Jump to content

slow system and browser hijack help please


Recommended Posts

  • Replies 65
  • Created
  • Last Reply

Top Posters In This Topic

Good, now run AdwCleaner:

 

Please download AdwCleaner from here and save it on your Desktop. 
 

AdwCleaner is a reliable removal tool for Adware, Foistware, toolbars and potentially unwanted programs.

 
AdwCleaner is a tool that deletes :
· Adwares (software ads)
· PUP/LPI (Potentially Undesirable Program)
· Toolbars
· Hijacker (Hijack of the browser's homepage)
 
It works with a Search and Deletion method. It can be easily uninstalled using the "Uninstall" mode.

 

 
  • Right-click on adwcleaner.exe and select Run As Administrator (for XP just double click) to launch the application.
  • Now click on the Search tab.
  • Please post the contents of the log-file created in your next post.
 
Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.
 
Note:
Please look over what was found......especially any folders, we're going to permanently delete it all in the next step....if there's something you may want to keep...please let me know and I'll explain to why it shouldn't be on your system.
If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.
 

Please note that Antivir Webguard uses ASK Toolbar as part of its web security. If you remove ASK by using Adwcleaner, Antivir Webguard will no longer work properly. Therefore, if you use this program please use the instructions below to access the options screen where you should enable /DisableAskDetections before using AdwCleaner.

 
You can click on the question mark (?) in the upper left corner of the program and then click on Options.  You will then be presented with a dialog where you can disable various detections.  These options are described below:
 
/DisableAskDetection - This option disables Ask Toolbar detection.

 

 
MrC
 

 

Link to post
Share on other sites

It's all adware, when you're ready.....

 

Lots of adware found....lets clear it out.....
  1. Please re-run AdwCleaner
Click on Delete button.
Confirm each time with OK if asked.
Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

 
Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.
 
MrC
Link to post
Share on other sites

don't need any of these folders!

 

 

***** [Files / Folders] *****
 
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\gill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnlaniokgfckpjblpafbfchhghecmifi
Folder Found : C:\Users\gill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnlaniokgfckpjblpafbfchhghecmifi
Folder Found : C:\Users\gill\AppData\LocalLow\Conduit
Folder Found : C:\Users\gill\AppData\LocalLow\Delta
Folder Found : C:\Users\gill\AppData\Roaming\DSite
 
 
 
there isn't any mention of files i don't think
Link to post
Share on other sites

Run this cleaner......

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 
MrC
Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to a folder. (32bit version)

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MrC
Link to post
Share on other sites

Not much showing in the log, but do this:

  

For Chrome...........

 

First make sure you have the latest version of Chrome:

Open up Chrome > Click on the 3 bars in the upper right hand corner

Click on About Google Chrome

If there's an update available it will automatically update

 

 

Next:

Go to Tools > Clear Browser Data

Put a check next to all of these:

  • Clear browsing history
  • Clear download history
  • Empty the cache
Click "Clear Browsing Data"

 

-------------------------------

 

Next:

Click the Chrome menu  on the browser toolbar.

Select Settings.

In the "Search" section, click Manage search engines.

Check if (Default) is displayed next to your preferred search engine. If not, mouse over it and click Make default.

Mouse over any other suspicious search engine entries that are not familiar and click X to remove them.

 

-------------------------------------

 

Click the Chrome menu .

Select Settings. 

In the "On startup" section, select Open a specific page or set of pages.

Click Set pages.  (in blue to the right)

Remove any unfamiliar pages.

 

-----------------------

 

Click the Chrome menu .

Select Settings.

In the "Appearance" section, if the "Show Home button" checkbox is selected, see if the page listed below is the home page you’d like to use.

If the page isn't the home page you'd like to use, click Change and select your preferred page.

 

-------------------------

 

 

Carefully check for any odd extensions or plugins: (it's a good idea to disable them all and see if you're still redirected and then add each one back until you find the culprit)

 

Type the following into the address box and hit Enter:

 

chrome:plugins

 

Do the same for:

 

chrome:extensions

 

Let me know.....MrC (be back in the AM)

Link to post
Share on other sites

hi,

 

btw there is a folder here c:\Samsung Casual Games and it has some programs in. they are from oberon media inc

the main folderis called GameConsole and in there there is a fill called FullRemove.exe which is a file you've mentioned

 

FullRemove.exe is not listed in the windows installed programs list (via control panel) 

 

i think this was the source of some of the infection

 

when i tried to uninstall a window opened up saying ghost installer maintenance mode

 

i went ahead and then windows showed a dialogue saying this program may not have uninstalled correctly and gave 2 options

 

(i did this only once because i didn't notice it saying ghost installer maintenance mode)

 

the 2 options were

 

1: try again with standard settings (or something similar to that)

2: this program uninstalled correctly

 

i went for option 1 and windows asked if i wanted to run uninstall.exe at which point i said NO WAY JOSE because .exe files are a big warning sign for me! it wasn't me that infected this computer by the way!!!

 

so i tried to google to see if oberon media stuff was adware/malware and how to remove it but no joy!!

 

have you come across this stuff before and am i right about it?

 

those games and gamepack are still installed!!!

 

thanks

 

 

sorry for the essay!

 

post-76313-0-79842400-1371555046_thumb.p

post-76313-0-05730300-1371555065_thumb.p

Link to post
Share on other sites

hi

 

yes

 

 

did all the chrome stuff

 

removed delta-search and babylon-search from list of search engines and check extension

 

cleared history, cookies, data etc

 

checked extensions and plugins and saw they were ok

 

didn't go through them 1 by 1 as you recommended though - do you think an extension could be infected or a problem ??

Link to post
Share on other sites

it's running very well at the moment, thanks

 

as i slight side note, this pc has got 2 hard drives , both 250gb

c is used for everyhting and d is being used for recovery by samsung and windows 

 

both seem to have images or backups of about 100gb so the disk is nearly full.

do i need both recovery systems?

 

it's not a big problem at the moment because i have space on c but in the future???

 

guess i should worry about that if i get to it!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.