Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Popup ad virus won't go away [Closed]


  • This topic is locked This topic is locked

#16
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Here you go!

Attached Files


  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Open AVZ as before
Click "File" > "Custom scripts"
avzfix1.png

A dialogue will open
Copy and paste the following script into the marked space then press run
avzfix2.JPG

Script for insertion :
 
begin
SetAVZGuardStatus(True);
SearchRootkit(true, true);
 SetServiceStart('LavasoftTcpService', 4);
 StopService('LavasoftTcpService');
 DeleteService('SearchProtectionService');
 StopService('SearchProtectionService');
 TerminateProcessByName('LavasoftTcpService.exe');
 BC_DeleteFile('LavasoftTcpService.exe');
 BC_DeleteSvc('SearchProtectionService');
 BC_DeleteSvc('LavasoftTcpService');
BC_ImportDeletedList;
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.
Ensure that you copy from begin to end
  • 0

#18
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Done. Nothing's changed, now what?


  • 0

#19
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you confirm that the problem is in chrome only .. Run IE to test it out please

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKU\S-1-5-21-3754106926-3601097053-1584288023-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1380672 2015-01-23] (Lavasoft)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
C:\Program Files (x86)\Lavasoft
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#20
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

IE works fine, no popups, but I noticed something odd: I opened Spotify, and the popups appear there too for some reason.

 

Also, I don't know if you know what Steam is, but the viruses have taken over Steam's own browser too. I attached a (censored) photo to show you what I mean - the main page of Steam normally shows games that are on sale, but whenever I open Steam, the virus redirects me to a porn site.

 

After running FRST, Chrome seemed fine for a short while, until I opened Spotify to check if it was clean too. It wasn't, and now the popups are back in Chrome too.

 

Here's the fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Natu-ti-ti at 2015-03-25 16:50:31 Run:3
Running from C:\Users\Natu-ti-ti\Downloads
Loaded Profiles: Isukka & Natu-ti-ti (Available profiles: Isukka & Natu-ti-ti & Äittä)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3754106926-3601097053-1584288023-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1380672 2015-01-23] (Lavasoft)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.1.4\LavasoftTcpService.exe [1364392 2015-01-23] (Lavasoft Limited)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2015-01-23] ()
C:\Program Files (x86)\Lavasoft
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Error: (0) Failed to create a restore point.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => Value not found.
LavasoftTcpService => Unable to stop service
LavasoftTcpService => Error deleting Service
SearchProtectionService => Unable to stop service
SearchProtectionService => Error deleting Service
 
"C:\Program Files (x86)\Lavasoft" directory move:
 
Could not move "C:\Program Files (x86)\Lavasoft" directory. => Scheduled to move on reboot.
 
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Key could not be deleted. Access denied.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Value could not be deleted.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Value could not be deleted.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to enum jobs - 0x80070005
 
========= End of CMD: =========
 
EmptyTemp: => Removed 400.5 MB temporary data.
 

Attached Thumbnails

  • 1 (2).jpg

  • 0

#21
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you open steam before or after you had used Spotify ?

As from the description it appears that the malware is within Spotify and is changing the DNS settings, I should imagine that IE will also show this if you open it after Spotify

To confirm or deny this hypothesis could you uninstall Spotify then run the following fix

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\...\Run: [Spotify Web Helper] => C:\Users\Natu-ti-ti\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-12] (Spotify Ltd)
2015-03-18 19:48 - 2014-10-05 15:53 - 00000000 ____D () C:\Users\Natu-ti-ti\AppData\Local\Spotify
2015-03-18 18:32 - 2014-10-05 15:52 - 00000000 ____D () C:\Users\Natu-ti-ti\AppData\Roaming\Spotify
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#22
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

I always have Steam running in the background, so I ran it before I opened Spotify.

IE didn't show popups even after I had opened Spotify, which is odd.

 

 

Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Natu-ti-ti at 2015-03-25 19:25:11 Run:4
Running from C:\Users\Natu-ti-ti\Downloads
Loaded Profiles: Isukka & Natu-ti-ti (Available profiles: Isukka & Natu-ti-ti & Äittä)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\...\Run: [Spotify Web Helper] => C:\Users\Natu-ti-ti\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-12] (Spotify Ltd)
2015-03-18 19:48 - 2014-10-05 15:53 - 00000000 ____D () C:\Users\Natu-ti-ti\AppData\Local\Spotify
2015-03-18 18:32 - 2014-10-05 15:52 - 00000000 ____D () C:\Users\Natu-ti-ti\AppData\Roaming\Spotify
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Error: (0) Failed to create a restore point.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => Value not found.
"C:\Users\Natu-ti-ti\AppData\Local\Spotify" => File/Directory not found.
"C:\Users\Natu-ti-ti\AppData\Roaming\Spotify" => File/Directory not found.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Key could not be deleted. Access denied.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Value could not be deleted.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Value could not be deleted.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  netsh advfirewall reset =========
 
The requested operation requires elevation (Run as administrator).
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
The requested operation requires elevation (Run as administrator).
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
The requested operation requires elevation (Run as administrator).
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, failed.
The requested operation requires elevation (Run as administrator).
Reseting Interface, failed.
The requested operation requires elevation (Run as administrator).
There's no user specified settings to be reset.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::11b0:ac1f:b427:19f5%10
   Default Gateway . . . . . . . . . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::11b0:ac1f:b427:19f5%10
   IPv4 Address. . . . . . . . . . . : 192.168.11.6
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.11.1
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Global, failed.
The requested operation requires elevation (Run as administrator).
Reseting Interface, failed.
The requested operation requires elevation (Run as administrator).
There's no user specified settings to be reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, failed.
The requested operation requires elevation (Run as administrator).
There's no user specified settings to be reset.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to enum jobs - 0x80070005
 
========= End of CMD: =========
 
EmptyTemp: => Removed 226.3 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 19:25:31 ====

  • 0

#23
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you run the fix from an administrator account ?

Is Chrome still showing the ads
  • 0

#24
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

No, I didn't - should I?

 

Right now, Chrome seems to be clean. No ads have showed up for the past 10 minutes.

Although the ads still pop up when I open Steam's own browser.


Edited by Samyaza, 25 March 2015 - 11:47 AM.

  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you run this fix as administrator please and then check steam again
  • 0

Advertisements


#26
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#27
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
User returned
  • 0

#28
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

Popups seem to be gone. Thanks for the help!

Haven't checked my mother's computer though, I will do that later today.

 

 

Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Isukka at 2015-04-01 11:42:08 Run:5
Running from C:\Users\Natu-ti-ti\Downloads
Loaded Profiles: Isukka & Natu-ti-ti (Available profiles: Isukka & Natu-ti-ti & Äittä)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\...\Run: [Spotify Web Helper] => C:\Users\Natu-ti-ti\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-12] (Spotify Ltd)
2015-03-18 19:48 - 2014-10-05 15:53 - 00000000 ____D () C:\Users\Natu-ti-ti\AppData\Local\Spotify
2015-03-18 18:32 - 2014-10-05 15:52 - 00000000 ____D () C:\Users\Natu-ti-ti\AppData\Roaming\Spotify
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => Value not found.
"C:\Users\Natu-ti-ti\AppData\Local\Spotify" => File/Directory not found.
"C:\Users\Natu-ti-ti\AppData\Roaming\Spotify" => File/Directory not found.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3754106926-3601097053-1584288023-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-3754106926-3601097053-1584288023-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
 
 
========= End of RemoveProxy: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state ON =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
Windows IP Configuration
 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::11b0:ac1f:b427:19f5%10
   Default Gateway . . . . . . . . . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
Windows IP Configuration
 
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Link-local IPv6 Address . . . . . : fe80::11b0:ac1f:b427:19f5%10
   IPv4 Address. . . . . . . . . . . : 192.168.11.7
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.11.1
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{9781C964-E851-4992-B7BF-D9DB48804B80} canceled.
{389A9329-3305-4657-A8C4-382E4F12AC98} canceled.
{0D1D83C4-8CB9-4C92-8B13-6537803F37A8} canceled.
{9384D425-F5F8-4920-B242-BFADAF59EAFE} canceled.
{12E9C345-0A1D-4EF5-8391-F441D3B9CB85} canceled.
{0F8413CE-C288-4D90-AC96-4C8B6718E492} canceled.
{3A582974-F449-4BDF-9BE1-FAC807FF73E1} canceled.
{51B529A4-BADD-410D-941F-2EACAA6656E5} canceled.
{0B54BFB4-7996-442F-9BB6-AFA0391CE475} canceled.
{F94484D7-A6D9-407A-8325-0388501D94E0} canceled.
10 out of 10 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 83.2 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 11:42:53 ====

  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Do you want to continue with your mothers computer here ?

Any further problems on your system
  • 0

#30
Samyaza

Samyaza

    Member

  • Topic Starter
  • Member
  • PipPip
  • 34 posts

My computer seems clean now, thank you very much for the help.

I haven't checked my mother's computer myself, but she said she hasn't gotten popups either for some time now. So it seems to be fine.

 

However, my tablet (Samsung Galaxy Note 10.1) is still acting a bit weird. Sometimes, when using Chrome on it, I get redirected to odd pages telling me my tablet is infected and stuff, and pressing back won't help because I'll just get redirected again. I cleaned all cookies and browsing history, but the problem persists. What's odd, is that the problem only occurs when I'm using our home wifi, and when I turn it off and use mobile data, everything's fine.


Edited by Samyaza, 05 April 2015 - 06:50 AM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP