Avast WEBforum

Other => Viruses and worms => Topic started by: alexj360 on September 17, 2012, 11:35:39 PM

Title: same mal pop-up i.trkjmp.com
Post by: alexj360 on September 17, 2012, 11:35:39 PM

I'm having the same problem as many other people.
Any help would be appreciated.

Also, here is my AdwCleaner log.

Title: Re: same mal pop-up i.trkjmp.com
Post by: essexboy on September 17, 2012, 11:36:38 PM

I will need the OTL log to locate and remove the miscreant  ;D

Title: Re: same mal pop-up i.trkjmp.com
Post by: alexj360 on September 18, 2012, 01:58:47 AM

Here's the OTL log.
Thank you for your help.

Title: Re: same mal pop-up i.trkjmp.com
Post by: essexboy on September 18, 2012, 04:02:15 PM

Let me know if this kills it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  (https://dl.dropbox.com/u/73555776/OTL_Fix.GIF)
  
  

Code: [Select]

:OTL
IE - HKU\S-1-5-21-2477781531-2979861822-1054933110-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
2012/08/29 11:34:45 | 000,000,000 | ---D | M] ("Codec-V") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\69c3wbkk.default\extensions\crossriderapp435@crossrider.com
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2477781531-2979861822-1054933110-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2477781531-2979861822-1054933110-1000\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found.

:Files
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgcjecomkebbohfjgmncelbhogbbokf
ipconfig /flushdns /c
netsh int ip reset c:\resetlog.txt  /c
ipconfig /release /c
ipconfig /renew /c

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Title: Re: same mal pop-up i.trkjmp.com
Post by: alexj360 on September 18, 2012, 05:31:57 PM

It seems to be working great right now.
Thank you very much!

Title: Re: same mal pop-up i.trkjmp.com
Post by: essexboy on September 18, 2012, 07:17:26 PM

Run OTL and press the cleanup button to remove it