Avast WEBforum
Other => Viruses and worms => Topic started by: danceshamen on October 11, 2013, 10:01:48 AM
-
Hi all, I keep getting BLOCKED MALWARE VIRUS alerts about a URL:Mal2 virus? Sadly though I think i may already be infected as about every 3rd or 4th time i enter a url i get adware pop up of varying types.. very annoying. Any help much appreciated :)
-
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
-
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
Hi just ran Adware cleaner ..here is the log:
# AdwCleaner v3.007 - Report created 11/10/2013 at 09:21:49
# Updated 09/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Home Laptop - HOMELAPTOP-PC
# Running from : C:\Users\Home Laptop\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\SSaveunshaore
Folder Deleted : C:\Program Files\MyPC Backup
File Deleted : C:\Windows\System32\Tasks\LaunchApp
***** [ Shortcuts ] *****
***** [ Registry ] *****
- Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp
- Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C5872BE-B2E1-436E-98E7-EEF6F680A0A2}
- Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C5872BE-B2E1-436E-98E7-EEF6F680A0A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Google Chrome v30.0.1599.69
[ File : C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1974 octets] - [11/10/2013 09:19:09]
AdwCleaner[S0].txt - [1954 octets] - [11/10/2013 09:21:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2014 octets] ##########
-
hi danceshamen,
Please attach all logs. See picture attached below my post. Use the Browse button when replying to find and attach your logs.
-
When you say use the "Browse button" where is that exactly? Sorry new to site :-[st
-
When you say use the "Browse button" where is that exactly? Sorry new to site :-[st
below the txt box you write in here .... attachments and other options
-
Picture has a red square around the Browse button. Click that and a new window will open. You'll have to navigate to where your file is and select that file by highlighting it with your mouse and then click "Open".
If you need to attach more pics logs, select "more attachments" and repeat the process over again.
Does that help?
-
your file is and select that file by highlighting it with your mouse and then click "Open".
or just double click it ...
-
hi danceshamen,
Please attach all logs. See picture attached below my post. Use the Browse button when replying to find and attach your logs.
Ok thanks all i think i have it sussed now..attached is the Malwarebytes log i will forward the rest shortly now that i know what to do!
-
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
& Here is the OTL log (attached)
-
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
And here (attached) is the final log requested
-
i see you have iobit software installed....
some info you may want to read
http://www.malwarebytes.org/forums/index.php?showtopic=29681
http://www.malwarebytes.org/forums/index.php?showtopic=30989
http://www.malwarebytes.org/forums/index.php?showtopic=33217
and malware removers are notified, it may take some time before they arrive to check your logs
-
i see you have iobit software installed....
some info you may want to read
http://www.malwarebytes.org/forums/index.php?showtopic=29681
http://www.malwarebytes.org/forums/index.php?showtopic=30989
http://www.malwarebytes.org/forums/index.php?showtopic=33217
and malware removers are notified, it may take some time before they arrive to check your logs
I had not a clue about this? :s The offending programs have now been uninstalled... These were installed by a guy who recently worked on my laptop so is this suffice? or is there something else i need to do now?
-
i see you have iobit software installed....
some info you may want to read
http://www.malwarebytes.org/forums/index.php?showtopic=29681
http://www.malwarebytes.org/forums/index.php?showtopic=30989
http://www.malwarebytes.org/forums/index.php?showtopic=33217
and malware removers are notified, it may take some time before they arrive to check your logs
So are you saying that because i had a certain anti malware programme installed on my system , which i had no idea was in anyway an issue to anybody and has now been uninstalled from my system as soon as it has become apparent that it was an issue, nobody will now help me? I would appreciate it if you could let me know either way?
-
So are you saying that because i had a certain anti malware programme installed on my system , which i had no idea was in anyway an issue to anybody and has now been uninstalled from my system as soon as it has become apparent that it was an issue, nobody will now help me?
Sure you'll get help. Please be patient. :)
-
So are you saying that because i had a certain anti malware programme installed on my system , which i had no idea was in anyway an issue to anybody and has now been uninstalled from my system as soon as it has become apparent that it was an issue, nobody will now help me? I would appreciate it if you could let me know either way?
no i did not say that...
i gave you the info about IObit and what you want to do with it is up to you (you did what evryone have done after reading this)
IObit has probably nothing to do with your issue.... and help will arrive when the removal guys are home from work
they dont work for avast, they are volunteers and use there free time here helping, so they are not in the forum 24/7
so be patient....help will arrive
-
So are you saying that because i had a certain anti malware programme installed on my system , which i had no idea was in anyway an issue to anybody and has now been uninstalled from my system as soon as it has become apparent that it was an issue, nobody will now help me?
Sure you'll get help. Please be patient. :)
Ok thanks, .. i will pass on the info regarding That IObit thing to the guy who did my PC as i'm sure he is not aware either.
-
So are you saying that because i had a certain anti malware programme installed on my system , which i had no idea was in anyway an issue to anybody and has now been uninstalled from my system as soon as it has become apparent that it was an issue, nobody will now help me?
Sure you'll get help. Please be patient. :)
1. Ok thanks, ..
2. i will pass on the info regarding That IObit thing to the guy who did my PC as i'm sure he is not aware either.
1. You're welcome.
2. Please do so. :)
-
Could you attach a screenshot of the alert please
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
(https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
:Commands
[CREATERESTOREPOINT]
:OTL
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
[2013/10/11 09:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/10/11 10:13:17 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
:Files
C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbplgmdknmiikhjajnmcbhpcikceccih
C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg
C:\Program Files\Secure Speed Dial
:Commands
[resethosts]
[emptytemp]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
-
Could you attach a screenshot of the alert please
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
(https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
:Commands
[CREATERESTOREPOINT]
:OTL
O2 - BHO: (AccelerateTab) - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
[2013/10/11 09:29:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
[2013/10/11 10:13:17 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\Driver Booster Update.job
:Files
C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbplgmdknmiikhjajnmcbhpcikceccih
C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
C:\Users\Home Laptop\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg
C:\Program Files\Secure Speed Dial
:Commands
[resethosts]
[emptytemp]
[Reboot]- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Hi, Many thanks for this :)
Here is the (Attached) OTL report after doing everything you suggested above.
As for taking a screen shot of the alert message this is difficult as it only pops up on the odd occasion like about once every few days. But i will try to grab it next time.. What happens mainly is when i try to open a page or enter a url i just occasionally get a random page of malware appear.. the only pattern with this is that it happens several times a day.
-
OK I will hold off until the next alert