Other > Viruses and worms
Major Computer Crash
RocketNut:
We had major crash (HDD fire). We are reinstalling backups and downloading the lastest greatness apps. All of sudden a search engine call SNAPON got loaded. Does any one know how to get reinded of it?
essexboy:
Follow the steps here http://forum.avast.com/index.php?topic=53253.0
RocketNut:
Here is AdwCleaner log.
# AdwCleaner v2.010 - Logfile created 12/02/2012 at 10:59:53
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Acer - ACER-PC
# Boot Mode : Normal
# Running from : C:\Users\Acer\Downloads\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\coaxl5oa.default\searchplugins\Web Search.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk
***** [Registry] *****
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=95bfed19-9b90-4a04-b487-2dfe509d72a9&searchtype=hp --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=95bfed19-9b90-4a04-b487-2dfe509d72a9&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=95bfed19-9b90-4a04-b487-2dfe509d72a9&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=95bfed19-9b90-4a04-b487-2dfe509d72a9&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=95bfed19-9b90-4a04-b487-2dfe509d72a9&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
-\\ Mozilla Firefox v17.0.1 (en-US)
Profile name : default
File : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\coaxl5oa.default\prefs.js
Deleted : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=SnapdoEMon&dpid=SnapdoEMon&co=US&userid=95b[...]
*************************
AdwCleaner[S1].txt - [2845 octets] - [02/12/2012 10:59:53]
########## EOF - C:\AdwCleaner[S1].txt - [2905 octets] ##########
essexboy:
That looks to have got rid of it, could you confirm that
RocketNut:
YES But now I have something called "SmartFish".
I SEND MY HARD EARN DOLLARS TO HAVE PROTECTION. WHAT I GOT IS A VIRUS MAGNET THAT LOVES EVERY VIRUS BECUASE THE FRONT DOOR IS WIDE OPEN FOR THE.
Here is AdwCleaner for the SupperFish which this piece of **** let in.
# AdwCleaner v2.010 - Logfile created 12/03/2012 at 05:55:27
# Updated 29/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Acer - ACER-PC
# Boot Mode : Normal
# Running from : C:\Users\Acer\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v17.0.1 (en-US)
Profile name : default
File : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\coaxl5oa.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [2968 octets] - [02/12/2012 10:59:53]
AdwCleaner[S2].txt - [750 octets] - [03/12/2012 05:55:27]
########## EOF - C:\AdwCleaner[S2].txt - [809 octets] ##########
Navigation
[0] Message Index
[#] Next page
Go to full version