Jump to content

Ads on search results. Malicious IE settings. (Same with previous)


Recommended Posts

Hello guys,

I think I have the same problem

Probably from KMSpico

Any help? kevinf80?

 

Zemana Report

MD5    :
Status    :  Scanned
Object    :  software\microsoft\windows\currentversion\internet settings\connections
Publisher    :
Size    :  0
Detection    :  MaliciousSetting f
Action    :  Delete
-----------------------------------------------------------------------
MD5    :
Status    :  Scanned
Object    :  software\policies\microsoft\internet explorer\control panel
Publisher    :
Size    :  0
Detection    :  MaliciousSetting
Action    :  Delete
-----------------------------------------------------------------------
MD5    :
Status    :  Scanned
Object    :  software\wow6432node\policies\microsoft\internet explorer\control panel
Publisher    :
Size    :  0
Detection    :  MaliciousSetting
Action    :  Delete
Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer

 [*]Right-click on the MBAM icon and select Run as administrator to run the tool.[/*]
[*]Click Yes to accept any security warnings that may appear.[/*]
[*]Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.[/*]
[*]On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/*]
[*]Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/*]
[*]Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/*]
[*]Note: The scan may take some time to finish, so please be patient.[/*]
[*]If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.[/*]
[*]While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/*]
[*]The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/*]

Please post the log for my review.

Note: If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Malwarebytes your Desktop.
[*]Close all open programs and internet browsers.[/*]
[*]Double click on AdwCleaner.exe to run the tool.[/*]
[*]Click the Scan button and wait for the process to complete.[/*]
[*]Click the LogFile button and the report will open in Notepad.[/*]

IMPORTANT

[*]If you click the Clean button all items listed in the report will be removed.[/*]

If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

[*]Close all open programs and internet browsers.[/*]
[*]Double click on AdwCleaner.exe to run the tool.[/*]
[*]Click the Scan button and wait for the process to complete.[/*]
[*]Check off the element(s) you wish to keep.[/*]
[*]Click on the Clean button follow the prompts.[/*]
[*]A log file will automatically open after the scan has finished.[/*]
[*]Please post the content of that log file with your next answer.[/*]
[*]You can find the log file at C:\AdwCleanerCx.txt (x is a number).[/*]

===

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please Attach it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.

Please attach the logs for my review.

Wait for further instructions

p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====

Link to post
Share on other sites

Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Chromium Edge.

If Chromium Edge is Synced with other devices disable it.

Open Microsoft Edge.
Click the Settings and more (three-dotted) button from the top-right.
Click the Settings option. ...
Click on Profiles.
Click the Sync option. ...
Click the Turn off sync button.

Restart Edge.

===

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

Hi,

Is it possible that what is reported by Zemana was remove and is not  quarantined

Check the in Quarantine folder and if found delete/remove them.

p.s.
I do not have Zemana but I understand that it's available from 
Quarantine is the second icon from the left in the upper right corner of the GUI.
Look for "radiation" sign...

Is the problem solved?

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.