[hank_venture]

Here is the report. Thanks!  HtmlReport.zip   306.82KB   145 downloads

[Advertisements]

Those detections are not related with the symptoms. Open Internet Explorer, click on Tools then on Internet Options. Select the Advanced tab and click on Restore Advanced settings. Click Apply, then on OK.

I still concern about the CBS log.

Click Start, type cmd in the Start Search box, right-click cmd in the Programs list, and then click Run as administrator.

If you are prompted for an administrator password or for a confirmation, type your password, or click Continue.

Type the following command (including the quotation marks), and then press ENTER:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >"%userprofile%\desktop\sfcdetails.txt"

A sfcdetails.txt report will be produced on your desktop. See if you can attach that report.

[JSntgRvr]

Those detections are not related with the symptoms. Open Internet Explorer, click on Tools then on Internet Options. Select the Advanced tab and click on Restore Advanced settings. Click Apply, then on OK.

I still concern about the CBS log.

Click Start, type cmd in the Start Search box, right-click cmd in the Programs list, and then click Run as administrator.

If you are prompted for an administrator password or for a confirmation, type your password, or click Continue.

Type the following command (including the quotation marks), and then press ENTER:

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >"%userprofile%\desktop\sfcdetails.txt"

A sfcdetails.txt report will be produced on your desktop. See if you can attach that report.

[hank_venture]

okay so I reset the default settings in internet explorer. I ran the code you asked me to in command prompt as adminstrator, it produces a .txt document but it is blank...


i typed it in several times so I think i put all the characters in correctly...heres a screenshot in case i am just not seeing my mistake.

Just a note, when I initially ran the scan for the cbs.log it would not let me open it in the CBS folder, it said access denied..I copy pasted it onto the desktop and was able to open it...I did not get the access denied message but the document is blank when I open it.

This is a tough one. Thanks for you help =)

[JSntgRvr]

I guess the cbs.log contained just text and no information about corrupted files. That is good news.

How is the computer doing?

[hank_venture]

Same issues. There are ads from getsavin but they are blank, like the windows are visible with no contents. Still getting the directs.I am wondering if I should wipe hard drive and reinstall operating system?

[JSntgRvr]

See if this will help.

Remove unknown add-ons from Internet Explorer

• Remove unknown add-ons from Internet Explorer.
• When you uninstall Iminent for Internet Explorer from your computer, the Iminent add-ons should be automatically removed from Internet Explorer, however we need to check if they were uninstalled.
• Open Internet Explorer,then click on the gear icon [Image: Internet Explorer gear icon] (Tools for Windows XP users) at the top (far right) and then select Manage add-ons.
• Internet Options in IE
• From the Toolbars and Extensions tab, select unknown add-ons, and click on Disable.
• Set Internet Explorer default search engine to Bing.
• To change your default search engine, click on the gear icon [Image: Internet Explorer gear icon] , select Manage Add-ons, and then, under Add-on Types, click Search Providers.
• Select Bing and on click the Set Default button.
• To remove unknown add-ons from Internet Explorer, select unknown add-ons and click on Remove.
• Change your Internet Explorer homepage from unknown add-ons to its default
• To change your homepage, click on the gear icon [Image: Internet Explorer gear icon] , select Internet Explore options, and in the General tab,under the Home page section, click on Use default to restore Internet Explorer default home page.

Remove unknown add-ons from Mozilla Firefox

• Remove unknown add-ons extensions from Firefox.
• At the top of the Firefox window, click the orange Firefox button, then select Add-ons.
• Firefox addon menu
• Select the Extensions tab, then remove unknown add-ons extensions from Mozilla Firefox.
• Reset your default search engine and home page from unknown add-ons to their default.
• To reset your search engine and homepage to their default, we will use the SearchReset extension. This add-on is very simple: on installation, it backs up and then resets your search preferences and home page to their default values, and then uninstalls itself. This affects the search bar, URL bar searches, and the home page.
• You can download SearchReset from the link below, and then we will just need to install it to revert Firefox to its default settings.
• SEARCHRESET DOWNLOAD LINK (This link will open another web page from where you can download the SearchReset Firefox extension)

Remove unknown add-ons from Google Chrome

• Remove unknown add-ons extensions from Google Chrome.
• Click the Chrome menu Chrome menu button on the browser toolbar, select Tools and then click on Extensions.
• In the Extensions tab, remove (by clicking on the Recycle Bin) the unknown add-ons extensions from your Google Chrome.
• Set Google Chrome default search engine from unknown add-ons to Google.
• Click the Chrome menu Chrome menu button, then select Settings and click on Manage search engines in the Search section.
• In the Search Engines dialog that appears, select Google and click the Make Default button that appears in the row.
• Search for Delta Search in the Search Engines list, and click the X button that appears at the end of the row.
• Change Google Chrome homepage from delta-search.com to its default.
• Click the Chrome menu Chrome menu button, then select Settings and click on One the New Tab page in the On Startup section.

[hank_venture]

I believe that did the trick..I disabled unknown add ons, updated plug ins, and then went through a round of the anti malware programs...Internet is much faster. I was able to go to several websites without any hijacks are any pop ups. You've been a great help...I really appreciate it.

[JSntgRvr]

Congratulations.

Since the tools we used to scan the computer, as well as tools to delete files and folders, are no longer needed, they should be removed, as well as the folders created by these tools.

Run OTL. Click on the Cleanup button and follow the prompts.

Run AdWCleaner and uninstall

Manually remove any tool left.

Here are some suggestions.

• Always keep your JAVA updated. Older versions will make your computer vulnerable.
  
• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Miekiemoes.

Best wishes!

[JSntgRvr]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.