Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Needing help removing pesky Malware [Closed]

Started by lordcheezus , Feb 17 2015 09:55 PM

  • This topic is locked This topic is locked

#16
lordcheezus
Posted 24 February 2015 - 06:08 PM

lordcheezus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
I was forced to restart my PC because it wouldn't allow me to access Chrome after the scan, after the restart it worked with no problem.
 
RogueKiller V10.4.3.0 (x64) [Feb 23 2015] by Adlice Software
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Anthony [Administrator]
Mode : Scan -- Date : 02/24/2015  18:05:29
 
¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path] SpotifyWebHelper.exe(5044) -- C:\Users\Anthony\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[7] -> Killed [TermProc]
 
¤¤¤ Registry : 12 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify Web Helper : "C:\Users\Anthony\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"  -> Found
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify : "C:\Users\Anthony\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart  -> Found
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify Web Helper : "C:\Users\Anthony\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"  -> Found
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify : "C:\Users\Anthony\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1912583399-466474933-4168976199-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SV300S37A120G +++++
--- User ---
[MBR] 95659cef7e8e16016cbfd3ad565ab2da
[BSP] afa25c3164690a279bd72d0158eb37e7 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 114121 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: ST1000DM003-1ER162 +++++
--- User ---
[MBR] 8411f69d86e6389281006d249431c6a6
[BSP] 899c38e71a23d8954d9c661c3dee07ef : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

  • 0

Advertisements

#17
BrianDrab
Posted 24 February 2015 - 06:18 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Please delete the AdBlock extension from Chrome. Let me know when that is done.


  • 0

#18
lordcheezus
Posted 24 February 2015 - 06:21 PM

lordcheezus

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts

Done.


  • 0

#19
BrianDrab
Posted 24 February 2015 - 06:36 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Cool. Now, we need to reset Chrome back to defaults to completely clear out what is going on. Let me know if you have any questions during this procedure.

 

Step#1 - Re-install Chrome
1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account

3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome

7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

8. You may re-install AdBlock if you wish.

 

 

Let's see if you issues comes back after this. I would be surprised if it did.
 


  • 0

#20
BrianDrab
Posted 01 March 2015 - 07:45 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP