Jump to content

Recommended Posts

  • Root Admin

Don't see an obvious reason why you're seeing that. Let me have you run a Threat Scan with Malwarebytes please and the post back that log.

Also, you posted an mbam-check 2.x log. Can you please run the 3.x log.

 

Please create an mbam-check log:

  • Download mbam-check.exe from here and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead, please attach the log CheckResults.txt file which should now be located on your desktop to your next post.
  • Click on the Drag files here to attach, or choose files... below, to Attach the logs to your post

These logs will help us to see what's going on with your computer so that we can then offer further advice based on what's found in your logs.

Link to post
Share on other sites

  • Root Admin

Sorry about that @Adrian123 - that's okay though, we'll get you upgraded when we're done here. We'll go ahead and scan for this and remove. It's more than likely just a bad advertisement from one or more website you visit that was recently added to our list of potential threats, so is now showing up for you..

 

Please restart the computer first and then run the following steps and post back the logs when ready.

STEP 01
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 02

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now.
  • After reboot, logfile will be opened. Copy its content into your next reply.

Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

STEP 03
Download Sophos Free Virus Removal Tool and save it to your desktop.
 

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View Log file (bottom left-hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found, please confirm that result.

STEP 04
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Link to post
Share on other sites

JRT.txt

Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Professional x64
Ran by Daddy (Administrator) on Tue 02/07/2017 at 20:16:09.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


File System: 72

Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\054WJLVN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2B5EWXMU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6S4HYCK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XXP997F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OTBRAEG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0A0W2S9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJMBVY4E (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AYZVVUJ2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BFV13SDN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2A7EPEO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRRZZL3W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOD0UOON (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EPD9PO8W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FC7OBMQ6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GCVH7YZW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4I6OQQ2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I9VPUAXI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKKXPYH7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IU9RT4XS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8SC52L (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K4BBIOYM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K8ZPS2QH (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KD2B8WTG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSJ6PZKL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7027CB0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MH2NZCK0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N81GBAG1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOZFM2Y6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X24JUZB2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2NUKPIU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYVUX0TX (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Daddy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAO4407N (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\054WJLVN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2B5EWXMU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6S4HYCK9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7XXP997F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OTBRAEG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A0A0W2S9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AJMBVY4E (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AYZVVUJ2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BFV13SDN (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C2A7EPEO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DRRZZL3W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EOD0UOON (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EPD9PO8W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FC7OBMQ6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GCVH7YZW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4I6OQQ2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I9VPUAXI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IKKXPYH7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IU9RT4XS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JB8SC52L (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K4BBIOYM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K8ZPS2QH (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KD2B8WTG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LSJ6PZKL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M7027CB0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MH2NZCK0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\N81GBAG1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NOZFM2Y6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X24JUZB2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y2NUKPIU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YYVUX0TX (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAO4407N (Temporary Internet Files Folder)

 

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} (Registry Key)

 


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/07/2017 at 20:19:52.43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Adwcleaner log

AdwCleaner v6.043 - Logfile created 07/02/2017 at 20:24:23
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-03.2 [Server]
# Operating System : Windows 7 Professional Service Pack 1 (X64)
# Username : Daddy - HPLAPTOP
# Running from : C:\Users\Daddy\Desktop\AdwCleaner.exe
# Mode: Clean


***** [ Services ] *****

 

***** [ Folders ] *****

 

***** [ Files ] *****

 

***** [ DLL ] *****

 

***** [ WMI ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled Tasks ] *****

 

***** [ Registry ] *****

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dotomi.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com


***** [ Web browsers ] *****

[-] [C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1635 Bytes] - [07/02/2017 20:24:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [1873 Bytes] - [07/02/2017 20:23:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1781 Bytes] ##########

 

Sophos found no threats

 

 

 

FRST.txt

Link to post
Share on other sites

  • Root Admin

Please follow this procedure and it will get you on the latest version. Make sure you disable Self Protection and reboot first if it's enabled.


Please uninstall your current version of MBAM and reinstall the latest version using the following guide. MBAM Clean Removal Process 2x


If you have any issues updating let me know please.

Thanks again

Ron

 

Link to post
Share on other sites

  • 2 months later...
  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.