Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Infected!!!

This is a discussion on Infected!!! within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hi My computer is affected by something. I get windows poping up with advertisement and solicitation on the right side


Closed Thread
 
Thread Tools Search this Thread
Old 11-09-2019, 01:37 PM   #1
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



Hi

My computer is affected by something. I get windows poping up with advertisement and solicitation on the right side of my screen. You close one and another reappears.
Can anyone help me get rid of it.
I am joining a pic. The pic is taken on the yahoo homepage and you can see the advertisements right bottom (Where the suitcase with money is). But they pop up no matter what I am doing, it's not specific to yahoo.

Thanks a lot

Pat
Attached Thumbnails
Click image for larger version

Name:	Web.jpg
Views:	25
Size:	106.0 KB
ID:	324688  
vaindioux is offline  
Sponsored Links
Advertisement
 
Old 11-10-2019, 03:43 AM   #2
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



  • Download FRST64 to your Desktop.
  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply (or attach them if they're too large).
__________________
Gary R is offline  
Old 11-10-2019, 09:52 AM   #3
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



here you go

Thxs a lot

Pat
Attached Files
File Type: txt Addition.txt (50.8 KB, 14 views)
File Type: txt FRST.txt (48.7 KB, 14 views)
vaindioux is offline  
Sponsored Links
Advertisement
 
Old 11-10-2019, 02:17 PM   #4
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Looking over your logs. This will likely take some time, so it will probably be tomorrow morning (my time GMT) before I get back to you.
__________________
Gary R is offline  
Old 11-10-2019, 02:57 PM   #5
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



After a quick look through your logs, your problem seems most likely to be caused by the following log line ....

Quote:
CHR Notifications: Default -> hxxps://oceanof-games.com; hxxps://shop4megastore.os.tc; hxxps://www.gamespot.com; hxxps://www.palmtalk.org
To turn off notifications please follow the instructions in the following topic ... https://support.google.com/chrome/an...DDesktop&hl=en

Please let me know if that resolves things. If not, I'll go through your logs in more detail, but so far I don't see much else that looks suspicious.
__________________
Gary R is offline  
Old 11-10-2019, 03:37 PM   #6
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



Quote:
Originally Posted by Gary R View Post
After a quick look through your logs, your problem seems most likely to be caused by the following log line ....



To turn off notifications please follow the instructions in the following topic ... https://support.google.com/chrome/an...DDesktop&hl=en

Please let me know if that resolves things. If not, I'll go through your logs in more detail, but so far I don't see much else that looks suspicious.
Ok I did what your link said. Give me a couple days to see if that stuff still pops up. I will update this thread in 48 hours, please don't close it.

Thanks

Pat
vaindioux is offline  
Old 11-10-2019, 09:57 PM   #7
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Sure, no problem.

Talk to you in 48 hours.
__________________
Gary R is offline  
Old 11-12-2019, 03:28 AM   #8
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



Quote:
Originally Posted by Gary R View Post
Sure, no problem.

Talk to you in 48 hours.
I think you fixed it. No issues since I applied your fix.

Thanks so much

Pat
vaindioux is offline  
Old 11-12-2019, 04:54 AM   #9
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, as things stand, you have notifications disabled, and because of that the notifications you were receiving have stopped.

However, that means that you will not receive any notifications, and it may be that you want some sites to prompt you. In which case, if you switch notifications back on you will be prompted by the unwanted notifications as well (since we haven't yet removed them).

To remedy that situation, so that you can switch notifications back on if you want to, we need to remove the unwanted notification settings, to do that, please do the following ....
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press Ctrl+y (Ctrl and y keys at the same time)
  • A blank randomly named .txt Notepad file will open.
  • Copy and paste the following into it ....
Code:
CHR Notifications: Default -> hxxps://oceanof-games.com; hxxps://shop4megastore.os.tc; hxxps://www.gamespot.com; hxxps://www.palmtalk.org 
EmptyTemp:
  • Press Ctrl+s to save fixlist.txt
NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Now press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
  • Please post me the log
__________________
Gary R is offline  
Old 11-12-2019, 02:06 PM   #10
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



Ok I got a snag. Everything went fine until you asked me to press ctrl+s to save fixlist.txt.
When I press ctrl+s nothing happens, so shall I just save the notepad file as fixlist.txt?

Thanks

Pat
Attached Thumbnails
Click image for larger version

Name:	FIXING.jpg
Views:	8
Size:	84.4 KB
ID:	324696  
vaindioux is offline  
Old 11-12-2019, 02:32 PM   #11
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



Yes, just save it as fixlist.txt in the same folder as Frst64.exe is in, then click the Fix button of FRST and the fixlist will be processed.
__________________
Gary R is offline  
Old 11-13-2019, 02:22 AM   #12
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



Fix result of Farbar Recovery Scan Tool (x64) Version: 10-11-2019
Ran by Vaindioux (12-11-2019 19:28:38) Run:5
Running from C:\Users\Vaindioux\Downloads
Loaded Profiles: Vaindioux (Available Profiles: Vaindioux)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CHR Notifications: Default -> hxxps://oceanof-games.com; hxxps://shop4megastore.os.tc; hxxps://www.gamespot.com; hxxps://www.palmtalk.org
EmptyTemp:
*****************

"CHR Notifications:" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1048624 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 228 B
Edge => 0 B
Chrome => 50499034 B
Firefox => 521026859 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Vaindioux => 1032562188 B

RecycleBin => 1326522386 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:29:42 ====
vaindioux is offline  
Old 11-13-2019, 05:29 AM   #13
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



OK, looks like you're clean now.

To uninstall FRST and remove all its files, please do the following ...
  • Rename FRST64.exe to Uninstall.exe
  • Double click on Uninstall.exe to launch it.
    • Your computer will reboot, and on reboot will remove FRST and all its files.

Please let me know if it fails to remove, or if you have any further problems that need attending to.
__________________
Gary R is offline  
Old 11-13-2019, 05:09 PM   #14
Registered Member
 
Join Date: Jun 2009
Location: Atlanta-GA
Posts: 209
OS: 7



All is working fine now. FRST uninstalled too.

Thanks so much for the help

Pat
vaindioux is offline  
Old 11-13-2019, 09:57 PM   #15
Moderator
Security Team
 
Gary R's Avatar
 
Join Date: Jul 2008
Location: Yorkshire
Posts: 669
OS: W8.1 x64, Mint Cinnamon 19.2 x64, MX Linux x64



You're welcome.

Glad we could help

As your problem appears to be resolved, I have now closed this topic.
__________________
Gary R is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 05:31 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts