12-05-2014, 11:25 PM
Why is it a mess?
Still Infected
|
12-05-2014, 11:25 PM
Why is it a mess?
12-06-2014, 12:23 AM
12-06-2014, 01:01 AM
Ok then but can you tell me all the requirements needed for this to go through?
12-06-2014, 01:04 AM
12-06-2014, 01:22 AM
Do I need to insert a USB stick or DVD?
12-06-2014, 01:24 AM
12-06-2014, 02:56 AM
nsm0220 are you there? My pc is back up, sorry my pc died.
12-06-2014, 05:24 PM
(This post was last modified: 12-06-2014, 05:34 PM by Shadowtime101.)
@nsm0220 Ahhh when I turned on my pc and did hitmanpro scan it found things! I don't know if there what you downloaded, I want to remove them, but I don't know if you need them. I'll post the log in next post, my pc is so slow now. What do I do?
There are ad's everwhere! [code] HitmanPro 3.7.9.232 http://www.hitmanpro.com Computer name . . . . : JOSHUA_COMPUTER Windows . . . . . . . : 6.2.0.9200.X64/2 User name . . . . . . : JOSHUA_COMPUTER\jespi_000 UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (18 days left) Scan date . . . . . . : 2014-12-06 06:06:28 Scan mode . . . . . . : Quick Scan duration . . . . : 5m 21s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 5 Traces . . . . . . . : 7 Objects scanned . . . : 4,425 Files scanned . . . . : 4,425 Remnants scanned . . : 0 files / 0 keys Malware _____________________________________________________________________ C:\Program Files (x86)\SourceApp\bin\plugins\SourceApp.Bromon.dll Size . . . . . . . : 65,776 bytes Age . . . . . . . : 0.2 days (2014-12-06 01:14:14) Entropy . . . . . : 6.0 SHA-256 . . . . . : 9C77D1CB75B238CBD20DBFAC9000F0B9806F67BB12F895DF139D1138603B1FB9 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Bitdefender . . . : Gen:Variant.Adware.SwiftBrowse.4 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.Kranet.heur Fuzzy . . . . . . : 99.0 C:\Program Files (x86)\SourceApp\bin\plugins\SourceApp.BroStats.dll Size . . . . . . . : 103,664 bytes Age . . . . . . . : 0.2 days (2014-12-06 01:14:21) Entropy . . . . . : 6.1 SHA-256 . . . . . : 34CF2882D3C44790B3E97362C25C56C50FA896961705A6C45E6A40F2DE2D4639 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Bitdefender . . . : Gen:Variant.Adware.SwiftBrowse.4 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.Kranet.heur Fuzzy . . . . . . : 99.0 C:\Program Files (x86)\SourceApp\bin\plugins\SourceApp.CompatibilityChecker.dll Size . . . . . . . : 64,240 bytes Age . . . . . . . : 0.2 days (2014-12-06 01:14:11) Entropy . . . . . : 6.1 SHA-256 . . . . . : C04897F1969CB645071CCF737640E01DD35B999673AB318B8E27B9E3B21DBFF0 RSA Key Size . . . : 2048 Authenticode . . . : Valid > Bitdefender . . . : Gen:Variant.Adware.SwiftBrowse.4 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.MSIL.Kranet.heur Fuzzy . . . . . . : 99.0 C:\Program Files (x86)\SourceApp\bin\SourceApp.BrowserAdapter.exe Size . . . . . . . : 98,544 bytes Age . . . . . . . : 0.0 days (2014-12-06 05:27:40) Entropy . . . . . : 6.4 SHA-256 . . . . . : 22AADAACAC766E089175855E1FB6B03456E7679A29AF31B0DBA750D0244F3415 RSA Key Size . . . : 2048 Parent Name . . . : C:\Program Files (x86)\SourceApp\bin\utilSourceApp.exe Authenticode . . . : Valid Running processes : 6716 > Bitdefender . . . : Gen:Variant.Adware.Graftor.159320 > Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.Kranet.heur Fuzzy . . . . . . : 95.0 C:\Windows\system32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys Size . . . . . . . : 48,784 bytes Age . . . . . . . : 0.2 days (2014-12-06 01:15:05) Entropy . . . . . : 6.4 SHA-256 . . . . . : F9FB961DDC8B85213DA32ED5FA3004562DF1BB39AA4C7A1CEA967A31767CEB63 Product . . . . . : StdLib Publisher . . . . : StdLib Description . . . : StdLib Version . . . . . : 1.4.4.6 Copyright . . . . : Copyright © 2013 StdLib RSA Key Size . . . : 2048 Service . . . . . : {0263559b-b988-4803-b082-70c1d2b89830}Gw64 LanguageID . . . . : 1033 Authenticode . . . : Valid > Bitdefender . . . : Adware.SwiftBrowse.CH Fuzzy . . . . . . : 100.0 Startup HKLM\SYSTEM\CurrentControlSet\Services\{0263559b-b988-4803-b082-70c1d2b89830}Gw64\ Please Help!
Step 1
Please download AdwCleaner (by Xplode) and save it to your Desktop
Step 2 Junkware-Removal-Tool Please download Junkware Removal Tool to your desktop. § Right click JRT.exe and select "Run as Administrator". § Important: If you get warning from Antivirus please disable your protection until we are finished with scans this will avoid any potential conflicts. § A black Prompt Box should open, press enter key to start scanning your system. § Please be patient as this can take a while to complete. § Once complete a log file called JRT.txt is saved to your desktop, this will automatically open. § please copy contents of JRT.txt into your next post. Step 3 Reset Google Chrome to Default settings
Please perform a scan with ESET Online Scan
<left><form action="https://www.paypal.com/cgi-bin/webscr" method="post">If you are satisfied with my help, consider a donation. Thank you so much for your continued support!
<input type="hidden" name="cmd" value="_s-xclick"> <input type="hidden" name="hosted_button_id" value="Y4ZDLXGFS4F8Q"> <input type="image" src="https://www.paypalobjects.com/en_US/GB/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal — The safer, easier way to pay online."> <img alt="" border="0" src="https://www.paypalobjects.com/en_GB/i/scr/pixel.gif" width="0" height="0"> </form> </div></left>
12-07-2014, 05:41 PM
(This post was last modified: 12-07-2014, 05:47 PM by Shadowtime101.)
# AdwCleaner v4.104 - Report created 06/12/2014 at 12:04:29
# Updated 05/12/2014 by Xplode # Database : 2014-12-03.1 [Live] # Operating System : Windows 8 (64 bits) # Username : jespi_000 - JOSHUA_COMPUTER # Running from : C:\Users\jespi_000\Desktop\adwcleaner_4.104.exe # Option : Clean ***** [ Services ] ***** [#] Service Deleted : Update SourceApp [#] Service Deleted : Util SourceApp Service Deleted : {0263559b-b988-4803-b082-70c1d2b89830}Gw64 ***** [ Files / Folders ] ***** [!] Folder Deleted : C:\Program Files (x86)\SourceApp Folder Deleted : C:\Users\JESPI_~1\AppData\Local\Temp\SourceApp File Deleted : C:\Windows\System32\drivers\{0263559b-b988-4803-b082-70c1d2b89830}Gw64.sys File Deleted : C:\Users\jespi_000\AppData\Roaming\Mozilla\Firefox\Profiles\woys1x6u.default\user.js ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update SourceApp Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util SourceApp Key Deleted : HKEY_USERS\.DEFAULT\Software\Microsoft\.NETFramework\SQM\Apps\updateSourceApp.exe Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9f7ab9c4-4da3-440e-ba84-95903165f129} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1B74BE8-E593-4EB8-BF9E-AC2BBE4B1BEB} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7e25cc08-8611-435a-bed7-60dd82b4fde5} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9f7ab9c4-4da3-440e-ba84-95903165f129} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1B74BE8-E593-4EB8-BF9E-AC2BBE4B1BEB} Key Deleted : HKCU\Software\SourceApp Key Deleted : HKLM\SOFTWARE\SourceApp Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SourceApp ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.17148 -\\ Mozilla Firefox v33.1 (x86 en-US) -\\ Google