Jump to content

Recommended Posts

I've noticed a slowdown both in the loading of the Chrome browser (in the "Resolving Hosts" phase) and overall computer speed compared to recent use (as well as more resources are being used.) While I do have Malwarebytes Premium, the Pup.Optional.Spigot.A (Chrome Preferences) does seem to keep re-infecting after its daily scan (as noted doing first on this page, and the scans happened one day after all Windows and Security updates were installed through regular update methods, no browser pop-up's or new installation methods.) So, I am now posting this Thread. 

 

 

Let me know if you need anything else (besides the following logs below) listed of course. And by all means, while my computer and the scan only detected what is listed in the logs, feel free to check for anything else hidden and/or stealthily backed up needed to be eradicated. I will not run any temporary File Cleaners or make any other changes (such as add/remove any programs, use any fix tools, edit the Registry, etc...) unless requested to do so. I also will not reboot my system unless requested. Please let me know if it's ever needed or if I should allow any reboot requests made by any requested scan/repair programs. (While I don't plan on shutting down the computer/rebooting unless asked until this  is resolved, if it's not an issue, do let me know as well.)  

 

(A lifetime ago, I did computer tech support, so I know the best thing I can do, is to follow an expert's instructions exactly and let you know of the results, never "jumping ahead and doing what I think should be done, because I know better.")

 

Currently I have MalwareBytes Premium, McAfee Internet Security and Advanced System care 8 Premium Again, all auto care/clean options have been disabled since this last infected detection. Advanced System Care is not running at startup while McAfee and Malwarebytes Premium are. After i upgraded to Malwarebytes premium, I uninstalled Spybot Search and Destroy Free Home edition. It's likely any Hosts changes/detected proxies, etc. were done by this program and (if applicable and not detected as a cause of infection) may be changed/removed as needed. (Of course if you want me to reinstal it, do let me know.) Again, if these detected things are thought to be caused instead by infection, use all means to remove anything related or causing said infection and its "listed symptoms."

That should cover all recent "Security programs" I can recall. 

 

No Peer2Peer File Sharing programs are being used to the best of my knowledge and previous scans. If anything is discovered as Peer to Peer/Torrent, it is not authorized/hidden and I should be notified and help request removing it immediately! (The last time--many years back on another computer--I used said file sharing software programs with a Norton Security Suite, my computer ended up being a zombie and required professional disinfection; Never again will I knowingly use that type of program and will fight against its attempted use. I do use Allowed Ports for Steam [Client only] and not file Torrents, but any and all permitted firewall connections can be removed if applicable.) 

 

[Final stuff: I will not Bump my own thread (Speaking as a Forum Moderator elsewhere using this brand of BBS software, GRRRR! I empathize.) I will not reply to my own thread and respond to any "non-response" via Moderator PM or other contact methods outside this Thread. Due to this being posted Memorial Day--should it be an issue--I'll count non-reply time of 48 hours starting on Tuesday. This Thread is being followed and has email notification as requested.]

 

Okay, I think that covers everything noted on this page

 

Attached (the post is too long otherwise) are the  FRST.txt and Addition.txt txt files.  

 

 

Link to post
Share on other sites

Hello the_truthseeker and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall the following programs:

Firefox Free Download Packages

IObit Apps Toolbar v7.0

IObit Uninstaller

Step 2

Please launch Malwarebytes Anti-Malware, update it and perform a threat scan. Post your log file here.

Step 3

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • FRST log
Link to post
Share on other sites

Hi Borislav! Since you took the time to reply on a holiday I'll stick with you, thank you BTW! (And If it turns out you cannot help after we try everything, I'll then consider going to the help desk at Consumer Support.

I was able to remove the IoBit Uninstaller without issue. 

However, the IoBit Apps toolbar 7.0 could not uninstall due to it not finding its source and the Windows Installer notes this.  As expected since it couldn't find the source, it's still listed in the "installed programs" I don't know if this source was previously deleted from a prior temp file purge before this posting or a anti-malware (possibly Malwarebytes) purge or not. And while I'm sure you know what I mean, just in case,  I've screenshotted the message as the following image (due to it being a beast to type out in its entirety.) Note the source file it requests as missing in the Hexadecimal listed files:

 

18076935366_97dbcee18b_z.jpg

As expected, subsequent attempts list "The Installation Source for this product is not available. verify the source exists and you can access it."  

 

Let me know if you want to walk me through removing its listing if it's not there, or if you wish me to hunt down and remove other "leftover" or "hidden" components first. 

 

Secondly, I also do not have "Firefox Free Download Packages" listed to remove either. (Assuming you're talking about this and not Mozilla's Firefox.)  As per the above notation, it might have been uninstalled earlier or removed from a temp files purge or anti-malware sweep before this posting. Again, let me know if you wish me to start searching for and removing any "leftover" or "hidden"  components, but it's not "simply listed in Add/Remove programs or All Programs." (and as noted, I'm not going to do something on my own not mentioned due to these results without explicit instructions even if I think I know what happened.)  

 

 

Finally, I do not see any fixlist.txt attachment for step 3 in your reply. if it's elsewhere, please link the URL either noting it in the next reply or editing your previous reply to have said link (noting the update in the next post.) And since my system is windows 7, I am using the 64-bit version only, or FRST64.

Let me know if for some reason I need to also have the 32-bit version download as well, but assuming you were listing FRST/FRST64 in case I had one or the other. 

 

Sorry this support didn't start as smoothly as we hoped (but then it wouldn't be so much fun now, would it?  :P )

post-187959-0-17689200-1432602690_thumb.

Link to post
Share on other sites

Oh, and due to the incomplete steps, I did not run the malwarebytes scan of course. (Sorry, I forgot since I'm a new user here I cannot yet edit my posts and add that to the reply. I know a few more replies in and i should get that, or an admin will grant me that likely in the future.)

 

 

 Based on these turnouts, let me know in subsequent replies if/when you'd like that scan.  

Link to post
Share on other sites

 I actually did find the folder for Firefox Free Download Packages under C:\Users\[MAIN USER, it's my name so will refer to it as "MAIN USER" in future posts]\AppData\Roaming\1O1L1I1PtF1F1C1N\Firefox Free Download Packages, but the folder is empty and therefore I cannot "uninstall" anything. (I'm not removing it without a go ahead either.) This folder appears only on that user account after checking and finding it still existed.

 

I realized you might see the folder listing in the log files but not know it was empty (likely from my previously mentioned suggestions.) 

 

Sorry last post like this and I'll wait for you to reply, I promise.

Link to post
Share on other sites
  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.