Jump to content

Juliet

Trusted Malware Techs
  • Content count

    22,587
  • Joined

  • Last visited

About Juliet

  • Rank
    Advanced Member
  • Birthday December 29

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Gender
    Female
  • Location
    Tennessee

Previous Fields

  • System Specifications:
    windows 7
  • Teams:
    Nothing Selected

Recent Profile Visitors

2,305 profile views
  1. Net work Firewall

    Thank you and your welcome
  2. Net work Firewall

    Frank, We'll wrap it up by running DelFix to delete the tools and logs that were used in this clean-up. DelFix Follow the instructions below to download and execute DelFix. Download DelFix and move the executable to your Desktop Right-click on DelFix.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Check the following options : Activate UAC Remove disinfection tools Create registry backup Purge system restore Reset system settings Once all the options mentionned above are checked, click on Run After DelFix is done running, a log will open. Please copy/paste the content of the output log in your next reply created by Aura
  3. Birthday party

    woohoo you go girl!
  4. Well now...

    he did it! Now we have a face to look at.
  5. Net work Firewall

    As far as malware being installed on your computer, it's not evident, I'm not seeing any. But, as a precaution measure let's do this. * Call all of your banks, credit card companies, financial institutions and inform them that you may have been a victim of identity theft and to put a watch on your accounts or change all your account numbers. * From a known clean computer, change ALL your on-line passwords for email, for banks, financial accounts, PayPal, eBay, on-line companies, any on-line forums or groups you belong to. Do NOT change passwords or do any transactions while using this computer because new passwords could be jeopardized. I'm going to ask one of the tech guys for PC Matic to look into the issue your having with it being stopped. ~~~~~ Let's try an online scan to check for remnants. Emsisoft Emergency Kit - Fix Mode Follow the instructions below to run a scan using the Emsisoft Emergency Kit. Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder; ight-click on http://i.imgur.com/G0tu5D9.png[/img]http://i.imgur.com/G0tu5D9.png[/img]start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users); Once the extraction is complete, the EEK folder will open. R EEK will suggest that you run an online update before using the program. Click on Yes to launch it. After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes). Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button; If it asks you for a reboot to delete some items, click on Ok to reboot automatically; After the restart, open EEK again (in the C:\EEK folder); This time, click on Logs; go under the Quarantine Log tab, and click on the Export button; From there, Save the log on your desktop, then open it, and copy/paste its content in your next reply; created by Aura
  6. Net work Firewall

    It's best we move Farbar's to desktop. Please go to your downloads folder, locate Farbar Recovery Scan Tool, right click and select CUT Go to an open spot on your desktop, right click and select PASTE You should now have Farbar Recovery Scan Tool on your desktop. Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below: Or use this method Press the windows key + r on your keyboard at the same time. This will open the RUN BOX. Type Notepad and and click the OK key. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. save it to the Desktop as fixlist.txt NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow) Press the Fix button. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ RogueKiller Download the right version of RogueKiller for your Windows version (32 or 64-bit) Once done, move the executable file to your Desktop, right-click on it and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner) Wait for the scan to complete On completion, the results will be displayed Check every single entry (threat found), and click on the Remove Selected button On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner) This will open the report in Notepad. Copy/paste its content in your next reply AdwCleaner - Fix Mode Download AdwCleaner and move it to your Desktop Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply created by Aura Your next reply(ies) should therefore contain: fixlist.txt fixlist.txt Copy/pasted RogueKiller clean log Copy/pasted AdwCleaner clean log
  7. Sorry it's to lateĀ 

  8. Sunday funnies........

    lol
  9. Net work Firewall

    It wasn't Microsoft, they don't contact anyone in this manner, you have to contact them. it is a fake scareware advertisement, aimed to get you to call them on the phone so they can scare you more and gain access to your computer. They call and say nonsense like they are from Microsoft security and that they are detecting viruses or that your computer has been compromised and/or hacked and request access to your computer to help. Just remember to never let them onto your computer, do not give them any (truthful) personal information and under no circumstances ever trust a single thing that they are saying. They are out for your money, identity, banking information or even to establish an open link to your computer. If it should happen again, please use task manager , then locate your browser and end task on it, this will close and stop the scam from running. Y kawika If you don't want to use or have Google Chrome on your computer, try to remove/uninstall it from your programs list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` Farbar Recovery Scan Tool (FRST) - Scan mode Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply. Download the right version of FRST for your system: FRST 32-bit FRST 64-bit Note: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using. Move the executable (FRST.exe or FRST64.exe) on your Desktop Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds Make sure the Addition.txt box is checked Click on the Scan button On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files Copy and paste the content of both FRST.txt and Addition.txt in your next reply
  10. Sunday funnies........