Chrome v ************************* AdwCleaner[R0].txt - [7779 octets] - [13/08/2014 15:46:48] AdwCleaner[R10].txt - [1678 octets] - [17/08/2014 10:05:32] AdwCleaner[R11].txt - [1739 octets] - [18/08/2014 15:35:43] AdwCleaner[R12].txt - [1939 octets] - [23/08/2014 10:57:25] AdwCleaner[R13].txt - [1922 octets] - [23/08/2014 11:17:01] AdwCleaner[R14].txt - [1983 octets] - [24/08/2014 10:10:19] AdwCleaner[R15].txt - [2042 octets] - [26/08/2014 16:16:00] AdwCleaner[R16].txt - [2103 octets] - [27/08/2014 19:19:10] AdwCleaner[R17].txt - [2164 octets] - [06/09/2014 11:06:30] AdwCleaner[R18].txt - [2211 octets] - [25/10/2014 10:22:56] AdwCleaner[R19].txt - [2225 octets] - [26/10/2014 19:14:48] AdwCleaner[R1].txt - [7839 octets] - [13/08/2014 15:56:08] AdwCleaner[R20].txt - [2373 octets] - [30/10/2014 19:46:16] AdwCleaner[R21].txt - [2434 octets] - [31/10/2014 22:15:11] AdwCleaner[R22].txt - [3716 octets] - [11/11/2014 09:33:32] AdwCleaner[R23].txt - [2589 octets] - [14/11/2014 20:18:25] AdwCleaner[R24].txt - [2777 octets] - [23/11/2014 18:13:04] AdwCleaner[R25].txt - [2838 octets] - [23/11/2014 18:28:34] AdwCleaner[R26].txt - [5659 octets] - [06/12/2014 12:03:37] AdwCleaner[R2].txt - [7899 octets] - [13/08/2014 18:48:40] AdwCleaner[R3].txt - [7959 octets] - [13/08/2014 18:52:56] AdwCleaner[R4].txt - [962 octets] - [13/08/2014 19:06:21] AdwCleaner[R5].txt - [1021 octets] - [14/08/2014 15:14:46] AdwCleaner[R6].txt - [1075 octets] - [15/08/2014 15:50:58] AdwCleaner[R7].txt - [1255 octets] - [16/08/2014 11:49:38] AdwCleaner[R8].txt - [1555 octets] - [17/08/2014 09:41:59] AdwCleaner[R9].txt - [1557 octets] - [17/08/2014 09:52:42] AdwCleaner[S0].txt - [7410 octets] - [13/08/2014 18:58:31] AdwCleaner[S1].txt - [1618 octets] - [17/08/2014 09:49:25] AdwCleaner[S2].txt - [1618 octets] - [17/08/2014 09:56:46] AdwCleaner[S3].txt - [2001 octets] - [23/08/2014 11:11:40] AdwCleaner[S4].txt - [2491 octets] - [31/10/2014 22:22:02] AdwCleaner[S5].txt - [3768 octets] - [11/11/2014 09:35:32] AdwCleaner[S6].txt - [2904 octets] - [23/11/2014 18:29:31] AdwCleaner[S7].txt - [5340 octets] - [06/12/2014 12:04:29] ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [5400 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.0 (11.29.2014:1) OS: Windows 8 x64 Ran by jespi_000 on Sat 12/06/2014 at 14:56:23.94 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files Successfully deleted: [File] "C:\Windows\wininit.ini" ~~~ Folders ~~~ FireFox Successfully deleted: [Folder] C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\extensions\staged Successfully deleted the following from C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\prefs.js user_pref("extensions.iobitascsurfingprotection@iobit.com.install-event-fired", true); Emptied folder: C:\Users\jespi_000\AppData\Roaming\mozilla\firefox\profiles\woys1x6u.default\minidumps [1 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sat 12/06/2014 at 19:23:37.90 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I'm not to sure if I want to do the repair install anymore. I don't know if the iso's are infected or not. |
Users browsing this thread: |
2 Guest(s) |