AllyLane

I don't sync Edge across any other devices, but I have disabled it anyway. Logs are attached. ReportRogue.txt FRST.txt Addition.txt

nasdaq, I have been in touch with Kaspersky, and this has nothing to do with a conflict with MWB. It turns out that the website is actually infected with a malicious tool. This tool, whatever it is, appears to have downloaded to my system. I am now seeing a lot of hanging, slow shutdown, and programs crashing for no apparent reason. My system is definitely infected. Could you please help me to clean things up?

Thanks. I have cleared cache in both browsers (IE and Edge), am still not running Firefox so have not tried. The website is still blocked. I have attached a report from my antivirus program to show you the error logs. Starting to think this is a false positive. When I disable Kaspersky, but leave MWB running, I am able to open the website on both browsers. Kaspersky Report.txt

Thanks nasdaq. All done, log is attached as requested. The same problems I listed above still persist. Fixlog.txt

Hi Fabulous MWB Team :) Could you please check my system over? New computer but suddenly I cannot open a couple different websites that I visited last week but I know should be 'safe'. These are sites based here in Australia. I have checked with the merchant and they have no known issues with their site. My Antivirus (Kaspersky) blocks the sites from opening with the message as per below: Access blocked The requested URL cannot be provided Object URL: https://www.lights2you.com.au/ Reason: the object is infected by HEUR:Trojan-PSW.Script.Generic I have had the same problem on three different browsers - IE, Firefox and Chrome. Firefox in particular was behaving strangely. Tried to uninstall/reinstall but would not run at all, so I have removed it totally for now. Logs are attached. Thanks so much! FRST.txt Addition.txt MWB Threat Scan.txt

Hi AS, All done, nothing found by Sophos. Logs are attached. JRT.txt AdwCleaner[C0].txt Addition.txt FRST.txt

Hiya AS, Please don't delete this topic. Have been held up but am going through scans now, might take me a day or two. Cheers.

Hi M Team, While surfing, an annoying popup appeared telling me that my Windows system is infected etc etc. Had much trouble closing Internet Explorer. Finally closed it off, discovered that my AV (Kaspersky) had been uninstalled. Completed a system restore to earlier time point successfully. MWB scan done, shows nothing. No further popups since. Logs are attached. I would appreciate if some kind person could please check my system and make sure nothing is hanging around? Many thanks! FRST.txt Addition.txt

All done. Things seem to be running much better. Thanks so much for your help Ron! I just have one final question for you - is it possible for MB Premium and Kaspersky IS to run on this machine without conflict?

Sorted out the Google site issue. My AV (Kasperksy) was seeing it as a Phishing site (false positive) and issued a Certificate that was unnecessary. A reinstall of the AV program fixed the issue.

Done. Ran the MS Fix a couple of times and finally got the Registration problem fixed. Updates are now installing, MS Fix now has green ticks all around. Any thoughts on why I would still be having an issue with going to the Google site, and why PC will still not shut down?

Still hanging, still not shutting down. Google webpage is still showing as having a certificate error. Sounds like something is making the system run hard, too, if that makes sense? As in, the physical noise of the machine is quite loud compared to normal.

Malware scans all done. No threats found with ESET JRT.txt AdwCleaner[S2].txt AdwCleaner[C1].txt FRST.txt Addition.txt

Thanks Ron. Got as far as Step 2, I ran the MS Fixit and it did fix a couple of issues but came up with the error "Service Registration is Missing or Corrupt" - this was not fixed. I have not done anything further - not sure what this means? Is it because I have hidden updates and anything to do with Windows 10? I have been avoiding installing Win 10 and would rather stick with W 7. Do I need to install Windows Update again, as per your link to that Fixit page, and if so, how?

Hello HJT Team, Have attached FRST and ADDITION files. My system (running W7) is increasingly hanging and sticking. Can't help but feel that there is an infection here somewhere. Computer will not shut down, and have to resort to manual shut down every time (hold power button for 5 secs). Often reboots without a problem, occasionally offers safe mode rather than straight startup. IE 11 is not performing very nicely either, hangs a lot and often crashes. Firefox does the same when I use it instead. Finally, just this week my homepage (google.com) brings up the security certificate error message. Could be a sign of hijack apparently. I have reset the homepage to about: blank for now. I normally run Kaspersky Internet Security. Was told once upon a time that it will clash with MBAM Premium - is this still the case? For the purpose of finding the infection I have reinstalled MBAM again and will leave it running to see if anything is detected, but so far scans have shown nothing. Would very much appreciate your help please? Thank you FRST.txt Addition.txt

Thanks heaps. The DelFix link does not work - do you have another? Also, can I ask your opinion please as I am interested in putting a VPN in place. Would this require any extra security than what I am already doing?

PC is good thank you. Search engine is working as I need it to. Bing is totally gone from all the places I saw it before. Log file is attached. Anything else you think I need to do? Fixlog.txt

Yes! I went into Manage Add-ons, Google was listed as a search provider so I have made that default and then have removed Bing. Yay! Thanks so much. Files are attached. Do I need to perform Fix in Farbar? FRST.txt Addition.txt

Hi THE, Thanks for your help. Please find zoek log file attached. zoek-results.log

Hi Guys, I have recently reinstalled OS due to massive infection. Everything was fine until I updated to IE 11, which included Bing as the default search provider. I cannot change this setting (Bing as default) no matter what I try. Manage Add-Ons does not allow adding a new search provider (such as google) - None of the accelerators can be downloaded. I keep getting an error. I have had this problem once before and it turned out that Bing was in there good, and would not allow any changes. I just cannot remember how we got rid of it last time, but I know it was with your team's help. The longer it was there, the more problems it caused. Microsoft suggested amending the registry, which only worked in terms of changing the default search page, but not the default search engine. Scan files are attached. Running MWB Pro and Kaspersky IS, neither of which have detected any problems. I would really appreciate your help to get rid of this thing please, if it is still something you can do? Addition.txt FRST.txt

Sorry for the delay returning here. We moved home and I completely lost all internet until now. Thanks for all your help. I have reinstalled the OS on a new partition and will be downloading an AV based on the recommendations from the link above. The virus definitely got into the registry and caused all kinds of trouble. I have read elsewhere that it does damage the reg keys involved in USB hosting and Bluetooth and wifi connections. You can close this topic now.

My computer is in dire trouble. The drivers for various things (USB host etc) have uninstalled and cannot be found to be reinstalled. I am going to have to do a complete reinstall of the operating system. Not happy about this. If I reinstall the OS, is that likely to get rid of whatever the hell is causing this?

OK. Sorry for all the questions. I have run Combofix and the log is attached. I did a System Restore to an earlier time and managed to uninstall iTunes that way. Also, Microsoft Security Essentials found a virus labelled 'JavaExploit' so I am guessing that was at least part of the problem. Am looking at the other AV programs now and will purchase soon. I need to cover an iPad too. I am looking at getting a VPN also so that should help. I am feeling very vulnerable all of a sudden! I also noticed that in RogueKiller, there were a lot of items found and some of them have been labelled as potentially harmful (highlighted in orange instead of green.) Do I need to delete those? Log also attached. Thanks. Combofix log.txt RKreport_SCN_11112014_154245.log

According to Windows support, I should not be running MWB Pro with Microsoft Security Essentials as only one antivirus is necessary, but I was running both based on the advice I received here previously. Should I turn off MS Security? I have been told by Windows support also that I need to do a system restore to get this back to a time when it was running properly. If that fails, a complete operating system reinstall is needed.

Whatever this infection is has definitely damaged the Registry. How does this get through when I am running MWB Pro and updating the database every day? You think it was Java?