[redbchtrvlr]

It appears on 8-11-14 our daughter's Dell Inspiron, Windows 7, computer became infected with a virus and Malware,  We have Kaspersky as our anti-virus protection and they assisted in one of the virus removals, by instructing us to download malwarebytes.  I was advised they cannot assist with the grillaprice malware.  I ran revoinstaller, and though it removed grillaprice, today my daughter received an error message Proxy Setting Server issue and we could not get on the internet.  I had to reset the computer to an earlier setting and now we have grillaprice again.  We are getting a pop up myteckexpert.us viruses detected.  I can't remember where I found w32.bundler/adway as well.

 

Thank you for your help.

Attached Files

•  OTL.Txt   101.18KB   153 downloads

Edited by redbchtrvlr, 14 September 2014 - 09:37 PM.

[Advertisements]

Greetings redbchtrblr and

My nickname is Ruggie and I will be assisting you in cleaning your computer.
Please be aware I am currently in the final stages of training right now and all my work will be checked by an instructor so there may be a slight delay between posts. The added benefit to this is that you will have 2 sets of eyes looking at your problem so you can be assured you will get the best possible help.

• Malware removal can be a long process and will at times get complicated with multiple steps to perform to ensure that your system is no longer infected.
• When we start the process, the list of instructions must be followed closely, it may seem difficult at times but it is important that you stay with me until your computer is declared clean.
• If you are receiving help elsewhere, please let me know so we can close this thread and help someone else.

Before going any further, I recommend that you print out (or save to a file) these guidelines and also the instructions when I post them, as part of the repair process may involve going into safe mode and therefore you will not have internet access.
The following guidelines are important but the ones highlighted in RED are of the highest importance and must not be skipped.

Please be aware, the fixes we perform are specific to this machine, at this moment in time. They must not be used on another computer or unsupervised at another time. This can render your computer unbootable.

If at all possible, Make backups of all your important files, whilst we will do our best to ensure that no files are lost or damaged, sometimes things can go wrong.

I will do everything in my power to ensure that this clean is successful, but occasionally failure hits us all. In this event, please have your original installation disks to hand and be prepared to have to format and reinstall your computer.

Refrain from using any tool that hasn't been instructed as it could alter the process that we are working through and cause further problems. Also only use the tools I instruct in the manner provided as they are very powerful and if not used properly can cause even more problems. It is best if you can avoid using the computer at all, apart from to perform the cleaning steps to ensure that any infections aren't spread.

Please stick with me until the end. malware removal is difficult and time consuming. We have to analyse hundreds of lines in log files. This takes time which we give freely so I ask that you do us the courtesy of seeing it through.

Only paste the contents of log files into your reply, DO NOT attach any log files unless requested to do so.

If you have any questions or get stuck, stop and ask....I am here to help you make this go as smoothly as possible.

If you do not reply within 3 days, your topic will be closed. It can be reopened if you ask. But if you plan on being gone for a longer period, just let me know and I will hold it open for you.

Ready? Now lets get to work

 

I would like to see fresh logs with updated software so please follow the steps below.

First...

Initial FRST Scan

Please download Farbar Recovery Scan Tool and save it to your Desktop. There will be 2 versions offered, if you know which version is the one you need, download that one, if not, download both, only one will work on your computer, that is the one you need.

• Right click to run as administrator. When the tool opens click Yes to the disclaimer.
• Ensure that the following are ticked as in the image below
  • Drivers MD5
  • Addition.txt

• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• This will also generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Next...

ASWmbr Scan

Download aswMBR.exe ( 511KB ) to your desktop. If you already have this application, this is a new version I need you to download.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

If your computer supports Virtualization Technology, select Yes to use it for rootkit detection. When it offers to download the virus database allow that as well



On completion of the scan click Save Log, save it to your desktop and post in your next reply



The tool will also produce a copy of the mbrdump labeled MBR.dat. Please do not delete this file, it will be removed in our cleanup at the end.

Items I need to see in your next post:

• FRST and Addition Log
• ASWmbr Log

[ruggie_uk]

Greetings redbchtrblr and

My nickname is Ruggie and I will be assisting you in cleaning your computer.
Please be aware I am currently in the final stages of training right now and all my work will be checked by an instructor so there may be a slight delay between posts. The added benefit to this is that you will have 2 sets of eyes looking at your problem so you can be assured you will get the best possible help.

• Malware removal can be a long process and will at times get complicated with multiple steps to perform to ensure that your system is no longer infected.
• When we start the process, the list of instructions must be followed closely, it may seem difficult at times but it is important that you stay with me until your computer is declared clean.
• If you are receiving help elsewhere, please let me know so we can close this thread and help someone else.

Before going any further, I recommend that you print out (or save to a file) these guidelines and also the instructions when I post them, as part of the repair process may involve going into safe mode and therefore you will not have internet access.
The following guidelines are important but the ones highlighted in RED are of the highest importance and must not be skipped.

Please be aware, the fixes we perform are specific to this machine, at this moment in time. They must not be used on another computer or unsupervised at another time. This can render your computer unbootable.

If at all possible, Make backups of all your important files, whilst we will do our best to ensure that no files are lost or damaged, sometimes things can go wrong.

I will do everything in my power to ensure that this clean is successful, but occasionally failure hits us all. In this event, please have your original installation disks to hand and be prepared to have to format and reinstall your computer.

Refrain from using any tool that hasn't been instructed as it could alter the process that we are working through and cause further problems. Also only use the tools I instruct in the manner provided as they are very powerful and if not used properly can cause even more problems. It is best if you can avoid using the computer at all, apart from to perform the cleaning steps to ensure that any infections aren't spread.

Please stick with me until the end. malware removal is difficult and time consuming. We have to analyse hundreds of lines in log files. This takes time which we give freely so I ask that you do us the courtesy of seeing it through.

Only paste the contents of log files into your reply, DO NOT attach any log files unless requested to do so.

If you have any questions or get stuck, stop and ask....I am here to help you make this go as smoothly as possible.

If you do not reply within 3 days, your topic will be closed. It can be reopened if you ask. But if you plan on being gone for a longer period, just let me know and I will hold it open for you.

Ready? Now lets get to work

 

I would like to see fresh logs with updated software so please follow the steps below.

First...

Initial FRST Scan

Please download Farbar Recovery Scan Tool and save it to your Desktop. There will be 2 versions offered, if you know which version is the one you need, download that one, if not, download both, only one will work on your computer, that is the one you need.

• Right click to run as administrator. When the tool opens click Yes to the disclaimer.
• Ensure that the following are ticked as in the image below
  • Drivers MD5
  • Addition.txt

• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.
• Please copy and paste log back here.
• This will also generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Next...

ASWmbr Scan

Download aswMBR.exe ( 511KB ) to your desktop. If you already have this application, this is a new version I need you to download.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

If your computer supports Virtualization Technology, select Yes to use it for rootkit detection. When it offers to download the virus database allow that as well



On completion of the scan click Save Log, save it to your desktop and post in your next reply



The tool will also produce a copy of the mbrdump labeled MBR.dat. Please do not delete this file, it will be removed in our cleanup at the end.

Items I need to see in your next post:

• FRST and Addition Log
• ASWmbr Log

[redbchtrvlr]

Thank you for your patience.  I am not very good at pasting,so I have attached the logs. 

Attached Files

•  Farber Recovery-Addition.txt   42.05KB   176 downloads
•  Farber Recovery FRST.txt   68.06KB   253 downloads
•  aswMBR scan.txt   2.35KB   182 downloads

[ruggie_uk]

Hello again and thanks for the logs. We should get you sorted pretty soon. To start with, please perform the following steps.

First...

FRST Fix
If FRST64.exe is not on your desktop, please download Farbar Recovery Scan Tool and save it to your desktop.

• Download the attached and save it to your desktop <<< very important - it must be in the same location as FRST64.exe
• Right click and run as administrator. When the tool opens click Yes to the disclaimer.
• Press the Fix button.
• It will produce a log called fixlog.txt on your Desktop.
• Please copy and paste the contents of that log back here.
  
  NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Next...

Junkware Removal Tool
Please download Junkware Removal Tool to your desktop. << Important

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by right-clicking JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

Then...

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the desktop.


NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

• Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
• You will see the following console:
  
  
• Click the Scan button and wait for the scan to finish.
• After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
• Click the Report button to get the log.
• Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
• Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

Optional:

NOTE: If you see AVG Secure Search being targeted for deletion, Here's Why and Here. You can always Reinstall it.


Items I need to see in your next post:

• FRST Fixlog
• JRT Log
• ADWcleaner Scan

[redbchtrvlr]

HELLLLLLPPPPP!  I hit the fix button, saved the log, and then tried to respond and found I cannot get onto Internet Explorer, or Mozilla.  Mozilla states Proxy Server is refusing connection.  Internet Explorer suggests checking the proxy setting--127.0.01:13081.  This is the same problem I encountered when I used the revouninstaller, and thus why I contacted you. Next step please?

[ruggie_uk]

That should have been removed in the fix.

 

Can you continue with the steps, JRT and then ADWcleaner?

 

Then we will look again and see what is going on.

[redbchtrvlr]

I can't get online to download the junkware removal tool.  I show I am connected to the internet, but when I try to load Internet Explorer or Mozilla I receive the Proxy Server message.

[ruggie_uk]

Hi.

 

Let's try manually changing proxy server for now and see if we can progress from that.

 

Open up Internet explorer and click the Cog(settings) icon to the top right of the window.

Go to

Internet options > Connections > Lan Settings

 

Then uncheck the box that says use a proxy server.

Click Ok and Ok again on the options page.

 

Now try and continue.

[redbchtrvlr]

Same error message

[ruggie_uk]

I presume you are on a different computer right now. If so, can you download the tools to a flash drive and copy to that computer?

[redbchtrvlr]

I am on my work computer and I can't download anything onto my office's laptop, I'd have to do it on my laptop, which is a new Dell with windows 8.1 and I haven't had time to figure out how to use it.  I have been electronically challenged for the last 2 months, 6 weeks of which trying to figure out why my new HTC M8 wouldn't send emails---one electronic issue after another.  Can you tell me once I put the flash drive in, what next, again keeping in mind I will be using 8.1 which I am unfamiliar with.

[ruggie_uk]

No problem. I am out now and on my phone so I will try and be as thorough as possible.

If you are using internet explorer, click to download each item as in the links provided, if it asks you where to save it, then a save dialog will appear, simply select the flash drive and it will save to there.
If a save dialog does not appear then it will save into your downloads folder.
Click the yellow folder on your taskbar and the explorer window will appear.
From the menu on the left, locate the downloads folder, normally, c:\users\username\downloads
Then you can copy and paste the files to your flash drive. Or drag and drop onto the drive.

[redbchtrvlr]

My 8.1 also has Kaspersky

[ruggie_uk]

Kaspersky shouldn't cause any issues with the downloads.

[redbchtrvlr]

Do I have to deactivate Kaspersky on my 8.1?