Jump to content

Malware Infected Computer/Browser


Recommended Posts

Hello,

 

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

Link to post
Share on other sites

Here is the log, when I opened the browser it's still going to the iLivid site too.  Please review and let me know what to do next.

 

Thanks

# AdwCleaner v6.020 - Logfile created 25/09/2016 at 13:05:18
# Updated on 14/09/2016 by ToolsLib
# Database : 2016-09-25.1 [Server]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Mike Pack - MIKEPACK-PC
# Running from : C:\Users\Mike Pack\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\Mike Pack\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Files ] *****

[-] File deleted: C:\appverifier.txt
[-] File deleted: C:\Users\Mike Pack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
[-] File deleted: C:\Users\Mike Pack\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage-journal


***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PCValidator
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\PCValidator
[-] Key deleted: HKLM\SOFTWARE\SecureWeb
[-] Key deleted: [x64] HKLM\SOFTWARE\PCValidatorService
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] 
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd


***** [ Web browsers ] *****

[-] [C:\Users\Mike Pack\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1951 Bytes] - [25/09/2016 13:05:18]
C:\AdwCleaner\AdwCleaner[S0].txt - [2248 Bytes] - [25/09/2016 13:03:55]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2097 Bytes] ##########
 

Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked. option is checked.

    2873ryc.png

  • Press Scan button and wait.

  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.


Please attach report into your next reply.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.