« previous next »
Pages: [1]   Go Down

Author Topic: Clickered Malware  (Read 2306 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Clickered Malware
« on: August 29, 2014, 07:56:59 PM »
Can anyone help me?

I keep getting pop-ups from avast saying that hxxp://clickered.com/cen?ag=7d6bb5e98bbad0386a0a070e7503eb50-68-0&g=ZZZ&t=aa2a773 has been blocked(however this is not the only URL that appears). I have read some other forums and have tried some malware removers but nothing has worked. I have attached logs using FRST.exe.

Thanks Rosie
« Last Edit: August 29, 2014, 08:11:05 PM by R0sie »
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Clickered Malware
« Reply #1 on: August 29, 2014, 08:45:13 PM »
Here you go this should cure it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds&ts=1409262439&from=amt&uid=ST1000LM024XHN-M101MBB_S32XJ9AF312260&q={searchTerms}
BHO: No Name -> {8DE6FC60-E023-4AD7-A3B7-591E1460E7F7} ->  No File
2014-08-29 00:02 - 2014-08-29 16:49 - 00000000 ____D () C:\ProgramData\SparkTrust
2014-08-29 00:02 - 2014-08-29 00:02 - 00000000 ____D () C:\Users\User\AppData\Roaming\SparkTrust
2014-08-28 23:54 - 2014-08-29 00:01 - 06764848 _____ (SparkTrust) C:\Users\User\Downloads\SparkTrust PC Cleaner Plus Setup_d6ab1f9_.exe
2014-08-28 22:44 - 2014-08-28 23:28 - 00000000 ____D () C:\Users\User\AppData\Local\Idle~_~Crawler
2014-08-28 22:44 - 2014-08-28 22:44 - 00004576 _____ () C:\WINDOWS\System32\Tasks\Idle~_~Crawler Runner 
2014-08-29 16:49 - 2014-08-29 00:02 - 00000000 ____D () C:\ProgramData\SparkTrust
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Task: {AD3A7331-73BA-4269-B88E-8C94E6306725} - System32\Tasks\Microsoft\Windows\Maintenance\Idle~_~Crawler Update => %LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe
Task: {B96E7059-6D39-4B0C-B490-78A00E1462FA} - System32\Tasks\Idle~_~Crawler Runner => %LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Logged

REDACTED

  • Guest
Re: Clickered Malware
« Reply #2 on: August 30, 2014, 10:26:41 AM »
Here is the fixlog  that it has generated :)
« Last Edit: August 30, 2014, 10:45:46 AM by R0sie »
Logged

REDACTED

  • Guest
Re: Clickered Malware
« Reply #3 on: August 30, 2014, 10:46:37 AM »
...and logfile
Logged

REDACTED

  • Guest
Re: Clickered Malware
« Reply #4 on: August 30, 2014, 11:14:25 AM »
Thank you for your logs R0sie.  Since it is the weekend, please be patient when Essexboy will be on the forum to give you further instructions.  Thank you.
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Clickered Malware
« Reply #5 on: August 30, 2014, 12:47:38 PM »
Could you confirm that the alerts have now ceased
Logged
Pages: [1]   Go Up
« previous next »