infected with Adware generic_s.DP (Reported by avg)
Infected pc... once again. [Closed]
#1
Posted 17 November 2014 - 09:07 PM
#2
Posted 18 November 2014 - 09:55 AM
Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
- Select additions at the bottom
- Press Scan button.
- It will produce a log called FRST.txt in the same directory the tool is run from.
- Please attach both logs generated.
#3
Posted 18 November 2014 - 01:17 PM
Hello. here it is.
Attached Files
#4
Posted 18 November 2014 - 01:28 PM
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
HKU\S-1-5-21-4172500889-1631978864-1456911185-1003\...\Run: [Obrona Block Ads] => "C:\Users\Stijn\AppData\Local\Obrona Block Ads\ObronaBlockAds.exe" --hidden
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ProxyEnable: [S-1-5-21-4172500889-1631978864-1456911185-1003] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-4172500889-1631978864-1456911185-1003] => http=127.0.0.1:9880;https=127.0.0.1:9880
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: No Name -> {11111111-1111-1111-1111-110511071180} -> No File
BHO-x32: No Name -> {2adefb8e-b923-35e6-86e2-2b7841f5d2a2} -> No File
2014-11-18 01:50 - 2014-11-18 02:43 - 00000000 ____D () C:\Users\Stijn\AppData\Local\Obrona Block Ads
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on AdwCleaner.exe to run the tool.
- Click on Scan.
- After the scan is complete click on "Clean"
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the content of that logfile with your next answer.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
#5
Posted 18 November 2014 - 02:07 PM
DriaCquaracine is the virus, will upload log in bit
#6
Posted 18 November 2014 - 02:15 PM
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
R2 DriaCquaracine; C:\Program Files (x86)\DriaCquaracine\DriaCquaracine.exe [4377560 2014-11-03] ()
2014-11-18 02:39 - 2014-11-18 03:16 - 00000000 __SHD () C:\Program Files (x86)\DriaCquaracine
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
#7
Posted 18 November 2014 - 05:07 PM
I did that and i had no log
Edit:
Heres a log of AdwCleaner
Edited by lostone, 18 November 2014 - 05:43 PM.
#8
Posted 18 November 2014 - 05:45 PM
here
Attached Files
#9
Posted 19 November 2014 - 08:44 AM
#10
Posted 23 November 2014 - 05:31 AM
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users