Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Little Old Lady PC, Need Help Helping

Trojans PUPS POWERLIKS ReDirects Multiple Chrome Instances Powerliks Rogues PUPs Bogus Chrome Instances

  • Please log in to reply

#16
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,500 posts
I'll be here.. :)
  • 0

Advertisements


#17
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

FIXLOG

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-11-2014
Ran by Chilson at 2014-11-11 18:54:42 Run:2
Running from C:\Users\Chilson\Desktop\AAA FRST2
Loaded Profile: Chilson (Available profiles: Chilson & avery)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\iDeals Shopping Optimizer\ideals-shopping-optimizer.xpi
CHR HKLM\...\Chrome\Extension: [ekiinghkbmjmlcladgkjbkodgplhdphp] - C:\Program Files\iDeals Shopping Optimizer\chrome-powl-deals.crx []
2014-11-01 19:29 - 2014-11-06 15:02 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
C:\Users\Chilson\AppData\Local\temp\dllnt_dump.dll
C:\Users\Chilson\AppData\Local\temp\Quarantine.exe
C:\Users\Chilson\AppData\Local\temp\sqlite3.dll
AlternateDataStreams: C:\ProgramData\TEMP:38020A20
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
*****************

HKLM\Software\Mozilla\Firefox\Extensions\\[email protected] => value deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ekiinghkbmjmlcladgkjbkodgplhdphp" => Key deleted successfully.
"C:\Program Files\iDeals Shopping Optimizer\chrome-powl-deals.crx" => File/Directory not found.
C:\ProgramData\Windows Genuine Advantage => Moved successfully.
C:\Users\Chilson\AppData\Local\temp\dllnt_dump.dll => Moved successfully.
C:\Users\Chilson\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Users\Chilson\AppData\Local\temp\sqlite3.dll => Moved successfully.
C:\ProgramData\TEMP => ":38020A20" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.

==== End of Fixlog ====


  • 0

#18
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,500 posts
Perfect! Now, boot the computer and connect to the internet and let me know the results.

We will need to connect the problem computer to run the ESET scan on it. :)
  • 0

#19
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

OK posting from the infected computer now.  So far so good.  Observing a coule of things, Neither Firefox or Chrome are showing installed on the computer.  I have had to relog into this site on each post.  Other than that it seems much better.

 

Woring on ESET now


  • 0

#20
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,500 posts

OK posting from the infected computer now. So far so good.

Great! :)
 

Neither Firefox or Chrome are showing installed on the computer.

Go to Start > Control Panel > Programs and Features. They should be located there as being installed. You may have to go the following locations, right click on the executable(s) and send a shortcut to the task bar or desktop.

Start > Computer > Local Disk C: > Program Files > Mozilla Firefox > firefox.exe

Start > Computer > Local Disk C: > Program Files > Google > Chrome > Application > chrome.exe

No need to do it now though, if you have started the ESET scan. If they are not located in the Programs and Features found in the Control Panel they can always be re-installed.

As for having to relog into the site, you should see an option to stay logged in, Remember Me or something similar on the log in screen. Just place a checkmark in the box and you should stay logged in when you re-enter the site unless you click on Sign Out.
  • 0

#21
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Just a heads up, I am fighting with McAfee antivirus plus, it won't completely shutdown,  the instructions on that page referenced don't cover it.  I am trying a msconfig diagnostic reboot now.


  • 0

#22
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,500 posts
Ah... Try the following in the links, if needed:

http://www.wikihow.com/Disable-McAfee

Here's a link to the McAfee site. See the second post by Dinz for instructions:

https://community.mc.../43708?tstart=0
  • 0

#23
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Ok I give, short of deinstall McAfee I dont know how to completely stop it


  • 0

#24
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,500 posts
Did you try the instructions in one of the links I provided above?

Does the owner of the computer have the product license handy so we can uninstall, then re-install? If not, Magical Jelly Bean Keyfinder might be able to find it. I know it will find the product key for the OS, MS word and other paid for software. Worth a try!!
  • 0

#25
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

ok uninstalling, hate to do it as she has a paid subscription and I don't have he mcafee details to reload it


  • 0

Advertisements


#26
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Yeah I had already tried all the things mentioned in those instructions, plus a few others, uninstalling now,  I will deal with her when it comes time, besides that product really s&%%^ks or she wouldnt be in this fix to start with, right?


  • 0

#27
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Sorry if I sound irritated just a lot going on here, and McAfee got on my nerves 


  • 0

#28
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Is there any way to tell if the scanner is working?  I didn't get a start button or a measure of progress?


  • 0

#29
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,500 posts

besides that product really s&%%^ks or she wouldnt be in this fix to start with, right?

I have never been a big fan of McAfee or Norton myself, so I have to agree with you on that.

Sorry if I sound irritated just a lot going on here, and McAfee got on my nerves

No apologies necessary! I can only imagine what you are going through! I help many elderlies at a local hi-rise in my town. Many think that their browser is the internet and not a conduit to access the internet. It's not easy helping those who do not understand the technology.

Is there any way to tell if the scanner is working? I didn't get a start button or a measure of progress?

Did you get the option to click YES, and then click on I accept the Terms of Use, etc., etc.?
  • 0

#30
The_Omni

The_Omni

    Member

  • Topic Starter
  • Member
  • PipPip
  • 43 posts

Here is what I see

Attached Thumbnails

  • ESET Window2.jpg

  • 0






Similar Topics


Also tagged with one or more of these keywords: Trojans, PUPS, POWERLIKS, ReDirects, Multiple Chrome Instances, Powerliks, Rogues, PUPs, Bogus Chrome Instances

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP