Jump to content
Lloydel

AdwCleaner 7 and Malwarebytes 3.3.1 NOT finding the RocketTab virus

Recommended Posts

I  have this same problem starting thhis morning.
Using Firefox on Windows 10, my Google and Bing search pages are taken over by a semi-look-alike RocketTab page.

I am Malwarebytes Premium with all protections turned on.  A full scan did not identify RocketTab.

Looking for advice.


 

Share this post


Link to post
Share on other sites

Thanks for those logs, continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Please download Zemana AntiMalware and save it to your Desktop.
 
  • Install the program and once the installation is complete it will start automatically.
  • Without changing any options, press Scan to begin.
  • After the short scan is finished, if threats are detected press Next to remove them.
    Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please re-boot your computer manually.
     
  • Open Zemana AntiMalware again.
  • Click on user posted image icon and double click the latest report.
  • Now click File > Save As and choose your Desktop before pressing Save.
  • Attach saved report in your next message.


Let me see those logs, also tell me if there are any remaining issues or concerns...

Thank you,

Kevin...

fixlist.txt

Share this post


Link to post
Share on other sites

Ok, lets go for a clean install of Firefox:

Use the following link for instructions how to back up your bookmarks, same link can be used to import saved Bookmarks:

https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer

Next,

Remove all synced data from Firefox to stop possible re-infection or exploitation.

https://support.mozilla.org/en-US/questions/1037353

Next,

Go here: http://www.mozilla.org/en-US/ download save the latest version of Firefox.. We will install this later...

Next,

Lets totally remove Firefox and start over.

Go here: https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer and follow those instructions...

Ensure when the uninstall completes to navigate to and delete the firefox installation folder (if present):

(32-bit Windows) C:\Program Files\Mozilla Firefox
(64-bit Windows) C:\Program Files (x86)\Mozilla Firefox

It is essential the installation folder is removed. Re-boot your system when that is completed....

Next,

To remove all remaining data and profile information...

Press "Windows key + R" to open the Run box
In the Run box, type in or copy and paste %APPDATA%
Click OK. A Windows Explorer window will appear.
In this window, choose/open in succession Mozilla > Firefox > Profiles.
Select Delete on each entry in reverse, eg Profiles > Delete. Firefox > Delete. Mozilla > Delete.

Re-boot your system when complete!

Next,

Use the Mozilla Firefox installer to reinstall your Browser....

When Firefox is installed and open select these keys together :- Ctrl - Shift - A that will access Addons manger, this gives access to find addons/extensions, use, start, stop or disable those features etc....

uBlock-Origin can be installed from here: https://addons.mozilla.org/en-GB/firefox/addon/ublock-origin/ <<--- Recommended.
 
Does that help..?

Share this post


Link to post
Share on other sites

Ok.  Looks like it will take a while., I'll check in tomorrow.

Nice to know I can save my Bookmarks.

Share this post


Link to post
Share on other sites

Yes that worked, Kevin.  Thank you
Did take a while to reinstall and then to set Firefox the way I like it.

Will make a donation.

Share this post


Link to post
Share on other sites

Yo`re very welcome Lloydel, it was a pleasure to work with you. We still need to clean up:

Uninstall Zemana http://www.askvg.com/how-to-completely-uninstall-remove-a-software-program-in-windows-without-using-3rd-party-software/

Next,

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools <----- this will remove tools we may have used.
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image

Share this post


Link to post
Share on other sites

Ok.  Thanks.
I am curious why it is important to remove the zemana, and to do it so carefully.

 

Share this post


Link to post
Share on other sites

There is no real reason to remove it, If you prefer to keep it please feel free to do so. I`ve got the free version and use it as and when required, i`ve also got the portable version on a USB stick along with other stuff I carry for call outs...

Access to the portable version is under the main Download tab here: https://www.zemana.com/Download

Share this post


Link to post
Share on other sites

Might you have a clue about this, Kevin?

After re-installing Firefox the formating button / bar in Gmail shows but doesn't function.  It's ok in Chrome.

Lloyd

Share this post


Link to post
Share on other sites
2 minutes ago, kevinf80 said:

Is that an addon or extension for Firefox..?

The Gmail website.  mail.google.com

Share this post


Link to post
Share on other sites

Ok.  Yes it worked in Safe Mode

The culprit seems to an extension called Drag To Scroll.  It let me screen by holding down the left mouse button and dragging. I kind of like it but could live without. I was using it before without problem. I will check it's settings.

 

Share this post


Link to post
Share on other sites

Excellent, at least you`ve found the culprit. Any other issues or concerns...?

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.