Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

SmartAd


  • Please log in to reply

#16
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

I apologize for taking so long I've run the malware and sending you the logs generated. I still haven't been able to locate that file anywhere in the logs.

And that it's only happening on one user account is  little strange....hopefull two eyes are better than one

thank you for your help

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 6/7/2015 2:15:24 PM, SYSTEM, DAVIDSALTER-PC, Manual, Rootkit Database, 2015.4.21.1, 2015.6.2.1,
Update, 6/7/2015 2:15:24 PM, SYSTEM, DAVIDSALTER-PC, Manual, Remediation Database, 2015.4.22.1, 2015.5.13.1,
Update, 6/7/2015 2:15:34 PM, SYSTEM, DAVIDSALTER-PC, Manual, Malware Database, 2015.5.6.2, 2015.6.7.5,
Update, 6/7/2015 2:15:39 PM, SYSTEM, DAVIDSALTER-PC, Manual, program, 2.0.4.1028, 2.1.6.1022,
Update, 6/7/2015 2:16:09 PM, SYSTEM, DAVIDSALTER-PC, Manual, Remediation Database, 2015.3.9.1, 2015.5.13.1,
Update, 6/7/2015 2:16:09 PM, SYSTEM, DAVIDSALTER-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.6.2.1,
Update, 6/7/2015 2:16:14 PM, SYSTEM, DAVIDSALTER-PC, Manual, Malware Database, 2015.3.9.5, 2015.6.7.5,
Scan, 6/7/2015 2:30:38 PM, SYSTEM, DAVIDSALTER-PC, Manual, Start:6/7/2015 2:16:22 PM, Duration:10 min 12 sec, Threat Scan, Completed, 0 Malware Detections, 1 Non-Malware Detection,

(end)

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/7/2015
Scan Time: 2:16:22 PM
Logfile: mal67.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.06.07.05
Rootkit Database: v2015.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: David Salter

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 397203
Time Elapsed: 10 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-306836380-3015734-3570109687-1000\SOFTWARE\CONDUIT\DistributionEngine, Quarantined, [f9e8d1e61b6fe74f6353f78d27deb24e],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

Advertisements


#17
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts
Hello,

Reset Firefox browser

How to reset Firefox;
  • Click the menu button and then click help .
  • From the Help menu choose Troubleshooting Information. ...
  • Click the Reset Firefox… button in the upper-right corner of the
  • Troubleshooting Information page.
  • To continue, click Reset Firefox in the confirmation window that opens.
Next this ESET scan could take a long time


ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Post the ESET scan results.

Thanks
Joe :)
  • 0

#18
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

[email protected] as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=2e37a4c87c3f0e4a8dff4d0ffcce8cfe

# end=init

# utc_time=2015-06-12 09:58:02

# local_time=2015-06-12 02:58:02 (-0800, Pacific Daylight Time)

# country="United States"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 24296

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=2e37a4c87c3f0e4a8dff4d0ffcce8cfe

# end=updated

# utc_time=2015-06-12 10:03:40

# local_time=2015-06-12 03:03:40 (-0800, Pacific Daylight Time)

# country="United States"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=2e37a4c87c3f0e4a8dff4d0ffcce8cfe

# engine=24296

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2015-06-12 10:54:39

# local_time=2015-06-12 03:54:39 (-0800, Pacific Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='AVG AntiVirus Free Edition 2015'

# compatibility_mode=1055 16777213 100 100 0 120286463 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 44709777 185649929 0 0

# scanned=201569

# found=36

# cleaned=0

# scan_time=3059

sh=99FD9BCEC9951989FC68F39DC91C9B0359CEFC14 ft=0 fh=0000000000000000 vn="a variant of Win32/Kryptik.AKJ trojan" ac=I fn="C:\Laptop Temp\XStitch\Cross Stitch.zip"

sh=211248BBDAD097A385C0F2924A064565F6A5B445 ft=1 fh=f070839ec377cd62 vn="Win32/HackTool.Crack.CE potentially unsafe application" ac=I fn="C:\Program Files (x86)\City Interactive\Ancient Quest of Saqqarah EN\Saqqarah.exe"

sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup409.exe"

sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup410.exe"

sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup411.exe"

sh=DA0FB77CECB4247F067294DA5E54E0020844FECE ft=1 fh=96c9faddf1c23368 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup413.exe"

sh=D12F2B7B95F3EB52E57E5E034F4315F4716670FF ft=1 fh=fa0e3acfd523f7f9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup415.exe"

sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup416.exe"

sh=F69F5B71A6FA94B71504EF184913BCF428D43899 ft=1 fh=6c8257ade2556f83 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup418.exe"

sh=A601D7FA1AC943E7C513C18554B4963A7CC30777 ft=1 fh=24077ef6e95ea586 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup419.exe"

sh=B6B12E4F8E59C61EC67A5E17DEDA7EA5B2FEF364 ft=1 fh=65d7fe9609cd6c74 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup500.exe"

sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup501.exe"

sh=74507D2AD5D69252167B682B5FA7E693E1AE0652 ft=1 fh=c644006b49a165d6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup502(1).exe"

sh=74507D2AD5D69252167B682B5FA7E693E1AE0652 ft=1 fh=c644006b49a165d6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\David Salter\Downloads\ccsetup502.exe"

sh=694C0E5183D67ADEE72EFEFB03686F599DFA62AA ft=1 fh=e26c5326167ff21c vn="Win32/InstallMonetizer.AQ potentially unwanted application" ac=I fn="C:\Users\David Salter\Downloads\disk-defrag-setup.exe"

sh=932E042070F1567ED5A116E98E3C04D7D07E0681 ft=1 fh=3bf8f6c29b1c29c3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Documents\16gig jump\Downloads\ccsetup409.exe"

sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Documents\16gig jump\Downloads\ccsetup410.exe"

sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Documents\16gig jump\Downloads\ccsetup411.exe"

sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Documents\16gig jump\Downloads\ccsetup412.exe"

sh=DA0FB77CECB4247F067294DA5E54E0020844FECE ft=1 fh=96c9faddf1c23368 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Documents\16gig jump\Downloads\ccsetup413.exe"

sh=9AA5E59F80A95BDFC48FBB4DC9F4B7212749E67D ft=1 fh=2fe225811afcde6b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Documents\16gig jump\Downloads\ccsetup416.exe"

sh=C133DB147FA578119F34B675D45B477E110761B2 ft=1 fh=9272027fde077ca7 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup412.exe"

sh=F83855D2F4CB2063085A6A66A6A1C7CB377C28CB ft=1 fh=bcd5e45444e76df6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup414.exe"

sh=1DE5D70A411EBBF4441FD569E7427CC28A4D6B13 ft=1 fh=b572351b8a033ea9 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup417.exe"

sh=DFDA3BEB6A8E9899118BBDE16E4DE6878E323A90 ft=1 fh=dc19b4d7d4992970 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup419(1).exe"

sh=DFDA3BEB6A8E9899118BBDE16E4DE6878E323A90 ft=1 fh=dc19b4d7d4992970 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup419.exe"

sh=B6B12E4F8E59C61EC67A5E17DEDA7EA5B2FEF364 ft=1 fh=65d7fe9609cd6c74 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup500.exe"

sh=205EA3A873C765FF2E0F78FB1834D6EB44C21BF3 ft=1 fh=a409751ddc77dac3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup501.exe"

sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup503(1).exe"

sh=976D24D060C8F9B655B5EC01472194B9DA6C190C ft=1 fh=1966d8d77ea974eb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup503.exe"

sh=95515E5CD54F8D3B375FAFB34E53C0C1D2E7C344 ft=1 fh=00a7bfbc17a0357b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup504.exe"

sh=3032CB5B0066ACB77259EC89E9ECAFDB21C06BE6 ft=1 fh=4cc4f419610b1b22 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup505.exe"

sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\ccsetup506.exe"

sh=6D0A8877CD82C957F50B05FA7B4B2CB0B34A5CC8 ft=1 fh=d420c201dab6bb71 vn="a variant of Win32/OpenCandy.C potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\FoxitReader620.0429_enu_Setup(1).exe"

sh=6D0A8877CD82C957F50B05FA7B4B2CB0B34A5CC8 ft=1 fh=d420c201dab6bb71 vn="a variant of Win32/OpenCandy.C potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\FoxitReader620.0429_enu_Setup.exe"

sh=60DF35DCB223491FC6F19C56D24B9FD1B9759A9F ft=1 fh=81363ce16fec44c3 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Donna\Downloads\locked\cdbxp_setup_4.5.2.4478.exe"


  • 0

#19
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts
Hello,

Sorry for delay, out of town an Internet access for a few days.

Are we still getting the smart add pop up in Firefox ?

Thanks
Joe :)
  • 0

#20
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

No problem I appreciate the help and I haven't been online too much since surgery

 

yes it keeps trying to bring up another tab, but since I have turned pop off up it just notifies me on the top of the screen. Also getting script errors on Facebook


  • 0

#21
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,806 posts
I think we should reinstall Firefox and see how that does

Get Firefox from Here

This will not mess with the profiles folder in Firefox so all your bookmarks and such will be retained.

Let me know when you get a chance.

Thanks
Joe :)
  • 0

#22
dolface755

dolface755

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 212 posts

I will and thank you so much for your help. With my condition being what it is these days I am finding it very differcult to consentrate on each line of codes

I will reinstall then get back to you


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP