Jump to content

captainiceberg

Members
 View Profile  See their activity

  • Posts

    8

  • Joined

  • Last visited

 Content Type 

Posts posted by captainiceberg

    Cannot remove PUP.Optional.CrossRider - HELP PLEASE

    in Resolved Malware Removal Logs

    Posted

    Hi, resetc router as described, but problem still occurred. 

    However I think I've now cracked it! The network connection was OK for Skype and Dropbox, but not for any of the Web browsers. I changed the DNS settings of the network connection to OpenDNS using the guide here http://www.howtogeek.com/164981/how-to-switch-to-opendns-or-google-dns-to-speed-up-web-browsing/

    That appears to have resolved the slow browsing issue on all of the browsers. Had 24hrs operation and all good so far!

    Thank you for all your help!!!  

    Is there any outstanding bits we need to wrap up?

    Cannot remove PUP.Optional.CrossRider - HELP PLEASE

    in Resolved Malware Removal Logs

    Posted

    Hi, I think we're getting there. MBAM scan no longer shows the CrossRider files so they appear to have been purged from the system (yay). 

    Chrome still seems to be buggy - will run ok the first time its loaded in a session, but after a few minutes it is very slow and often still fails to load pages. Any suggestions?

    Also, part way through the debugging process, MBAM decided it needed to update. Now it sometimes comes up saying that it is unable to load the Rootkit element, and this may be caused by Malware activity. Should I worry about this?

    Thanks

    Cannot remove PUP.Optional.CrossRider - HELP PLEASE

    in Resolved Malware Removal Logs

    Posted

    Hi,

    Ok, next reports:

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.9 (09.30.2016)
    Operating System: Windows 10 Pro x64 
    Ran by Administrator (Administrator) on Fri 10/07/2016 at 23:34:49.91
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    File System: 0 


    Registry: 0 

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 10/07/2016 at 23:42:25.14
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     

     

     

    # AdwCleaner v6.021 - Logfile created 07/10/2016 at 23:57:48

    # Updated on 06/10/2016 by ToolsLib

    # Database : 2016-10-07.1 [Local]

    # Operating System : Windows 10 Pro  (X64)

    # Username : Administrator - DAVID-THINK

    # Running from : C:\Security and virus tools\AdwCleaner.exe

    # Mode: Clean

    # Support : https://toolslib.net/forum

     

     

     

    ***** [ Services ] *****

     

    [-] Service deleted: Update service

     

     

    ***** [ Folders ] *****

     

     

     

    ***** [ Files ] *****

     

     

     

    ***** [ DLL ] *****

     

     

     

    ***** [ WMI ] *****

     

     

     

    ***** [ Shortcuts ] *****

     

     

     

    ***** [ Scheduled Tasks ] *****

     

     

     

    ***** [ Registry ] *****

     

     

     

    ***** [ Web browsers ] *****

     

    [-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com

    [-] [C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: samsung-kies.en.softonic.com

    [-] [C:\Users\KateM\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com

    [-] [C:\Users\KateM\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com

     

     

    *************************

     

    :: "Tracing" keys deleted

    :: Winsock settings cleared

     

    *************************

     

    C:\AdwCleaner\AdwCleaner[C0].txt - [3951 Bytes] - [03/10/2016 23:02:11]

    C:\AdwCleaner\AdwCleaner[C2].txt - [1326 Bytes] - [07/10/2016 23:57:48]

    C:\AdwCleaner\AdwCleaner[S0].txt - [3650 Bytes] - [03/10/2016 22:59:47]

    C:\AdwCleaner\AdwCleaner[S1].txt - [1670 Bytes] - [07/10/2016 23:54:36]

     

    ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1545 Bytes] ##########

     

    Sophos removal tool – no threats found

    Addition.txt

    Cannot remove PUP.Optional.CrossRider - HELP PLEASE

    in Resolved Malware Removal Logs

    Posted

    Hello @AdvancedSetup, Thanks for helping me out with this.

    I've followed your instructions as above. I had to then restart the machine after the scan as the web browsers would not run again. The MBAN log is below:

    Malwarebytes Anti-Malware

    www.malwarebytes.org

     

    Scan Date: 10/7/2016

    Scan Time: 8:53 PM

    Logfile:

    Administrator: Yes

     

    Version: 2.2.0.1024

    Malware Database: v2016.10.07.05

    Rootkit Database: v2016.09.26.02

    License: Premium

    Malware Protection: Enabled

    Malicious Website Protection: Enabled

    Self-protection: Disabled

     

    OS: Windows 10

    CPU: x64

    File System: NTFS

    User: Administrator

     

    Scan Type: Threat Scan

    Result: Completed

    Objects Scanned: 580461

    Time Elapsed: 18 min, 50 sec

     

    Memory: Enabled

    Startup: Enabled

    Filesystem: Enabled

    Archives: Enabled

    Rootkits: Enabled

    Heuristics: Enabled

    PUP: Enabled

    PUM: Enabled

     

    Processes: 0

    (No malicious items detected)

     

    Modules: 0

    (No malicious items detected)

     

    Registry Keys: 2

    PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{22222222-2222-2222-2222-220222182204}, Quarantined, [b3ae5a3ce2b876c0c9c8fbf0887ceb15],

    PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220222182204}, Quarantined, [b3ae5a3ce2b876c0c9c8fbf0887ceb15],

     

    Registry Values: 2

    PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{22222222-2222-2222-2222-220222182204}, CrossriderApp0021804.Sandbox, Quarantined, [b3ae5a3ce2b876c0c9c8fbf0887ceb15]

    PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220222182204}, CrossriderApp0021804.Sandbox, Quarantined, [58096333ddbd46f0058ca942ba4a827e]

     

    Registry Data: 0

    (No malicious items detected)

     

    Folders: 0

    (No malicious items detected)

     

    Files: 0

    (No malicious items detected)

     

    Physical Sectors: 0

    (No malicious items detected)

     

     

    (end)

    Cannot remove PUP.Optional.CrossRider - HELP PLEASE

    in Resolved Malware Removal Logs

    Posted

    Hello,

    I am having a problem removing malware from my computer. It is causing the web browsing to operate very slowly / not at all. I have run MBAM and it identifies four PUP.Optional.CrossRider files (Two registry keys and two registry values).

    I have repeatedly tried quarantining the files and deleting them, but they reappear each time I restart the machine. 

    I have also tried using ADW Cleaner, JRT and MBAR to isolate the files, but they are unable to locate them.

    Does anyone have any suggestions as to how I can purge these files for good?

    Thanks.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.