Author Topic: Popup Removal Help (Read 4687 times)

jgret · « **on:** March 17, 2013, 08:33:28 PM »

Hello! I'd greatly appreciate any help in removing a Chitka popup, and one other that I'm not sure how to identify. (It usually says "Please install flashplayer HD to continue.")

Here are the steps I have taken:

1. Ran AdwCleaner and selected Delete

2. Ran Malwarebytes' Anti-Malware

3. Ran OTL

4. Ran aswMBR.exe

I will attach the logs in the next posts. I'm not getting the popups as frequently, but they haven't been totally eliminated.

Thanks in advance!

jgret · « **Reply #1 on:** March 17, 2013, 08:36:04 PM »

AdwCleaner

jgret · « **Reply #2 on:** March 17, 2013, 08:40:31 PM »

Malwarebytes' Anti-Malware

(Is this what is needed?)

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.15.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Donna :: DONNA-PC [administrator]

3/17/2013 12:05:07 PM
mbam-log-2013-03-17 (12-05-07).txt

Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 567301
Time elapsed: 2 hour(s), 1 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Donna\AppData\Local\Temp\services.exe.mui (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

(end)

jgret · « **Reply #3 on:** March 17, 2013, 08:41:41 PM »

OTL.Txt and Extras.Txt.

jgret · « **Reply #4 on:** March 17, 2013, 08:42:42 PM »

aswMBR.exe

Pondus · « **Reply #5 on:** March 17, 2013, 08:44:41 PM »

Quote

Is this what is needed?

yes....exept that you did not update malwarebytes before you scanned
you dont have to post a new..... and quick scan is enough to find any active malware

malware removers are notified....should be here soon

essexboy · « **Reply #6 on:** March 17, 2013, 09:37:18 PM »

Let me know if this cures it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

Code: [Select]

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

jgret · « **Reply #7 on:** March 17, 2013, 10:11:15 PM »

Thank you!

Here is the log from the Quick Scan.

jgret · « **Reply #8 on:** March 17, 2013, 10:35:44 PM »

Yay, I think it worked! Been clicking all around and haven't seen a single popup. Thanks so much!

essexboy · « **Reply #9 on:** March 17, 2013, 10:36:22 PM »

Run OTL and press the cleanup button to remove it and its associated files

jgret · « **Reply #10 on:** March 17, 2013, 11:42:44 PM »

Done! Thanks again

Author Topic: Popup Removal Help (Read 4687 times)

jgret

Popup Removal Help

jgret

Re: Popup Removal Help

jgret

Re: Popup Removal Help

jgret

Re: Popup Removal Help

jgret

Re: Popup Removal Help

Pondus

Re: Popup Removal Help

essexboy

Re: Popup Removal Help

jgret

Re: Popup Removal Help

jgret

Re: Popup Removal Help

essexboy

Re: Popup Removal Help

jgret

Re: Popup Removal Help