Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus - NOTHING works


  • Please log in to reply
1 reply to this topic

#1 Bas10

Bas10

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:49 AM

Posted 29 March 2017 - 05:08 PM

Hey,

 

First of I'm new to the forum and I apologize if I"m posting in the wrong section.

 

 

So somehow - my computer got infected with SOMETHING.  Basically - it only works on browsers.  If I don't have a browser on - nothing - computer works smoothly (as far as I can tell).  But when I open up a browser - IE, Chrome and Firefox - random popups every min or so... and when I click on links - popouts as well.  I tried uninstalling and reinstalling all browsers and clearing history... nothing.

 

I bought Eset - "no threats detected".. same with Kaspersky, Malwarebytes and Trendmicro... no threats.  Currently I have Eset disabled... and Kaspersky enabled - the only thing Kaspersky and ESET do is not allow the pop-outs to pop out - get a message saying it's blocking them.  Once in a while a pop-out will show up.  I have no idea what to do now - other than ask for my money back from the "money back guarantee for Eset".  This started ONLY since this weekend and my cousins swear they did not visit any questionable sites....  I don't believe them but maybe it's been lurking in my computer for a longer time and I didn't notice.

 

Ex of today - see sample attachment/quote

 

 


29.03.2017 18.05.32    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 6:05 PM
29.03.2017 18.02.41    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 6:02 PM
29.03.2017 18.00.32    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 6:00 PM
29.03.2017 18.00.19    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 6:00 PM
29.03.2017 17.59.41    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 5:59 PM
29.03.2017 17.59.41    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 5:59 PM
29.03.2017 17.59.32    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 5:59 PM
29.03.2017 17.59.32    Dangerous URL blocked    ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object: ://noplok.net/wpad.dat?8437c8e60763062a3dc23d6f99e05d3f26874990    Object type: URL    Reason: KSN    Application: Google Chrome    Time: 3/29/2017 5:59 PM
29.03.2017 14.11.45    Dangerous URL blocked    ://clotraiam.website/afu.php?id=471151    Object: ://clotraiam.website/afu.php?id=471151    Object type: URL    Reason: URL listed in database of malicious URLs    Application: Firefox    Time: 3/29/2017 2:11 PM
29.03.2017 03.24.01    Task started    Web Anti-Virus    Time: 3/29/2017 3:24 AM
28.03.2017 23.15.02    Task started    Web Anti-Virus    Time: 3/28/2017 11:15 PM
 

 

Any ideas what I can do to remove these?

Attached Files


Edited by hamluis, 29 March 2017 - 05:12 PM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,908 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:49 AM

Posted 29 March 2017 - 06:27 PM

Welcome to BC...

 

Give the programs below a shot at cleaning, removing malware and removing adware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users