-
Posts
1,337 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by deeprybka
-
-
Lösch mal bitte das gecrackte Zeug vom ESET Log. Sonst wird der Thread hier geschlossen (siehe mein erstes Posting).
Step 1
Start FRST with administator privileges.
- Make sure the following option is checked:
- Press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.
-
Hi &
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully.- My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
- Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
- Perform everything in the correct order. Sometimes one step requires the previous one.
- If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
- Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
- Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
- Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:
- If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
- Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1
Scan with Malwarebytes Anti-Malware.- Please open Malwarebytes Anti-Malware and update the database.
- Click "Settings" [1] and go to "Detection and Protection" [2]
- Make sure "Scan for Rootkits" is checked.
- Click on Dashboard [3], then click on Scan Now [4] to start the scan.
:exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt: - Click on "Remove Selected" [5].
- Then click "Save Results" [6] and select
- Return to our forum. Paste your log into your next reply and then click Finish [7].
-
Hi,
biste dann in Deutschland oder im Ausland?
Step 1
Please download AdwCleaner (by Xplode) and save it to your Desktop.
- Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select "Run As Administrator"
- Click on the Scan button.
- After the scan has finished, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
Please downloadOnline Scanner and save it to your Desktop.
- Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
- Start with administartor privileges.
- Select the option Yes, I accept the Terms of Use and click on Start.
- Choose the following settings:
- Click on Start. The virus signature database will begin to download. This may take some time.
- When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
- When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
- Now click on Finish
- A log fileis created at
Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!
- Double click on AdwCleaner.exe to run the tool.
-
Hi,
Step 1
- Please download and install Revo Uninstaller Free
note: there is no need to click anything on that page, the download will start automatically
- Double click Revo Uninstaller to run it
- From the list of programs double click on the listed program(s), or anything similar, to remove it:
Surfing ProtectionSmart Defrag 3IObit Malware Fighter 3IObit UninstallerAdvanced SystemCare 8
- When prompted if you want to uninstall click Yes
- Be sure the Moderate option is selected then click Next
- The program will run, If prompted again click Yes
- When the built-in uninstaller is finished click on Next
- Once the program has searched for leftovers click Next
- Check the items in bold only on the list then click Delete
note: you may have to expand some folders by clicking the "+" mark
- When prompted click on Yes and then on Next
- Put a check on any folders that are found and select Delete
- When prompted select Yes then Next
- Once done click Finish
Please download Rkill by Grinler and save it to your desktop.
- Link 1
- Link 2
- Double-click on the Rkill desktop icon to run the tool.
- If using Vista, right-click on it and Run As Administrator.
- A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
- If not, delete the file, then download and use the one provided in Link 2.
- If the tool does not run from any of the links provided, please let me know.
- When finished, RKill will produce a log. Please copy and paste the log in your next reply
- Do not reboot the computer, you will need to run the application again.
Please download and install Malwarebytes Anti-Malware. (NEW VERSION)
- Please open Malwarebytes Anti-Malware and update the database.
- Click "Settings" [1] and go to "Detection and Protection" [2]
- Make sure "Scan for Rootkits" is checked.
- Click on Dashboard [3], then click on Scan Now [4] to start the scan.
:exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
- Click on "Remove Selected" [5].
- Then click "Save Results" [6] and select
- Return to our forum. Paste your log into your next reply and then click Finish [7].
Step 4
Start FRST with administator privileges.
- Make sure the following option is checked:
- Press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.
- Please download and install Revo Uninstaller Free
-
Deutsch?
Hi &
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully.
- My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
- Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
- Perform everything in the correct order. Sometimes one step requires the previous one.
- If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
- Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
- Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
- Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
- If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
- Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
- Start FRST with administator privileges.
- Make sure the option Addition.txt is checked and press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
- Please copy and paste these logs in your next reply.
-
Hi &
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully.
- My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
- Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
- Perform everything in the correct order. Sometimes one step requires the previous one.
- If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
- Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
- Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
- Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
- If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
- Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
- Start FRST with administator privileges.
- Make sure the option Addition.txt is checked and press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
- Please copy and paste these logs in your next reply.
-
You are welcome!
-
-
It's good to hear that your problems appear to be solved.
That's it!
Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.
My help is free for everybody.
If you want to support me fighting against malware or appreciate the assistance you received, then you can consider a donation:
Thank you!
Clean Up
Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:- You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
- Download DelFix (by Xplode) and save it to your Desktop.
- Close all running programs and start delfix.exe.
- Make sure that all available options are checked.
- Click on Run
- DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
- If there is still something left you can delete it manually.
Closing security holes
Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:Java 7 Update 55
Tips
I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams. -
I'll monitor it throughout the day and let you know if I see anymore...
Yes, please.
-
How is the computer running now?
-
Step 1
Press the + R on your keyboard at the same time. Type notepad and click OK.
- Copy the entire content of the codebox below and paste into the notepad document:
C:\ProgramData\{dfadfd22-70fd-c448-dfad-dfd2270ff489}\C:\Users\Melanie\AppData\Roaming\PUQGC:\Users\Melanie\AppData\Roaming\YHOVNCC:\Users\Melanie\AppData\Roaming\4C4C4544-1426467705-5110-804A-B2C04F4B5731\EmptyTemp:
- Click File, Save As and type fixlist.txt as the File Name.
- Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
- Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished FRST will generate a log on the Desktop, called Fixlog.txt.
- Copy the entire content of the codebox below and paste into the notepad document:
-
Step 1
Please downloadOnline Scanner and save it to your Desktop.
- Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
- Start with administartor privileges.
- Select the option Yes, I accept the Terms of Use and click on Start.
- Choose the following settings:
- Click on Start. The virus signature database will begin to download. This may take some time.
- When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
- When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
- Now click on Finish
- A log fileis created at
Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!
-
How is the computer running now?
-
Step 1
Press the + R on your keyboard at the same time. Type notepad and click OK.
- Copy the entire content of the codebox below and paste into the notepad document:
CloseProcesses:HKLM-x32\...\Run: [] => [X]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-3168526326-2480807914-404759573-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\BDL.dll [319392] (BD Inc.)Tcpip\..\Interfaces\{77DEA611-E997-47F9-AE8D-2556A2CCC9CF}: [NameServer] 31.168.228.251,82.166.96.251Tcpip\..\Interfaces\{A2BB64BC-B18B-475A-A3D4-A71C009000E8}: [NameServer] 31.168.228.251,82.166.96.251FF HKU\S-1-5-21-3168526326-2480807914-404759573-1002\...\Firefox\Extensions: [{030C5B7C-1A48-F3E8-1AA5-E3666235BF0E}] - C:\Program Files (x86)\ver7BlockAndSurf\190.xpiR2 kuxefuki; C:\Users\Melanie\AppData\Roaming\4C4C4544-1426467705-5110-804A-B2C04F4B5731\jnsn79FA.tmp [170496 2015-03-15] () [File not signed]R2 mykopisi; C:\Users\Melanie\AppData\Roaming\4C4C4544-1426467705-5110-804A-B2C04F4B5731\nsh3F20.tmp [115712 2015-03-16] () [File not signed]C:\WINDOWS\SysWOW64\BDL.dll Task: {12BB41E5-CCD6-4A69-B09C-82888C60FAEC} - System32\Tasks\80PjFpAHmQuME9c => C:\Users\Melanie\AppData\Roaming\mTleqd9\EzwLY4w.exe [2015-03-15] ( )Task: {6BD478EF-AFCD-428F-8CAD-728F506CC7BA} - System32\Tasks\PNPGLZVDA => C:\ProgramData\0dfcafffadba49a298b588510cb87bf9\0dfcafffadba49a298b588510cb87bf9.exeTask: {863BE065-1DC3-4203-9482-F654E824A33D} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exeTask: {8D4B6839-8C86-445F-A310-488F70193D6E} - System32\Tasks\YHOVNC => C:\Users\Melanie\AppData\Roaming\YHOVNC.exe Task: {96EAFEF0-CE5A-4C8C-9D98-CBE754FE584D} - \avayvaxxvae No Task File Task: {BAA92FEC-2D39-4822-8FCD-2CBEB1BFE34D} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__313234373638393933362d574a324178345a2a376c455a => Wscript.exe //B "C:\ProgramData\PastaLeadsAgent\startprocess.js" pastaleadss.exe /invoke /f:check_services /l:0Task: {BF94ED49-5639-4B32-AF21-D53A87B8C20E} - System32\Tasks\PUQG => C:\Users\Melanie\AppData\Roaming\PUQG.exe Task: {C6F84444-21C4-4EC9-A9EA-EF79AE19E095} - System32\Tasks\JVHZRO5YSkLgrSb => C:\Users\Melanie\AppData\Roaming\qfYHIBB\xGeW6LU.exeTask: {CCDE0D8E-9EE9-4E4A-A217-FC45A452CC92} - System32\Tasks\h9Gu4Uf1ChwsixG => C:\Users\Melanie\AppData\Roaming\ZWnMPl4\PneS8Tj.exeTask: {CF66F555-C96F-4A97-A256-DF96E4EBEB5D} - \WebBarLaunchTask No Task File Task: C:\WINDOWS\Tasks\PUQG.job => C:\Users\Melanie\AppData\Roaming\PUQG.exe Task: C:\WINDOWS\Tasks\YHOVNC.job => C:\Users\Melanie\AppData\Roaming\YHOVNC.exe C:\Users\Melanie\AppData\Roaming\YHOVNC.exe C:\Users\Melanie\AppData\Roaming\PUQG.exe C:\Users\Melanie\AppData\Roaming\ZWnMPl4C:\Users\Melanie\AppData\Roaming\qfYHIBBC:\Users\Melanie\AppData\Roaming\PUQG.exe C:\Program Files\WebBarC:\ProgramData\0dfcafffadba49a298b588510cb87bf9\C:\Users\Melanie\AppData\Roaming\mTleqd9C:\Users\Melanie\AppData\Roaming\4C4C4544-1426467865-5110-804A-B2C04F4B5731cmd: netsh winsock reset
- Click File, Save As and type fixlist.txt as the File Name.
- Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
- Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished FRST will generate a log on the Desktop, called Fixlog.txt.
After the reboot:
Step 2
Start FRST with administator privileges.
- Make sure the following option is checked:
- Press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.
- Copy the entire content of the codebox below and paste into the notepad document:
-
-
Hi &
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully.
- My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
- Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
- Perform everything in the correct order. Sometimes one step requires the previous one.
- If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
- Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
- Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
- Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
- If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
- Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
- Start FRST with administator privileges.
- Make sure the option Addition.txt is checked and press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
- Please copy and paste these logs in your next reply.
-
Hi &
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully.
- My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
- Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
- Perform everything in the correct order. Sometimes one step requires the previous one.
- If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
- Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
- Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
- Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
- If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
- Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
- Start FRST with administator privileges.
- Make sure the option Addition.txt is checked and press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
- Please copy and paste these logs in your next reply.
-
Let's do a final check up:
Step 1
Please downloadOnline Scanner and save it to your Desktop.
- Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
- Start with administartor privileges.
- Select the option Yes, I accept the Terms of Use and click on Start.
- Choose the following settings:
- Click on Start. The virus signature database will begin to download. This may take some time.
- When completed the Online Scan will begin automatically.
Note: This scan might take a long time! Please be patient.
- When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
- Now click on Finish
- A log fileis created at
Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!
-
Hi,
Step 1
Upload File(s) to
I want you to upload the following file(s) to an online virus-scanner to scan.- Click the Choose File button.
- Please copy/paste the following text into the 'File name:' box:
c:\ProgramData\{2C39C4FA-7CBB-157C-CD3D-65FE1DBFB670}\1.9.1.1\loma.dll
- Click Open then click the Scan it! button just below.
- This will scan the file. Please be patient.
- If you get a message saying File already analyzed: click Reanalyse
- Copy and Paste the link of the result page in your reply;
Step 2
Press the + R on your keyboard at the same time. Type notepad and click OK.- Copy the entire content of the codebox below and paste into the notepad document:
CloseProcesses:Task: {31D28C88-166D-4B5E-8C54-7B065A8C22D9} - System32\Tasks\Installer_sense => C:\Users\Deniz-\AppData\Local\Installer\Installsense_5573\ins_postInst.exe Task: {BD15455D-A9D1-421D-8350-A8D5199C04BB} - \Installer_iwebar No Task File <==== ATTENTIONTask: {E8A458AD-8F6C-4750-9724-CAD15E7D5FA9} - System32\Tasks\YTAUpdate => C:\PROGRA~2\YOUTUB~1\Updater.exe c:\ProgramData\{2C39C4FA-7CBB-157C-CD3D-65FE1DBFB670}\C:\Users\Deniz-\AppData\Local\Installer\Installsense_5573AlternateDataStreams: C:\ProgramData\TEMP:56E2E879AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30AlternateDataStreams: C:\Users\Deniz-\Documents\205736_139809896091821_100001884334835_262608_5073732_n - Kopi (2).jpg:SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\205736_139809896091821_100001884334835_262608_5073732_n - Kopi (2).jpg:Updt_SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\205736_139809896091821_100001884334835_262608_5073732_n - Kopi (2).jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}AlternateDataStreams: C:\Users\Deniz-\Documents\227757_114643998619682_100002222460959_136669_815124_n - Kopi.jpg:SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\227757_114643998619682_100002222460959_136669_815124_n - Kopi.jpg:Updt_SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\227757_114643998619682_100002222460959_136669_815124_n - Kopi.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}AlternateDataStreams: C:\Users\Deniz-\Documents\DSC00105.JPG:SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\DSC00105.JPG:Updt_SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\DSC00105.JPG:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}AlternateDataStreams: C:\Users\Deniz-\Documents\IMAG0339.jpg:SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\IMAG0339.jpg:Updt_SummaryInformationAlternateDataStreams: C:\Users\Deniz-\Documents\IMAG0339.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}AppInit_DLLs-x32: c:/progra~4/{2c39c~1/191~1.1/loma.dll => c:\ProgramData\{2C39C4FA-7CBB-157C-CD3D-65FE1DBFB670}\1.9.1.1\loma.dll [964608 2015-02-05] ()CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONHKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONHKU\S-1-5-21-4067808144-3543434019-1444379529-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONURLSearchHook: [S-1-5-21-4067808144-3543434019-1444379529-1002] ATTENTION ==> Default URLSearchHook is missing.SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4067808144-3543434019-1444379529-1001 -> URL http://search.conduit.com/SearchScopes: HKU\S-1-5-21-4067808144-3543434019-1444379529-1001 -> SuggestionsURL_JSON http://suggest.SearchScopes: HKU\S-1-5-21-4067808144-3543434019-1444379529-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No FileToolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileCHR DefaultSuggestURL: Profile 3 -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}CHR Extension: (Ask Search) - C:\Users\Deniz-\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aaaaahlfahldnilidgnlikdckbfehhca [2015-02-05]CHR Extension: (Vosteran New Tab) - C:\Users\Deniz-\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2015-02-05]CHR Extension: (Ask Search) - C:\Users\Deniz-\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aaaaahlfahldnilidgnlikdckbfehhca [2015-02-05]CHR Extension: (Vosteran New Tab) - C:\Users\Deniz-\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2015-02-05]S2 SPDRIVER_1493.0.0.0; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1493.0.0.0\jsdrv.sys [X]EmptyTemp:
- Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on icon and select Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.
-
Because the required file has been deleted...
Please proceed with the other steps.
-
Step 1
Please uninstall some programs:
- Windows 8 : Hold down the Windows logo key and press X to open a menu at the lower-left area of the screen.
- Select Programs and Features from the menu.
- Search and select the following programs one by one and click on Uninstall: SafeFinder Smartbar
- Reboot your computer.
Scan with Malwarebytes Anti-Malware
- Please open Malwarebytes Anti-Malware.
- Please update the database by clicking on the "Update Now" button.
- Following the update and click "Settings" [1] and go to "Detection and Protection" [2]
- Make sure "Scan for Rootkits" is checked.
- Click on Dashboard [3], then click on Scan Now [4] to start the scan.
:exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine All" [5]. Then click the button: Apply Actions. [6]
- A window with an option to view the detailed log will appear.
- Click on "View detailed log".
- After viewing the results, please click on the "Copy to Clipboard" button and then OK.
- Return to our forum. Paste your log into your next reply.
Step 3
Please download AdwCleaner (by Xplode) and save it to your Desktop.
- Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select "Run As Administrator"
- Click on the Scan button.
- After the scan has finished, click on the Clean button.
- Press OK when asked to close all programs and follow the onscreen prompts.
- After rebooting, a log file (that is saved in C:\AdwCleaner[s#].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
Start FRST with administator privileges.
- Make sure the following option is checked:
- Press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
Please copy and paste these logs in your next reply.
-
P2P/Piracy Warning:
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
KMSpico v9.1.3 & Microsoft Office Professional Plus 2013 ?
-
Hi &
My name is Jürgen and I will be assisting you with your Malware related problems.
Before we move on, please read the following points carefully.
- My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
- Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
- Perform everything in the correct order. Sometimes one step requires the previous one.
- If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
- Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
- Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
- If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
- Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
- If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
- Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Please run a FRST scan. This will help us diagnose your problem.
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
- Start FRST with administator privileges.
- Make sure the option Addition.txt is checked and press the Scan button.
- When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
- Please copy and paste these logs in your next reply.
Advice sought re removal of malware
in Resolved Malware Removal Logs
Posted
Hi there,
Step 1
Revo Uninstaller Free
note: you may have to expand some folders by clicking the "+" mark
Step 2
Reinstall Google Chrome. Download
Step 3
Please download AdwCleaner (by Xplode) and save it to your Desktop.
Vista/Windows 7/8 users right-click and select "Run As Administrator"
Copy and paste the contents of that logfile in your next reply.
Step 4
Start FRST with administator privileges.
Please copy and paste these logs in your next reply.