    sounds like good advise from a smart man.
  11. Continous AVG warning

    Glad we could help. Since this issue appears resolved ... this Topic is closed.
  12. Continous AVG warning

    Good deal By chance, did you allow RogueKiller remove/quarantine what it found? The original file detected was found and deleted. **** [ Files ] ***** Deleted: C:\Users\hubby\AppData\Roaming\Mozilla\Firefox\Profiles\e15wu2lj.default\invalidprefs.js If there are no more issues we will remove tools and quarantine folders. DelFix Please download DelFix or from Here and save the file to your Desktop. Double-click DelFix.exe to run the programme. Place a checkmark next to the following items: Activate UAC Remove disinfection tools Create registry backup Purge system restore Reset system settings Click the Run button. -- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
  13. Continous AVG warning

    By chance, did you allow RogueKiller remove/quarantine what it found? Emsisoft Emergency Kit - Fix Mode Follow the instructions below to run a scan using the Emsisoft Emergency Kit. Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder; ight-click on http://i.imgur.com/G0tu5D9.png[/img]http://i.imgur.com/G0tu5D9.png[/img]start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users); Once the extraction is complete, the EEK folder will open. R EEK will suggest that you run an online update before using the program. Click on Yes to launch it. After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes). Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button; If it asks you for a reboot to delete some items, click on Ok to reboot automatically; After the restart, open EEK again (in the C:\EEK folder); This time, click on Logs; go under the Quarantine Log tab, and click on the Export button; From there, Save the log on your desktop, then open it, and copy/paste its content in your next reply; How is your computer now?
  14. Continous AVG warning

    I can see more then one antivirus on the computer, AVG AntiVirus AdAware antivirus? AVAST antivirus? some might be remnants but, let's make sure you only have 1 active and running on the computer. ~~~~~~~ I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infested with malware - worms, backdoor Trojans, IRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. The best way to reduce the risk of infection is to avoid these types of web sites and P2P programmes. Please read the following articles for more information. Risks of File-Sharing Technology P2P Software User Advisories More malware is traveling on P2P networks these days Your P2P software can be removed by following the instructions below. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` https://support.mozilla.org/en-US/kb/how-clear-firefox-cache https://support.mozilla.org/en-US/kb/Firefox cache file was infected with a virus Please follow the information in the above links to clear the Firefox cache. ~~~~~~~~~~~~~~~~~~~~` Start Farbar Recovery Scan Tool with Administrator privileges (Right click on the FRST icon and select Run as administrator) highlight on the text below and select Copy. beginning with Start:: and finishing with End:: Start:: CloseProcesses: CreateRestorePoint: GroupPolicy: Restriction <==== ATTENTION SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-1968179541-1768666477-4272171141-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = SearchScopes: HKU\S-1-5-21-1968179541-1768666477-4272171141-1001 -> {15E9E694-0016-4243-A350-AA6CDA2AC329} URL = FF HKLM\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor\FirefoxAddon.xpi => not found ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File Task: {DB9A54F2-D85D-4E27-9F19-1072B73C6D60} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Emptytemp: End:: Press the Fix button. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~` AdwCleaner - Fix Mode Download AdwCleaner and move it to your Desktop Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply ~~~~~~~~~~~~~` RogueKiller Download the right version of RogueKiller for your Windows version (32 or 64-bit) Once done, move the executable file to your Desktop, right-click on it and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner) Wait for the scan to complete On completion, the results will be displayed Check every single entry (threat found), and click on the Remove Selected button On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner) This will open the report in Notepad. Copy/paste its content in your next reply created by Aura ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Your next reply(ies) should therefore contain: Copy/pasted Fixlog.txt Copy/pasted RogueKiller clean log Copy/pasted AdwCleaner clean log
  15. Continous AVG warning

    Farbar Recovery Scan Tool (FRST) Follow the instructions below to download and execute a scan on your system with FRST, and provide the logs in your next reply. Download the right version of FRST for your system: FRST 32-bit FRST 64-bit Note: Only the right version will run on your system, the other will throw an error message. So if you don't know what your system's version is, simply download both of them, and the one that works is the one you should be using. Move the executable (FRST.exe or FRST64.exe) on your Desktop Right-click on the executable and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the disclaimer by clicking on Yes, and FRST will then do a back-up of your Registry which should take a few seconds Make sure the Addition.txt box is checked Click on the Scan button On completion, two message box will open, saying that the results were saved to FRST.txt and Addition.txt, then open two Notepad files Copy and paste the content of both FRST.txt and Addition.txt in your next reply
×