Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

deal4real

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

deal4real

Unread postby Rold » May 27th, 2017, 9:34 pm

Hello,

I have a problem with this adware (or whatever its type is), it sometimes reinstalls Firefox and install a fake google chrome. Every now and then (in a space of 2 days) it makes all again, and I erase it. I delete the folders it creates on my Program files (x86), then erase the shortcuts and then I replace the original Chrome on my task bar.

But currently, I found out this: My files on the "etc" folder, host, network, protocol, services are type "deal4real". I'm not sure what type they are suppose to be but I'm sure they are not suppose to be that type.

Right now, my chrome has as it search engine "mystarting123" and I can't change that.

Hope this is enough, or it explains it.

Thank you for your time :)
You do not have the required permissions to view the files attached to this post.
Rold
Active Member
 
Posts: 3
Joined: May 27th, 2017, 9:18 pm
Advertisement
Register to Remove

Re: deal4real

Unread postby pgmigg » May 28th, 2017, 12:24 am

Hello Rold,

P2P Advisory!
IMPORTANT: There are signs of one or more P2P (Peer to Peer) File Sharing Programs installed on your computer.
µTorrent
uTorrentBar_ES Toolbar

As long as you have the P2P program(s) installed, per Forum Policy,
I can offer you no further assistance
.

If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove P2P Program
  1. Please press the Windows Key + R.
  2. Enter appwiz.cpl into the text box and click OK.
  3. Locate the following programs:
    µTorrent
    uTorrentBar_ES Toolbar
  4. Click on the Change/Remove button to uninstall it.
  5. When the program have been uninstalled, please close Control Panel
  6. Reboot (restart) your computer.
By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program itself may be safe but the files may not - use P2P at your own risk!
Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step 2.
Run CKScanner
  1. Please download CKScanner from here
  2. Important: - Save it to your Desktop.
  3. Double-click CKScanner.exe and click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Step 3.
TSG - SysInfo utility
  1. Please download SysInfo.exe and save it to your Desktop.
  2. Right click SysInfo.exe and select "Run As Administrator" to run it... if UAC prompts, please allow it.
  3. The small square window will be opened with already highlighted text - please right click on it, select Copy and then paste it in your next post.

Then:
Please tell me is this computer used for business or educational purposes and/or connected to a business or educational network?
I need to know it - so I can provide the proper instructions.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections...

Don't post anything as attachments unless I will ask you about it specifically!

Please include in your next reply:
  1. Your decision about P2P programs
  2. Do you have any problems executing the instructions?
  3. Contents of CKFiles.txt log file
  4. Contents of TSG - SysInfo utility
  5. Answer to my question related to type of using of your computer

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4785
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: deal4real

Unread postby Rold » May 30th, 2017, 10:13 pm

Couldn't locate "uTorrentBar_ES Toolbar", only could uninstall "µTorrent".

And the link for "SysInfo.exe" doesn't give me anything to download.
Rold
Active Member
 
Posts: 3
Joined: May 27th, 2017, 9:18 pm

Re: deal4real

Unread postby Rold » May 30th, 2017, 10:16 pm

Whats the CKScanner gave me:

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\haste\haste esports accelerator\windivert.dll
c:\program files\haste\haste esports accelerator\windivert64.sys
scanner sequence 3.ZZ.11.TCNAAZ
----- EOF -----
Rold
Active Member
 
Posts: 3
Joined: May 27th, 2017, 9:18 pm

Re: deal4real

Unread postby pgmigg » May 30th, 2017, 11:06 pm

Altered Logs

You have edited your logs.

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we do not delete or edit logs to conceal information, personal or business related details.

Should you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • Illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW FRST logs :

  • FRST.txt.
  • Addition.txt.
  • Details of the problems you're experiencing.
  • Link to your closed topic.

Wait for a new helper. Do not reply to your topic before a helper has replied.

Thank you for your cooperation and understanding.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4785
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 70 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware