Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Chrome Popups Won't Go Away

malware spyware virus

  • This topic is locked This topic is locked

#16
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,793 posts
Let me know if the pop ups continue, and exactly what they say.

Thanks
Joe :)

Is that the only item that was in the Log ?
  • 0

Advertisements


#17
sallysensation

sallysensation

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

That was the only thing in the log.  Just got a tab that popped up to this URL:

 

http://www.adcash.co...1&new=1&dx===wD

 

with a popup warning that adobe flash player needs to updated, and a link to update it.  

 

Also, my wife's brand new galaxy S5 is also getting popups warning of infections,  along with her iPad and macbook pro.  Seems like everything on our network is infected with something. Strangely it happened on the S5 while away from home and not connected to our wifi. Not sure what steps to take to clean each device and prevent it from coming back.  


  • 0

#18
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,793 posts
Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop

Post that log
  • 0

#19
sallysensation

sallysensation

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/5/2014
Scan Time: 11:04:55 PM
Logfile: test.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.06.03
Rootkit Database: v2014.07.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: jlongton
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318895
Time Elapsed: 15 min, 5 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 1
Broken.OpenCommand, HKCR\regfile\shell\open\command, "regedit.exe" "Good: (regedit.exe "Bad: ("regedit.exe" "%1"),,[ffffffffffffffffffffffffffffffff]")", %4, %5
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#20
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,793 posts
Lets try resetting Chrome even though you may have already done it.

Please follow these instructions here to reset chrome.

And
remove or delete these 2 extensions from Chrome

CHR - Extension: uTorrent for Google Chrome = C:\Users\jlongton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaafelbmbpohgmabippkndaaikgdih\3.11.3_0\
CHR - Extension: uTorrent for Google Chrome = C:\Users\jlongton\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhaafelbmbpohgmabippkndaaikgdih\3.11.4_0\

Joe
  • 0

#21
sallysensation

sallysensation

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

ok.  did that.  But prior to that, I did hard reset on the router to factory defaults.  I noticed that the DNS numbers had been changed.  I thought they were suipposed to be automatically set to something, but it looks like that might have been done maliciously.  Now they are all 0's.  I haven't noticed any problems since then.  we'll see.  


  • 0

#22
sallysensation

sallysensation

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

so far so good.  Thanks for your help!  


  • 0

#23
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,793 posts

OK.

 

Let it run for another day, then we need to clean up (remove the tools we used.) I'll remind you if I don't hear from you and give you final instructions and we can close out the thread.

 

Joe


  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,793 posts
Hello, If no issue remain,


Next

Since your log reports are clean and free of malware, lets clean up after ourselves.


OTL Clean-Up

Right click on the OTLicon.jpg icon on your desktop and choose Run as administrator to open the main window.

Next click on the CleanUpButtonOTL.jpg button.

Once clean up is complete you will be prompted to reboot your computer. Please do so.

This will remove most of the programs we have used including itself.


Next

Double-click on AdwCleaner.exe to run the tool again.
  • Click on the Uninstall button.
  • Click Yes when asked are you sure you want to uninstall.
  • Both AdwCleaner.exe, its folder and all logs will be removed.
Right click on the JRT Icon and select delete.
If there are any left over tools or logs on your computer please delete them now.


Next

You usually get infected because your security settings are too low.

Here are a number of recommendations that will help tighten them, and which will contribute to making you a less likely victim:

Safe Computing Practices please read Here

Thanks
Joe :)
  • 0

#25
sallysensation

sallysensation

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Thanks for your help!


  • 0

Advertisements


#26
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,793 posts
You're welcome :)


Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: malware, spyware, virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP