Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus on my computer opens new browser windows randomly and adds links


  • This topic is locked This topic is locked

#46
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Thanks Biscuit, FYI here is the last ESET file:

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9d87844d1723614a9b81a7c42d5b1cea
# engine=17000
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-08 11:14:02
# local_time=2014-02-08 03:14:02 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 0 162453747 0 0
# compatibility_mode=5893 16776574 100 94 17510209 143444692 0 0
# scanned=113620
# found=17
# cleaned=17
# scan_time=3861
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted (after the next restart) - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted (after the next restart) - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted (after the next restart) - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
sh=BF65E2CA90E5C42DB92F1E9CDE0F57832DC36FE6 ft=1 fh=889e6dbfb45b41a1 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Debut\debut.exe"
sh=D02398CC4ED267DE39588F21EBA66B23858A3282 ft=1 fh=602676cc88f42878 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Debut\debutsetup_v1.70.exe"
sh=8DE840B2FEF4D211AB923C2CA8C9AD1A2CED831D ft=1 fh=46efc1b432b3bdf4 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe"
sh=E1DDD573A68C45BCA7298415732829E97C64E373 ft=1 fh=b7a6d325e046006f vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\VideoPad\videopadsetup_v3.01.exe"
sh=DD2B65E0DC0E179649D517DC9819399A4201FB6C ft=1 fh=d0a7f3949e3545a5 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Kids\Downloads\avira_free_antivirus_en.exe"
sh=FECB171B0AD2EBA65D0EC111C722671EC7B1C427 ft=1 fh=70aa5bb232eacf0a vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Kids\Downloads\debutpsetup.exe"
sh=D02398CC4ED267DE39588F21EBA66B23858A3282 ft=1 fh=602676cc88f42878 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Kids\Downloads\debutsetup.exe"
sh=541270ABB00FFB0D6E8E20EF93CDF10609678788 ft=1 fh=5d674d3cec9d8a73 vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Kids\Downloads\setup(1).exe"
sh=541270ABB00FFB0D6E8E20EF93CDF10609678788 ft=1 fh=5d674d3cec9d8a73 vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\Kids\Downloads\setup.exe"
sh=7FB8704B6B9679E54DF232591CD257362729619C ft=1 fh=c71c0011784b7866 vn="a variant of Win32/AdWare.GorillaPrice.A application (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\02012014_125818\C_Program Files (x86)\GorillaPrice\GorillaPrice.exe"
sh=0127BEB02088CDF58458BE8BCD7D563EC5B10763 ft=1 fh=32d49b831ad23453 vn="a variant of Win32/AdWare.GorillaPrice.A application (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\02012014_125818\C_ProgramData\GorillaPrice\watgorp.exe"
sh=A6FD149D506F3EE6FFD460BECEDF628AACD3CAF1 ft=1 fh=c2e118c96fb78a0e vn="Win32/Toolbar.Linkury.D potentially unwanted application (deleted - quarantined)" ac=C fn="C:\_OTL\MovedFiles\02022014_104812\C_Users\Kids\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll"
sh=E03BC6676712388061F2903D4BCB4ECFE4B3B5F4 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.L application (cleaned by deleting - quarantined)" ac=C fn="C:\_OTL\MovedFiles\02022014_104812\C_Users\Kids\AppData\Roaming\Mozilla\Firefox\Profiles\zalxh0au.default\extensions\126\chrome\content\main.js"
  • 0

Advertisements


#47
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Hi Biscuit

Attached everything, am I good to go and logging into everything? Thanks for everything!!

Edited by scmba, 09 February 2014 - 11:21 AM.

  • 0

#48
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Hi scmba

You're logs are looking good!Posted Image Yes, I think it's safe to use the machine for everything.

Here's some information that may help you on a going forward basis.

Importance of Regular System Maintenance:

I advise you read both of the topics listed below. The suggestions contained them, if followed, will go a long way toward keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like utorrent, Bittorrent, Azureus, Limewire, Vuze. Criminals have "planted" thousands upon thousands of infections in the "free" shared files. Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

I will further add; P2P software has the ability to create a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their infected dross onto your computer. Further to that, if your P2P software is not configured correctly you may be sharing more files than you realise. There have been cases where people's address books, passwords, other personal, private and financial details have been exposed to the file sharing network by a badly configured P2P applications

My friendly advice is to avoid these types of software applications.
  • 0

#49
scmba

scmba

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
THANK YOU!!!! :thumbsup:
  • 0

#50
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
You're very welcome! If you ever need us, please stop back!:thumbsup:
  • 0

#51
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP