Jump to content

lavenders2

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

350 profile views
  1. Thank you very much for your help! I ran the Delfix tool like mentioned but it actually deleted the fixlog file (it was mentioned in the delfix log, but that too seems to be gone), so I can't really post it here. However I checked and it did something with the file mentioned in the fixlist. The reason for the internet issue had nothing to do with the virus or MBAM or anything, I went to check my router and the whole router had failed (it is a known issue, especially with Australian internet) so everything in the house disconnected from the internet. It was just a simple matter of waiting for it to turn back on.
  2. Hey, thanks for all the help so far! I found out the cause of the failing internet, and it had nothing to do with the viruses or steps taken to remove them. I don't have any remaining issues or concerns. Here are the logs Addition.txt FRST.txt
  3. So firstly, that IP is my router so thats ok. After running adwcleaner and a reboot, my internet actually disconnected and I had to use windows troubleshoot to fix it, was that something that one of these steps did? (just so I know if this is the problem or not) Secondly, the requested logs are attatched or pasted at the end of this reply. Lastly, I am unable to install the Sophos Free Virus Removal Tool because it "could not access network location data". # AdwCleaner v3.311 - Report created 16/08/2016 at 21:01:19 # Updated 30/09/2014 by Xplode # Operating System : Windows 10 Pro (64 bits) # Username : Ray - RAY-DESKTOP # Running from : C:\Users\Ray\Downloads\adwcleaner_3.311.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\END ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\S ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.10240.17071 -\\ Mozilla Firefox v44.0 (x86 en-US) Zemana AntiMalware 2.21.2.465 (Installed) ------------------------------------------------------- Scan Result : Completed Scan Date : 2016/8/16 Operating System : Windows 10 64-bit Processor : 8X Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz BIOS Mode : Legacy CUID : 121E662747C1C976BEADE8 Scan Type : Scheduled Scan Duration : 1m 20s Scanned Objects : 47207 Detected Objects : 7 Excluded Objects : 0 Read Level : Normal Auto Upload : Enabled Detect All Extensions : Disabled Scan Documents : Disabled Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- Internet Explorer Shortcut Status : Scanned Object : "http://safesurfs.net/?ssid=1471316889&a=1063035&src=sh&uuid=0e7458d4-8efb-44e5-b666-4b14fcfc8850" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Shortcut Internet Explorer Shortcut Status : Scanned Object : "http://safesurfs.net/?ssid=1471316889&a=1063035&src=sh&uuid=0e7458d4-8efb-44e5-b666-4b14fcfc8850" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Internet Explorer Shortcut Firefox Shortcut Status : Scanned Object : "http://safesurfs.net/?ssid=1471316889&a=1063035&src=sh&uuid=0e7458d4-8efb-44e5-b666-4b14fcfc8850" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Shortcut Firefox Shortcut Status : Scanned Object : "http://safesurfs.net/?ssid=1471316889&a=1063035&src=sh&uuid=0e7458d4-8efb-44e5-b666-4b14fcfc8850" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Firefox Shortcut Chrome Shortcut Status : Scanned Object : "http://safesurfs.net/?ssid=1471316889&a=1063035&src=sh&uuid=0e7458d4-8efb-44e5-b666-4b14fcfc8850" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Chrome Shortcut Chrome Shortcut Status : Scanned Object : "http://safesurfs.net/?ssid=1471316889&a=1063035&src=sh&uuid=0e7458d4-8efb-44e5-b666-4b14fcfc8850" MD5 : - Publisher : - Size : - Version : - Detection : Suspicious Browser Setting Cleaning Action : Repair Related Objects : Browser Setting - Chrome Shortcut supercratebox.exe Status : Scanned Object : %userprofile%\downloads\supercratebox\supercratebox.exe MD5 : 0FB1EC172231AC0D8B5CFA1744582535 Publisher : - Size : 1967616 Version : 1.0.0.0 Detection : Malware:Win32/Kloom.A!Late Cleaning Action : Quarantine Related Objects : File - %userprofile%\downloads\supercratebox\supercratebox.exe Cleaning Result ------------------------------------------------------- Cleaned : 7 Reported as safe : 0 Failed : 0 [ File : C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\dt3r54dq.default\prefs.js ] Line Deleted : user_pref("browser.startup.homepage", "hxxps://www.malwarebytes.org/restorebrowser//?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=M2B85EBE7-5023-4F40-A1FC-21BF091127E7&SearchSource=55&CUI=&UM=8&UP=S[...] -\\ Google Chrome v52.0.2743.116 [ File : C:\Users\Ray\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=M2B85EBE7-5023-4F40-A1FC-21BF091127E7&SearchSource=58&CUI=&UM=8&UP=SPE752364F-7520-4276-B39F-E73553534B51&D=081516&q={searchTerms}&SSPV= ************************* AdwCleaner[R0].txt - [2294 octets] - [04/09/2014 14:41:29] AdwCleaner[R1].txt - [923 octets] - [07/11/2014 01:22:04] AdwCleaner[R2].txt - [1438 octets] - [16/08/2016 21:00:40] AdwCleaner[S0].txt - [2228 octets] - [04/09/2014 14:42:27] AdwCleaner[S1].txt - [1223 octets] - [07/11/2014 01:22:58] AdwCleaner[S2].txt - [1612 octets] - [16/08/2016 21:01:19] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1672 octets] ########## Fixlog.txt
  4. Hey It says to download the attatched fixlist text file, but it doesn't appear to be anywhere in your reply. I haven't done the rest of the instructions yet.
  5. Followed all the instructions, Rkill picked up something in the dll files and MBAM picked it up this time, below are all the requested files, scan 7 is the MBAM scan. Thanks again for the help so far! Addition.txt FRST.txt Scan 7.txt Rkill.txt
  6. I recently managed to get a pretty bad virus, but was able to run the Malwarebytes software almost immediately and purge the majority of it from my computer. At this time, no symptoms are appearing, but Malwarebytes is still picking up a hijack in system32, that keeps coming back even after being removed by the software. I am currently using the program to scan again on different drives to be sure they are not infected as well. The original symptoms before the first run of Malwarebytes was mass installation and running of various programs/malware, whose symptoms were gone after the first scan and removal. A second scan removed anything that was regenerated. All scans beyond the third only showed the hijack.host, whose number decreased after every run but has remained persistent. Google chrome settings were also changed from their defaults, I have reset them to their defaults, and scanned with Malwarebytes again afterwards, but the hijack remains on the system. All relevant scans are attached below. The addition file was generated a long time ago due to me coming to this forum before for help on another virus. Thanks in advance for the help! FRST.txt Addition.txt Scan 1.txt Scan 2.txt Scan 3.txt Scan 4.txt Scan 5.txt Scan 6.txt
  7. Thank you so much for the help! Here is the zoek results:zoek-results.txt After the reboot requested by zoek, symptoms have disappeared. Is that all that needs to be done? Would it be wise to rescan with MWB to make sure nothing comes up?
  8. There seems to be some sort of adware on my computer that creates popups after clicking on certain hyperlinks and highlighting one of these links shows "ad by saiveR box" It claims that you can remove this program for 24 hours by clicking on a link, which I stupidly clicked on and it actually works, but then of course after a restart of the computer the issue returns. An initial scan by Microsoft security essentials picked nothing up, and MWB picked up a fair few threats, and promptly removed them and asked for a restart, however doing so did not remove the problem. I did another scan to attempt to find a pattern and found that a file with the name "superfish" was being picked up again, along with "calcit". I have attached both scans in this topic.MWB scan 1.txtMWB scan 2.txt I also used a program called Adwcleaner, and it too picked up the above files that were being picked up multiple times by MWB, but it was also unable to solve the problem. I have also attached the FRST and addition files as requested. FRST.txtAddition.txt Any help would be appreciated and I pray this stupid adware will be removed once and for all.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.