Jump to content
Sign in to follow this  
dogood

Browsers gone wild

Recommended Posts

Lots of annoying stuff: When PC boots opening window has pop-up which says "Warning! Start cloud backup". I have no idea what this is or how to get rid of it

Internet Explorer refuses to open. Tried to reinstall but can't.

Firefox won't play Youtube videos and has these error messages: "Adobe flash plugin has crashed" and "Shockwave flash may be busy or has stopped working." Ran Super anti spyware and RegCure Pro but didn't fix the problem. Tried reinstalling both but didn't help. Reset Firefox to default but didn't do anything.

Google Chrome has pop-up windows with a variety of crap like "Alertfunctions.com/notification/indextv.php Warning! You have excessive popups. Windows may have been infected. Please call 1-(866) 374 6157 for immediate support! Adware Dropper.W32 may have infected your computer . . ." Also downloads files "mediaplayer" and "Player - Chrome." Ran Malwarebytes but didn't help.

 

I've run out of ideas. Help.

Share this post


Link to post
Share on other sites

Try running these two progrrams:

Junkware Removal Tool

Shut down your protection software now to avoid potential conflicts.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

 

 

ADWCleaner

Double click on AdwCleaner.exe to run the tool.

Vista/Windows 7/8 users right-click and select Run As Administrator.

Click on the Scan button.

AdwCleaner will begin...be patient as the scan may take some time to complete.

After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.

The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.

Copy and paste the contents of that logfile in your next reply.

A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

 

 

:geezer:

Edited by Juliet

Share this post


Link to post
Share on other sites

After you follow Caintry's advice please also:

 

bf_new.gif Please download Malwarebytes' Anti-Malware from Here. Never download Malwarebytes' Anti-Malware from other sources.

 

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

 

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Share this post


Link to post
Share on other sites

Here are the logs:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Don on Sun 03/23/2014 at 14:01:57.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Don\AppData\Roaming\drivercure"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 03/23/2014 at 14:07:16.72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.022 - Report created 23/03/2014 at 14:38:31
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Don - DON-PC
# Running from : C:\Users\Don\AppData\Local\Temp\dlm2B59.tmp\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\nxrek51h.default-1395425071580\user.js
File Found : C:\Users\Don\Desktop\AnyProtect.lnk
File Found : C:\Windows\System32\Tasks\paretologic registration3
File Found : C:\Windows\Tasks\paretologic registration3.job
Folder Found C:\Program Files (x86)\AnyProtectEx
Folder Found C:\Program Files (x86)\Common Files\ParetoLogic
Folder Found C:\Program Files (x86)\ParetoLogic
Folder Found C:\ProgramData\ParetoLogic
Folder Found C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Folder Found C:\Users\Don\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Found C:\Users\Don\AppData\Roaming\ParetoLogic
Folder Found C:\Users\Don\Documents\Optimizer Pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\ParetoLogic
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\ParetoLogic
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\Software\ParetoLogic
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Don\AppData\Roaming\Mozilla\Firefox\Profiles\nxrek51h.default-1395425071580\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9431 octets] - [23/02/2014 08:36:25]
AdwCleaner[R1].txt - [2426 octets] - [23/03/2014 14:38:31]
AdwCleaner[s0].txt - [8625 octets] - [23/02/2014 08:37:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2546 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.23.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Don :: DON-PC [administrator]

3/23/2014 3:25:49 PM
MBAM-log-2014-03-23 (16-45-57).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 490441
Time elapsed: 1 hour(s), 18 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 12
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseToSave\sprotector.dll.vir (PUP.Optional.SProtect.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\BoraowSe2saave\uninstall.exe.vir (PUP.Optional.SilentInstall.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\Browse2sauVe\uninstall.exe.vir (PUP.Optional.SilentInstall.A) -> No action taken.
C:\AdwCleaner\Quarantine\C\ProgramData\WinWeb protection\WinWebprotection.dll.vir (Trojan.SProtector) -> No action taken.
C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dionlkleedadoocjgnjaijelhnmbbkep\4.94.1.44163_0\plugins\39ChromePlugIn.dll (PUP.Optional.Mindspark) -> No action taken.
C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\Extensions\dionlkleedadoocjgnjaijelhnmbbkep\4.94.1.44163_0\plugins\SearchControl.dll (PUP.Optional.Mindspark) -> No action taken.
C:\Users\Don\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000001 (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Don\AppData\Local\Temp\is45637729\170614635_stp\HomePageDLL.dll (PUP.Optional.Installcore) -> No action taken.
C:\Users\Don\AppData\Local\Temp\is82122515\170506979_stp\HomePageDLL.dll (PUP.Optional.Installcore) -> No action taken.
C:\Users\Don\AppData\Local\Temp\is82122515\170507202_stp\setup.exe (PUP.Optional.Crimsolite.A) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dionlkleedadoocjgnjaijelhnmbbkep\4.94.1.44163_0\plugins\39ChromePlugIn.dll (PUP.Optional.Mindspark) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dionlkleedadoocjgnjaijelhnmbbkep\4.94.1.44163_0\plugins\SearchControl.dll (PUP.Optional.Mindspark) -> No action taken.

(end)

Share this post


Link to post
Share on other sites

Thanks for the advice. Chrome is working without the annoying pop-up windows. Firefox won't play videos and I get the Shockwave / Adobe Flash crash messages. Internet Explorer still does nothing when I try to open it. Any additional ideas?

Share this post


Link to post
Share on other sites

Thanks for the help! Chrome is working, Firefox is working after I uninstalled and reinstalled and unchecked hardware acceleration for Flash, but Internet Explorer still won't open. Can live without it but would like to figure out what happened.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...