Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

a.targetingadvertiser mal/adware [Solved]


  • This topic is locked This topic is locked

#16
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello ncrunch32,

Glad the computer is running better, lets run 2 additional scans to double check.

Next

Please download Malwarebytes' Anti-Malware to your desktop from Here.
Double Click mbam-setup.exe to install the application.
• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


Next

This scan can take a considerable amount of time

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: Posted ImageNote: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the Posted Image icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: Posted Image
    (Selecting Uninstall application on close if you so wish)

Note Monitor issue.
The driver for your monitor is Here Is that where you downloaded from ?

1600 x 900 Native resoultion, Maximum Resolution. Yes I see that 1600 x 900 is the native resolution, I wonder if age is a factor and it runs better at 1280 x 960, I'm not really a monitor person, see if any additional information is provided at the link where the driver is. I did see some troubleshooting for various issues. I'm also sure you adjusted brightness an contrast to see if they made a difference.

Brightness,
Contrast
Features HDCP,
MagicAngle,
MagicTune,
MagicColor,
MagicBright 3


Those are all the features with your monitor, are any of those adjustable besides brightness and contrast?

Finally

Please post the following logs in your next reply:
  • Eset Log
  • Malwarebytes log

Thanks
Joe :)

How is Microsoft Security Essentials for you? I'm asking because I know that it's new for you.
  • 0

Advertisements


#17
ncrunch32

ncrunch32

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Done!
Joe


[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=35f35305b792e34da09d9ca9a283e9b0
# engine=16223
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-12-11 12:04:10
# local_time=2013-12-10 07:04:10 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 135082 138263700 0 0
# scanned=141254
# found=4
# cleaned=0
# scan_time=3317
sh=E8488F0D82FAC1366A28A6E4B4C60B03DF5DACAB ft=1 fh=fc98fbbe4d137043 vn="Win32/OpenCandy application" ac=I fn="C:\Users\Family\Downloads\AIM_Install.exe"
sh=367234BE596D56EC13DEF9FD82F741576BD021E0 ft=1 fh=d72f459d78d781c6 vn="a variant of Win32/OutBrowse.D application" ac=I fn="C:\Users\Family\Downloads\setup.exe"
sh=DCC62ED0FA35C6A72DB0AEC27653C246442C5408 ft=1 fh=589825e7d60587d7 vn="a variant of Win32/AdWare.Adpeak.B application" ac=I fn="C:\_OTL\MovedFiles\12012013_171858\C_Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe"
sh=0E582D62FD03FFC8FEA50D01CD88947B4070136B ft=1 fh=f4e24d2ce761ccab vn="a variant of Win64/Adware.Adpeak.B application" ac=I fn="C:\_OTL\MovedFiles\12012013_171858\C_Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe"


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.10.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Family :: FAMILY-THINK [administrator]

12/10/2013 5:47:19 PM
mbam-log-2013-12-10 (17-47-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204117
Time elapsed: 2 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> No action taken.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> No action taken.
HKLM\SOFTWARE\Adpeak, Inc. (PUP.Optional.AdpeakProxy) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> No action taken.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 5
C:\Users\Family\Downloads\AIM_Install.exe (PUP.Optional.OpenCandy) -> No action taken.
C:\Users\Family\Downloads\setup.exe (PUP.Optional.Smart) -> No action taken.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> No action taken.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (Adware.AdPeak) -> Quarantined and deleted successfully.

(end)
  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi ncrunch32,

Re:
Your Malwarebytes log!

No action taken

Let Malwarebytes remove what it found......

Please review...

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.

Thanks
Joe :)
  • 0

#19
ncrunch32

ncrunch32

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Done!
Joe


nternet Explorer 11.0.9600.16428
Family :: FAMILY-THINK [administrator]

12/10/2013 9:34:38 PM
mbam-log-2013-12-10 (21-34-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204245
Time elapsed: 2 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKCR\Wow6432Node\AppID\AdpeakProxy.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Adpeak, Inc. (PUP.Optional.AdpeakProxy) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Family\Downloads\AIM_Install.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Family\Downloads\setup.exe (PUP.Optional.Smart) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

(end)
  • 0

#20
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK,

Sorry for delay.

Tell me how the computer is running.

Thanks
Joe :)
  • 0

#21
ncrunch32

ncrunch32

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Works like new! Extremely fast, boots quick. Thank you so much!

Joe
  • 0

#22
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
You're welcome.

I'll get back to you and we can clean up the tools we used, and a few tips.

Thanks
Joe :)
  • 0

#23
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello ncrunch32,

Lets clean up after ourselves

First

OTL Clean-Up

Right click on the Posted Image icon on your desktop and choose Run as administrator to open the main window.

Next click on the Posted Image button.

Once clean up is complete you will be prompted to reboot your computer. Please do so.

This will remove most of the programs we have used including itself.


Next

Double-click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.

Right click on the JRT Icon and select delete.
If there are any left over tools or logs on your computer please delete them now.

Next

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button
Posted Image

Last

I post this for everyone. There prevention steps

Turn On Automatic Updates:

Turn On Automatic Updates
1. Click Start, click Run, type sysdm.cpl, and then press ENTER.
2. Click the Automatic Updates tab, and then click to select one of the following options. We recommend that you select the Automatic (recommended) Automatically download recommended updates for my computer and install them. If you click this setting, click to select the day and time for scheduled updates to occur. You can schedule Automatic Updates for any time of day. Remember, your computer must be on at the scheduled time for updates to be installed. After you set this option, Windows recognizes when you are online and uses your Internet connection to find updates on the Windows Update Web site or on the Microsoft Update Web site that apply to your computer. Updates are downloaded automatically in the background, and you are not notified or interrupted during this process. An icon appears in the notification area of your taskbar when the updates are being downloaded. You can point to the icon to view the download status. To pause or to resume the download, right-click the icon, and then click Pause or Resume. When the download is completed, another message appears in the notification area so that you can review the updates that are scheduled for installation. If you choose not to install at that time, Windows starts the installation on your set schedule.

I would recommend the download and install the following program.
WinPatrol As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge.

Please read this great article by miekiemoes How to prevent Malware
and this great article by Tony Klein So How Did I Get Infected In First Place

Best wishes!

Joe :)
  • 0

#24
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP