Fran53 Posted March 15, 2017 ID:1108768 Share Posted March 15, 2017 I am having a similar problem that Xiaojens is having. I opened firefox and on the homepage using google as my search engine I put in the word "mongol" because I am interested in the history of the mongols and when they attacked China. Anyway Malwarebytes threw up a block page and would not allow me to search for mongol. The little box titled "Malwarebytes Anti-Malware" indicates that it is successfully blocking www.trovi.com but unfortunately every time I open a new tab unless I have a specific webpage such as yahoo.mail it throws up that message. Xiaojens ran the Farbar Recovery Scan Tool and included the files in his next message so I have run the Farbar Recovery Scan tool as well and included the files generated by the scan and included a screen print of the little box that floats up on the right side of the screen. How can I fix this? Thanks ahead of time Addition.txt FRST.txt Malbytes message about blocking malicious website.docx Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 15, 2017 Root Admin ID:1108891 Share Posted March 15, 2017 Hello @Fran53 and Let's run some scans and cleaning and then we'll look at resetting the browser. Please restart the computer first and then run the following steps and post back the logs when ready.STEP 01 Please download Junkware Removal Tool to your desktop. Shutdown your antivirus to avoid any conflicts. Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP. The tool will open and start scanning your system. Please be patient as this can take a while to complete. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next reply message When completed make sure to re-enable your antivirus STEP 02 Fix with AdwCleaner Please download AdwCleaner by Xplode and save the file to your Desktop. Right-click on icon and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan. When finished, please click Clean. Your PC should reboot now. After reboot, logfile will be opened. Copy its content into your next reply. Note: Reports will be saved in your system partition, usually at C:\Adwcleaner STEP 03 Download Sophos Free Virus Removal Tool and save it to your desktop. Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View Log file (bottom left-hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found, please confirm that result. STEP 04 Please download the Farbar Recovery Scan Tool and save it to your desktop.Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here. Please attach the Additions.txt log to your reply as well. Thanks Link to post Share on other sites More sharing options...
Fran53 Posted March 17, 2017 Author ID:1109339 Share Posted March 17, 2017 I performed each step you asked me to do. I need to tell you that I am using Windows 10 just so you know. I believe that I have included all files. Sophos indicated that there were no threats so I just took a screen print of the GUI AdwCleaner[C2].txt Addition.txt FRST.txt Sophos result.docx JRT.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 18, 2017 Root Admin ID:1109499 Share Posted March 18, 2017 Let me have you run the following please. Please download the attached fixlist.txt file and save it to the Desktop.NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Thanks Link to post Share on other sites More sharing options...
Fran53 Posted March 19, 2017 Author ID:1109848 Share Posted March 19, 2017 OK, I ran Farbar Recovery Scan Tool, both files were in my downloads file so I clicked on the executable for the FRST64 and then clicked the scan button, the tool ran then my PC wanted to restart and I let it restart and then because I have Windows 10 it stopped at my login for Windows 10, so I logged into Windows 10 and waited for the tool to complete its run after the restart and after I logged in and the tool did nothing but I checked the downloads folder later and it did create the fixlog.txt. I have included fixlog.txt in this reply Fixlog.txt Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 21, 2017 Root Admin ID:1110220 Share Posted March 21, 2017 How is the computer running now? Are there still any signs of an infection? Link to post Share on other sites More sharing options...
Recommended Posts