Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

zodiac-game.info adware/malware


  • Please log in to reply
5 replies to this topic

#1 rubyscube

rubyscube

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 01 January 2017 - 05:26 PM

Hello!

 

I have a problem with pop-up windows from zodiac-game.info every time I boot up into windows 10 and/or when logging between accounts.

 

Thanks :)

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:05:53 AM

Posted 03 January 2017 - 04:58 PM

hi,

 

You still need help with the popups? If so, I will get a better look at the logs.

Is the popup in one browser or all browsers you use? Only when a browser is open?

 

Usually only on the site once or twice per day so you may not get a response back from me until the following day.

 


How Can I Reduce My Risk to Malware?


#3 rubyscube

rubyscube
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 04 January 2017 - 11:04 AM

Hey! That would be great. I still have the problems.

 

The popups are in both internet explorer and chrome.

When I open any browser right after a reboot of the system the popup's show up every time, but they also some times show up on subsequent opening of the browsers in the same session.

 

Thanks a lot :)



#4 shelf life

shelf life

  • Malware Response Team
  • 2,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:05:53 AM

Posted 04 January 2017 - 05:35 PM

ok lets do this first and we will go from there. Copy paste whats below in the box into notepad.

 

Save it as fixlist.txt in the same location you have FRST (your desktop)

 

Start FRST like you did before and this time after it opens click on the fix button once.

 

Machine will reboot to finish the process. Upon reboot it will display a fixlog.txt which you can copy/paste in your reply.

2017-01-01 22:36 - 2014-09-07 00:37 - 00000074 _____ C:\Users\rubyscube\AppData\Roaming\sp_data.sys
2017-01-01 22:35 - 2016-10-06 13:52 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-01 22:26 - 2016-09-07 12:54 - 00000074 _____ C:\Users\theak_000\AppData\Roaming\sp_data.sys
2014-09-07 00:37 - 2017-01-01 22:36 - 0000074 _____ () C:\Users\rubyscube\AppData\Roaming\sp_data.sys
2014-11-11 21:29 - 2014-11-11 21:29 - 0000080 _____ () C:\Users\rubyscube\AppData\Local\X-Plane Installer.prf
2016-10-06 13:52 - 2016-10-06 13:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 02:41 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 02:41 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 02:41 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
C:\Users\rubyscube\AppData\Local\Temp\libeay32.dll
C:\Users\rubyscube\AppData\Local\Temp\msvcr120.dll
C:\Users\rubyscube\AppData\Local\Temp\sqlite3.dll
HKLM-x32\...\Run: [Adobe Flash Player SU] => cmd.exe /c start hxxp://tainagame.org && exit
Empty Temp:

How Can I Reduce My Risk to Malware?


#5 rubyscube

rubyscube
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 06 January 2017 - 05:23 PM

Yes! That seems to have worked straight away. No startup popup in either browser now. :D



#6 shelf life

shelf life

  • Malware Response Team
  • 2,680 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:05:53 AM

Posted 07 January 2017 - 08:43 AM

Ok good. Happy safe surfing out there.


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users