Jump to content

[SOLVED] Unwanted software causing FPs with IE 11, Word, and Powerpoint


Recommended Posts

Like many others it seems, I have installed the MBAE premium yesterday and now everything is blocked necessitating deactivation to use anything...

 

MBAE Version: 1.05.1.1016

 

Running Windows 7

 

IE11 version info:

Version 11.0.9600.17501

Update versions 11.0.15 (KB3008923)

 

Word 2007

Powerpoint 2007

 

I do have McAffee running as well:

 

Security Center - version 12.8, build 12.8.992 last updated 12/22/2014

Antivirus/Anti spyware - version 16.8, build 16.8.821 last updated 1/30/2015

Firewall - version 13.8, build 13.8.724 last updated 12/22/2014

Site Advisor - Version 3.7, build 3.7.1.156 last updated on 1/16/2015

Anti-spam - version 13.8, build 13.8.716 last updated on 12/22/2014

Parental Controls - version 14.8 build 14.8.702 last updated on 12/22/2014

Quick Clean/Shredder - version 12.8 build 12.8.710 last updated on 12/22/2014

Vulnerability Scanner - version 2.8 build 2.8.716 last updated on 12/22/2014

 

I would give you the log files but I can't find the C:\ProgramData\Malwarebytes Anti-Exploit directory anywhere on my C drive.  Any help in how to find the directory would be great.  I have seen from other posts that others have had trouble finding it as well but I don't see how they ended up finding it...

 

Please help as I am now very annoyed...

 

 

Link to post
Share on other sites

I have read this multiple times.  Attached is my root directory.  I don't see:

 

Vista and above: C:\ProgramData\Malwarebytes Anti-Exploit

 

Do you?  I need help...

 

I am using the most recent version.  Until I can find the right directory, I can't follow the rest of your directions. \

 

What am I missing?

Link to post
Share on other sites

  • Staff

There's another way to grab the files. Download and uncompress the attached ZIP file into a new directory, for ex: C:\TempMBAE. Then run the file GRAB-MBAE.BAT. This script will ZIP all your MBAE files and create a COLLECT-MBAE.ZIP file on your Desktop. Then upload this ZIP file to your next post in this thread.

 

 

grab-mbae.zip

Link to post
Share on other sites

  • Staff

Thanks for the logs. Could you please open Word and go to Options? Then under "Add-Ins" take a screenshot. Then click on COM Add-ins and take another screenshot. Got back and instead of COM Add-Ins choose Word Add-Ins and take another screenshot. Post them all here.

 

Attaching some sample screenshots.

 

 

post-141843-0-97048000-1422995467_thumb.

post-141843-0-38636400-1422995473_thumb.

post-141843-0-92438300-1422995476_thumb.

Link to post
Share on other sites

  • Staff

Thanks for all the logs and information Jonny!

 

I don't see anything that stands out as obvious. But I do see quite some potentially unwanted applications installed and a lot of other applications which could potentially have some type of system-wide funky hooking method.

 

Therefore I recommend the following:

 

1- If you're not using them, uninstall all PUPs that are marked in the FRST log as "ATTENTION"

Notation Musician 2.6.2 (Trial Version) (HKLM-x32\...\{0CD8A170-E470-11DB-3D6C-00D529464AE1}) (Version: 2.6.2 - Notation Software, Inc.)

PassShow (HKLM-x32\...\c20771cf-b330-43f0-bd27-e728ae7fe413) (Version:  - PassShow Software)

Search-Results Toolbar (HKLM-x32\...\ilividtoolbarguid) (Version: 1.0.0.12 - APN LLC)

Yontoo 1.10.03 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC)

 

2- Run a scan with MBAM and AdwCleaner and disinfect or quarantine anything it finds

 

3- Re-download and re-install MBAE.

 

Please post back your findings.

Link to post
Share on other sites

No.  Didn't see that post after your first one.  I delete Yontoo and Notation Musician.  The other two listed my computer said they were already uninstalled....???  Also ran the MBAM which quarantined 4 things.  So something of the before mentioned worked...

Link to post
Share on other sites

  • Staff

Some crapware toolbars are starting to perform system-wide hooking to make sure they can hijack your browser, search engine and other components to show you ads, redirect you and overall make your life miserable.

 

Since you mention MBAM quarantined 4 things and you uninstalled those pieces of unwanted software, that probably took care of it.

 

Thanks for confirming!!

 

I will now close this thread as solved.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.