Jump to content


  • Posts

  • Joined

  • Last visited


0 Neutral
  1. No Problems since deleting rogue add-on and installing all recommended software. I'm hoping new software will catch anything else... If not I A M ready (post link here from pm if appropriate) Cheers, David
  2. Yes Sir, Thank you for jumping back in with me. As I said in my pm: Everything looked good and I had failed to check in with the forum as I thought we were finished. I went back to mozilla.org, this time making certain that all urls were correct at each page, and downloaded and installed Firefox again. It seemed to work just fine while setting it up however, the first time I re-opened FF I was faced with a barrage of adverts all over the page, They were popping up and closing quickly and included video ads for auto's etc. I closed the browser, and did what any normal person would do: slapped the monitor so hard my hand was tingling for hours, threw my hat in the general direction of the cat (didn't want to hit him) used approximately 953 expletives in 2.6 seconds, started to kick my computer - but couldn't because I'm a quadriplegic without the use of my legs so I called for my wife to kick the computer for me... which she refused to do. Then we went to her machine and found something that said check your add-ons. So I did and I found an "add-on" in FF called "Hold Page". I disabled it and removed it from FF and haven't seemed to have a problem since, I also checked ie but it was clean. I'm wondering if I have something lurking about waiting to hook into another install? Also, as soon as I deleted "Hold Page" I came back to the thread and discovered the last post, of which I have now followed completely. Once again, thanks for your quick response, I greatly appreciate it. David
  3. Everything seems fine and no software is reporting to find anything. Thank you very much. I will now go download the real Firefox -- right after I turn my VPN on for this system so I can donate a case of beer to you. If a friend came over and helped me clean this mess up, buying him or her a case is the least I would do. Cheers!
  4. AdwCleanerR0.txtAdwCleanerS0.txtFixlog.txt Please find attached the files you requested from both FRST and AdwCleaner. Thank you very much.
  5. OOPS, accidentally hit post before I was finished. TO CONTINUE WITH THE ABOVE POST: This person, LIKE SO MANY OTHERS, did not check his bank statement closely until a charge of $200+ was made to the card from a foreign country and his bank thought it was suspicious so they canceled that card and called him. LESSON: His card had been being used for 7 months with a total of $1400+ stolen! COULD YOU AFFORD TO GIVE THAT TYPE OF MONEY TO A STRANGER? I know all of this info is posted and this type of warning is all over the internet but some people just don't get it or really just don't think it could happen to them. THIS IS FOR YOU! DON'T BE THE ### N E X T ### VICTIM! Though I didn't get taken in by the bigger fraud "I did get fooled into downloading this piece of ThiefWare, And I NEVER THOUGHT IT COULD HAPPEN TO ME".
  6. Hi, I'm not sure if this will affect the setup of the fix tools so before I run them I wanted to check in with you. Also, I wanted to present the info as a warning in case a new user was reading this post. When I was going to check in with the board, since my last post, I opened Firefox (by habit), this was the last program that I installed before the infection. It continually redirected me to a donation page so I immediately UNINSTALLED FIREFOX. This is the only change I have made and I apologize if it complicates anything. Should I go ahead and run with the fix tools as posted or does a change need to be made? For others that may be reading this thread: I thought I was downloading from the official Mozilla site but apparently I got fooled! I am not a newbie nor have I ever been infected with anything in the past. SO EVERYONE NEEDS TO BE VIGILANT WHEN DOWNLOADING NEW SOFTWARE. MAKE CERTAIN THAT THE URL IS CORRECT! So, after opening Firefox I was presented with what appeared to be a normal FF page, asking for a donation. It looked very convincing with all the things one would expect to see on a page from them with a box which had a polite request for a donation. It included buttons for different amounts to donate such as $10, $20, and $25. I am not giving any sensitive data on this machine until I KNOW it is clean so I simply hit the Home button. This did not take me home, rather it simply reposted the donation page in a different color. Just as a test I tried hitting the Home as well as other links on my bookmark toolbar and all continued to just post the same page in a different color. THIS IS A SCHEME TO GET CREDIT CARD INFORMATION. You may not even realize for quite a while that you are being ripped off! Something like this happened to a close relative of mine. THE THIEVES SIMPLY MADE SMALL WITHDRAWALS ($20 - $30)
  7. FRST.txtAddition.txt Sorry for the delay, I am a quadriplegic and had some difficulties that kept me from my computer. Thank you for not closing the case. Attached are the two files you requested.
  8. Hello, I apologize for the length of the post but I thought to much info was probably better than to little. What Happened: Recently I downloaded Mozilla firefox and ended up with both vosteran and Optimizer Pro being installed at the same time. This was on a system running windows 7 home pro from a striped 500gb ssd C: drive with an internal second 1Tb drive, and two usb WD My Book external drives . At the time I also had two usb sticks with various Flight Sim (FSX) scenery packages with installers plugged in. What I did: I had MSE running but It did not catch anything even with a full scan after I realized what had happened. I immediately updated and ran Malwarebytes free which detected about 970 vosteran files, folders and registry entries plus the Optimizer Pro files! I selected to quarantine all the files, then deleted the quarantine. At this point mbam requested a reboot which I selected. The system seemed to hang on the "shutting down" screen for a few minutes then blue screened and finally gave me the "Windows did not shut down properly..." message. I chose to restart normally and the system came up seemingly fine. Then I noticed I had no internet connection. When I attempted to reconnect I got a strange message box stating it needed my network security code. I certainly was not about to do that, so I closed it and looked around some. I noticed that all the vosteran stuff seemed to be removed but Optimizer Pro was still there. I googled it and, using a suggestion from various forums, I simply uninstalled it. Results: A reboot worked fine, both vosteran & OP seem to be gone, my network connection automatically re-established and is working. Questions: Even though I thought I had gotten the firefox download from the official Mozilla.org site did I get "redirected" at some point in the download process? I did have to go through several pages to identify what package to download (i.e. 32 bit or 64 bit & win version). Is mbam alone, capable of completely removing vosteran as it appears to have done? Should I uninstall firefox before using it, then go back to the mozilla site and, carefully, download and install firefox again? I greatly appreciate your help and advice!
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.