCleaner\AdwCleaner[C2].txt - [1507 bytes] - [01/04/2016 12:23:57]
C:\AdwCleaner\AdwCleaner[C3].txt - [1766 bytes] - [03/04/2016 09:51:10]
C:\AdwCleaner\AdwCleaner[C4].txt - [1622 bytes] - [03/04/2016 10:15:43]
C:\AdwCleaner\AdwCleaner[C5].txt - [2308 bytes] - [03/04/2016 11:31:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [2193 bytes] - [31/03/2016 14:11:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1327 bytes] - [01/04/2016 12:22:33]
C:\AdwCleaner\AdwCleaner[S3].txt - [1731 bytes] - [03/04/2016 09:49:47]
C:\AdwCleaner\AdwCleaner[S4].txt - [1599 bytes] - [03/04/2016 10:14:32]
C:\AdwCleaner\AdwCleaner[S5].txt - [1487 bytes] - [03/04/2016 10:51:13]
C:\AdwCleaner\AdwCleaner[S6].txt - [2110 bytes] - [03/04/2016 11:30:56]
C:\AdwCleaner\AdwCleaner[S7].txt - [1706 bytes] - [03/04/2016 11:32:59]
C:\AdwCleaner\AdwCleaner[S8].txt - [2178 bytes] - [04/04/2016 10:54:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [2251 bytes] ##########


#7 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 04 April 2016 - 12:20 PM

My PC has been running terribly slow.  Granted it's an older PC, but I believe it's from a whole bunch of malware/ viruses.  My internet browsers intermittently work when I run virus removers but they always cease to run again after I reboot.

Edit: Merged separate topic as a reply with an open and ongoing topic, to avoid confusion for member and staff. ~ Animal

Attached Files



#8 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:50 AM

Posted 05 April 2016 - 07:57 AM

Please run the Adwcleaner tool and remove everything that was found.

The fix I suggested was for this PC.

Ran by LCAP (administrator) on LCAP-PC (03-04-2016 12:18:30)

If you followed the instructions then you should be able to post the Fixlog.txt that was created.
Please post it.


You started an other topic is this for an other PC?
If so you were correct in creating a new topic.
Unfortunately the Administrator merged the topic with this one.
If you confirm this I will have him restore it.

#9 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 05 April 2016 - 05:02 PM

Attached fixlog

Attached Files



#10 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:50 AM

Posted 06 April 2016 - 08:18 AM

How is this computer running.

What do you suggest I do about the other computer?

#11 gtrockefellar

gtrockefellar
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 13 April 2016 - 11:31 AM

Hi Nasdaq,

 

Computer is running ok.  Chrome can get a little jumpty sometimes but nothing unbearable.

 

I ran a scan for registry issues using CCleaner and found some things about "invalid firewall issues".  I'll post again when they pop up as this isn't the first time I noticed them (accidentally cleared them w/o recording what they were).  

 

The other computer, I will post another topic later on.  It's ok.  Thanks for the help.



#12 nasdaq

nasdaq

  • Malware Response Team
  • 40,213 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:50 AM

Posted 14 April 2016 - 06:28 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users