Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Pop up ad on the lower right corner


  • Please log in to reply
3 replies to this topic

#1 SixZX

SixZX

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 11 June 2017 - 07:48 PM

When I open some sites appears one ad box on the lower right corner of all browser, like this http://imgur.com/hgSLqnU .



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,885 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:53 PM

Posted 12 June 2017 - 07:24 AM

Welcome to BC....

 

I see you have ABP installed. Click on the ABP icon and choose Filter Preferences. Then UNcheck the box next to Allow some non-intrusive advertisements.

 

Use the programs below to clean, remove malware and remove adware.

 

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.0.6.1469.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 SixZX

SixZX
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:53 PM

Posted 12 June 2017 - 09:26 AM

Thanks for your reply

 

Malwarebytes log:

 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/12/17
Scan Time: 11:04 AM
Log File: ma.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2137
License: Free

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: DESKTOP-SCKJRE0\Ivan

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 391665
Threats Detected: 20
Threats Quarantined: 20
Time Elapsed: 2 min, 19 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 3
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, [1215], [398206],1.0.2137

Module: 4
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\OFCOMMON.DLL, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, [1215], [398206],1.0.2137

Registry Key: 1
PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService10, Quarantined, [1215], [396386],1.0.2137

Registry Value: 1
PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1396258094-3952779549-569109948-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Advanced SystemCare 10, Quarantined, [1215], [396386],1.0.2137

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 11
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\OFCOMMON.DLL, Quarantined, [1215], [396386],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, Quarantined, [1215], [396386],1.0.2137
Trojan.BCDSoft, C:\PROGRAMDATA\LOG.BINB, Quarantined, [9329], [403593],1.0.2137
Trojan.BCDSoft, C:\PROGRAMDATA\LOG.EWBB, Quarantined, [9329], [403591],1.0.2137
Trojan.BCDSoft, C:\PROGRAMDATA\LOG.EWBT, Quarantined, [9329], [403592],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\USERS\PUBLIC\DESKTOP\ADVANCED SYSTEMCARE 10.LNK, Quarantined, [1215], [380338],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, [1215], [398206],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\USERS\ELECXTRMIC\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\Advanced SystemCare 10.lnk, Quarantined, [1215], [380340],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_PerformanceMonitor, Quarantined, [1215], [380341],1.0.2137
PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_SkipUac_Ivan, Quarantined, [1215], [380341],1.0.2137

Physical Sector: 0
(No malicious items detected)


(end)

 

 

Adw Cleanner Log:

 

# AdwCleaner v6.047 - Relatório criado 12/06/2017 às 11:14:33
# Atualizado em 19/05/2017 por Malwarebytes
# Banco de dados : 2017-06-10.1 [Servidor]
# Sistema operacional : Windows 10 Pro  (X64)
# Usuário : Ivan - DESKTOP-SCKJRE0
# Executando de : C:\Users\Elecxtrmic\Downloads\AdwCleaner.exe
# Modo: Limpo
# Apoio : https://www.malwarebytes.com/support



***** [ Serviços ] *****



***** [ Pastas ] *****

[-] Pasta excluída:C:\Users\Elecxtrmic\AppData\LocalLow\IObit\Advanced SystemCare
[-] Pasta excluída:C:\Users\Elecxtrmic\AppData\Roaming\IObit\Advanced SystemCare
[#] Pasta excluída na reinicialização:C:\Users\Elecxtrmic\AppData\LocalLow\IObit\Advanced SystemCare
[#] Pasta excluída na reinicialização:C:\Users\Elecxtrmic\AppData\Roaming\IObit\Advanced SystemCare
[-] Pasta excluída:C:\ProgramData\IObit\ASCDownloader
[-] Pasta excluída:C:\ProgramData\IObit\Advanced SystemCare
[-] Pasta excluída:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
[-] Pasta excluída:C:\Program Files (x86)\IObit\Advanced SystemCare
[-] Pasta excluída:C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
[-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
[-] Pasta excluída:C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\IObit\Advanced SystemCare


***** [ Arquivos ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Atalhos ] *****



***** [ Atividades agendadas ] *****

[-] Tarefa eliminada:ASC10_PerformanceMonitor


***** [ Registro ] *****

[-] Chave excluída:HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[-] Chave excluída:HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu
[#] Chave excluída na reinicialização:[x64] HKLM\SOFTWARE\Classes\ASCExtMenu.CExtMenu.1
[-] Chave excluída:HKLM\SOFTWARE\IOBIT\ASC
[-] Chave excluída:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1
[-] Valor apagado:HKU\S-1-5-21-1396258094-3952779549-569109948-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Advanced SystemCare 10]
[-] Chave excluída:HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Chave excluída:HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
[-] Chave excluída:HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare


***** [ Verificando navegadores ... ] *****



*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [10249 Bytes] - [09/05/2017 22:27:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [1340 Bytes] - [13/05/2017 16:06:07]
C:\AdwCleaner\AdwCleaner[C3].txt - [5627 Bytes] - [25/05/2017 18:50:09]
C:\AdwCleaner\AdwCleaner[C4].txt - [2938 Bytes] - [12/06/2017 11:14:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [9408 Bytes] - [09/05/2017 22:26:21]
C:\AdwCleaner\AdwCleaner[S1].txt - [2060 Bytes] - [10/05/2017 17:55:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [1524 Bytes] - [13/05/2017 16:04:39]
C:\AdwCleaner\AdwCleaner[S3].txt - [5604 Bytes] - [25/05/2017 18:47:56]
C:\AdwCleaner\AdwCleaner[S4].txt - [3495 Bytes] - [12/06/2017 11:13:32]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [3376 Bytes] ##########
 

 

Junkware Removal Tool Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 10 Pro x64
Ran by Ivan (Administrator) on 12/06/2017 at 11:18:38,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\productdata (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/06/2017 at 11:19:58,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#4 buddy215

buddy215

  • BC Advisor
  • 12,885 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:53 PM

Posted 12 June 2017 - 10:34 AM

You're running the Eset online scan...right?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users