Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I need help.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: I need help.

Unread postby mkdsk101 » April 27th, 2015, 6:54 pm

I am still getting the pop up ads.
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm
Advertisement
Register to Remove

Re: I need help.

Unread postby pgmigg » April 27th, 2015, 11:45 pm

Hello mkdsk101,

I am still getting the pop up ads.
Well... Lets reset Firefox, pleas do the following:

Reset Firefox Browser
  1. In the FireFiox browser click Help > Troubleshooting information.
  2. If you're unable to access the Help menu, type about:support in your address bar, then hit Enter.
  3. This will bring up the Troubleshooting Information page.
  4. Now click on Refresh FireFox, in the confirmation window that opens.
  5. Firefox will close and be reset. When it's done, a window will list the information that was imported.
  6. Click Finish and Firefox will open.
Are you still having the same problems now, after the reset?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » April 28th, 2015, 1:51 pm

Still same problems. I guess nothing we do will help and I cannot re install windows as I will lose too much that I have on this computer so did you do everything that you were able to do to help me?
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby pgmigg » April 28th, 2015, 3:53 pm

Hello mkdsk101,

Still same problems. I guess nothing we do will help and I cannot re install windows as I will lose too much that I have on this computer so did you do everything that you were able to do to help me?
We are not finished yet... There are a lot of scans and actions may be done and I am not going to give it up. :D

Meanwhile, until I am looking for what to do next, please reply here with the MBAM report which you forgot to post - I asked you to do it in the previous set of steps (it was Step 5).

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the most recent C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2015-08-... file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » April 28th, 2015, 8:33 pm

I don't see where it says "press the Copy to Clipboard button after the scan MBAM is done scanning?
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 28th, 2015, 9:06 pm

I found it and here it is but still no change. This is a tough thing to get rid of.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/28/2015
Scan Time: 8:26:57 PM
Logfile:
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.04.28.08
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: MARK

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 385398
Time Elapsed: 19 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 28th, 2015, 9:10 pm

Also just to let you know I use Google Chrome as my main browser.
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby pgmigg » April 28th, 2015, 9:38 pm

Hello mkdsk101,

Also just to let you know I use Google Chrome as my main browser.
This is the question that I was going to ask you - thank you for the answer! :D

So we are going to re-install your Google Chrome browser. How to do it? Please see steps below...

Step 1.
Show Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value in blue, in the open text entry box:
    change search options for files and folders
    then press Enter button
  5. Click on the View tab, then under the "Hidden files and folders" section please
    • SELECT "Show hidden files and folders"
  6. Find below and
    • remove check mark from check box "Hide extensions for known file types"
    • remove check mark from check box "Hide protected operating system files"
  7. Press the Apply, then the OK buttons.

Step 2.
Backup Your Google Chrome Bookmarks
  1. Please go to this article and read it.
  2. If you have Google Account and familiar with it, please sync your Bookmarks to Google. Otherwise - do it manually by Option 2.

Step 3.
Remove Programs
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without into the open text entry box:
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    Google Chrome
    Google Update Helper
  4. Take extra care in answering questions posed by any Uninstaller.
    Note:
    If you're asked if you would like to keep any personalized settings or folders, say NO! <- IMPORTANT!
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Now make sure that the folders from Chrome are deleted!!!, otherwise - delete the below if they exist:
    • C:\Users\Dawn\AppData\Local\Google
    • C:\Program Files (x86)\Google
  7. Reboot (restart) your computer.

Step 4.
Download and reinstall Google Chrome
  1. Please download and reinstall Google Chrome from Here
  2. After installation will be completed successfully, please set the Google Chrome as your default browser and rebuild you Bookmarks were backup-ed or synced in the Step 2 by using the import option of the Bookmarks menu or automatically in case of sign to Google Account.

Then:
Please examine the newly installed Google Chrome and let me know results...

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » April 29th, 2015, 8:08 pm

This seemed to have cured what ever was happening for, now unless it comes back, but my computer is a little sluggish when I am on the internet, any reason for that?
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby pgmigg » April 30th, 2015, 12:03 am

Hello mkdsk101,

This seemed to have cured what ever was happening for, now unless it comes back, but my computer is a little sluggish when I am on the internet, any reason for that?
I am glad to read that annoying pop-ups are gone but we are still not finished. :D Lets continue...

Please run one more scan:

ESET NOD32 Online Scan
  1. Firstly please Disable any Antivirus you have active, as shown in This topic. If active, it could impact the online scan.
    Do NOT use the computer while the scan is running!
    Make sure all other programs and windows are closed!
  2. You need to right-click on the Internet Explorer or Firefox icons on the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.
  3. Go to ESET Online Scanner - © ESET All Rights Reserved, to run an online scan.
  4. Click the dark blue Run ESET Online Scanner button:
    • If you using Google Chrome or Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted. Then double click on it to install.
    • If you using Internet Explorer please read the End User License Agreement and check the box: Yes, I accept the terms of use. Then click the green Start button.
  5. Accept any security warnings from your browser and allow the download/installation of any required files.
    If your browser blocks or halts a download, please allow it to download any required files.
  6. Under scan settings:
    • Check "Scan archives"
    • UNCHECK "Remove found threats"
  7. Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  8. Click the Start button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running!
  9. When the scan completes, please press the text: Image
  10. Press the text: Image, then save the file to your desktop as ESETScan.txt.
  11. Press the Back button, then press the Finish button.
  12. Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the ESETScan.txt log file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » April 30th, 2015, 5:48 pm

C:\AdwCleaner\Quarantine\C\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\MARK\AppData\Local\DefineExt\temp.dat.vir a variant of Win32/AdWare.Toolbar.AmyBar.A application
C:\AdwCleaner\Quarantine\C\Users\MARK\AppData\Local\DownloadTerms\temp.dat.vir a variant of Win32/AdWare.Toolbar.AmyBar.A application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application
C:\Program Files (x86)\NCH Software\Disketch\disketch.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\Disketch\disketchsetup_v3.32.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\GoldenVideos\goldenvideos.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\GoldenVideos\goldenvideossetup_v3.04.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.74.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.res a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\All Users\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.res a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\MARK\Desktop\Bible\disketchsetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Users\MARK\Desktop\Garbage\gvsetup (1).exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Users\MARK\Desktop\Garbage\gvsetup.exe a variant of Win32/Bundled.Toolbar.Google.C potentially unsafe application
C:\Users\MARK\Documents\Downloads\pcspeedup_73664791022749dbabc0d92a598550f0_ (1).exe a variant of Win32/SpeedingUpMyPC application
C:\Users\MARK\Documents\Downloads\pcspeedup_73664791022749dbabc0d92a598550f0_.exe a variant of Win32/SpeedingUpMyPC application
C:\Users\MARK\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application
C:\Users\MARK\Downloads\FreeYouTubeDownload (1).exe Win32/OpenCandy potentially unsafe application
C:\Users\MARK\Downloads\FreeYouTubeDownload.exe Win32/OpenCandy potentially unsafe application
C:\Users\MARK\Downloads\FreeYouTubeToDVDConverter (1).exe Win32/OpenCandy potentially unsafe application
C:\Windows\Installer\2f00ff8d.msi a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 30th, 2015, 7:06 pm

Still kind of sluggish a bit.
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby mkdsk101 » April 30th, 2015, 8:54 pm

Also when I watch a video or something it is sometimes choppy. Is that just my Internet?
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm

Re: I need help.

Unread postby pgmigg » April 30th, 2015, 11:12 pm

Hello mkdsk101,

Still kind of sluggish a bit.
This characteristic is not specific and accurate in determining the cause. There are too many things that can affect the operation of the computer, especially when he is no longer young, and there are installed so many programs.

Also when I watch a video or something it is sometimes choppy. Is that just my Internet?
Probably you are right - Internet stability depends on many thing including type of Internet connection, dependence on the number of people connected simultaneously if we are talking about connecting via cable television network, interferences, etc.

Your latest set of logs appear to be clean! :cheers:
This is my general post for when your logs show no more signs of malware.
Before I give you instructions how to keep your computer clean and secure, you need to make a few additional steps.

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Files
    C:\ProgramData\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.res
    C:\Users\All Users\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.res
    c:\programdata\{a4865541-8880-0d66-a486-655418885506}\remo recover 4.0 crack, keygen license key full version.dat
    c:\programdata\{b081a1c8-60fd-7c32-b081-1a1c860f8721}\spyhunter 4 registration key incl crack full free download.dat
    c:\users\mark\desktop\garbage\spyhunter version 4 cracked.zip
    c:\users\mark\desktop\garbage\spyhunter-4-crack-loader-+-serials.zip
    C:\Users\MARK\Desktop\Bible\disketchsetup.exe
    C:\Users\MARK\Desktop\Garbage\gvsetup (1).exe
    C:\Users\MARK\Desktop\Garbage\gvsetup.exe
    C:\Users\MARK\Documents\Downloads\pcspeedup_73664791022749dbabc0d92a598550f0_ (1).exe
    C:\Users\MARK\Documents\Downloads\pcspeedup_73664791022749dbabc0d92a598550f0_.exe
    C:\Users\MARK\Downloads\avc-free.exe
    C:\Users\MARK\Downloads\FreeYouTubeDownload (1).exe
    C:\Users\MARK\Downloads\FreeYouTubeDownload.exe
    C:\Users\MARK\Downloads\FreeYouTubeToDVDConverter (1).exe
    C:\Windows\Installer\2f00ff8d.msi
    ipconfig /flushdns /c
    
    :Commands
    [emptyflash]
    [emptyjava]
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Please close it.

Step 2.
OTL - Run Script
You should still have OTL on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Copy and Paste the following code into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [CREATERESTOREPOINT]
    
    :Commands
    [EMPTYTEMP]
    [CLEARALLRESTOREPOINTS]
    
  3. Click under the Custom Scan/Fixes box and paste the copied text.
  4. Click the Run Fix button. If prompted... click OK.
  5. OTL may ask to reboot the machine. Please do so if asked.

Step 3.
OTL-Cleanup
You should still have OTL on your desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Press the CleanUp button.
  3. When done, you will be prompted to reboot your system to finish file removal, please select OK to reboot your computer.

Step 4.
Hide Hidden and System files
  1. Close all programs so that you are at your desktop.
  2. Press Image.
  3. Click the Start Search box on the Start Menu
  4. Copy and paste the following value, in the open text entry box:
    change search options for files and folders
  5. Click on the View tab, then under the "Hidden files and folders" section
    • UNSELECT "Show hidden files and folders"
    • Place check mark in check box "Hide extensions for known file types"
    • Place check mark in check box "Hide protected operating system files"
  6. Press the Apply, then the OK buttons.

Step 5.
Please download delfix and save it to your desktop.
  1. Right-click on delfix.exe and select "Run as administrator"to run it.
  2. Check the following boxes then click on Run.
    1. Activate UAC
    2. Remove disinfection tools
    3. Create registry backup
    4. Reset system settings
  3. All tools we used to clean your computer should be gone now.
  4. You can now delete any tools/logs we used if they remain on your computer.

Then:
  • Please don't forget to enable and update all your defense software!

Finally:
Please click HERE to find a short guide to staying safer online.

Please don't hesitate to ask any additional questions.

Stay Safe! ;)
pgmigg
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3177
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: I need help.

Unread postby mkdsk101 » May 1st, 2015, 11:56 am

If I do the last few the last few setp with doing them CLEAR ALL my RESTORE POINTS? I am not sure if I want all my restore points cleared or do I have to?
mkdsk101
Regular Member
 
Posts: 91
Joined: April 23rd, 2015, 7:11 pm
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 18 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware