Search:

Hi Ken, all done, thanks again for all your help and time. Greatly appreciated!
Steve
:thanks:

:eek:All seems to be running fine now. I've deleted that folder.
Not sure if this was a difficult one or not but a big Thanks for your persistence and perseverance. You assistance has been much...

ComboFix 14-09-18.01 - Jonesboy 19/09/2014 14:25:14.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.8173.5732 [GMT 10:00]
Running from:...

MiniToolBox by Farbar Version: 21-07-2014
Ran by Jonesboy (administrator) on 19-09-2014 at 14:19:43
Running from "C:\Users\Jonesboy\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)...

Insta share is back but was missing for a short time after i ran the combo fix.

any way no I haven't set that proxy.

thanks

Trying not to get too excited. But we may have had a win!:)

ComboFix 14-09-18.01 - Jonesboy 19/09/2014 0:51.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.8173.5568 [GMT 10:00]
Running from: c:\users\Jonesboy\Desktop\ComboFix.exe...

SystemLook 30.07.11 by jpshortstuff
Log created at 00:04 on 19/09/2014 by Jonesboy
Administrator - Elevation successful

========== dir ==========

Xaturuft - Unable to find folder.
...

http://virusscan.jotti.org/en/scanresult/78b6324881b236cb971e2d9d657619690675ad72

https://www.virustotal.com/en/file/52c534b3b004149880f7927bf33676abad55eaed64ed5d54494925b3fc543ab2/analysis/1411006923/

http://virusscan.jotti.org/en/scanresult/3214f9140acd7888d7b7236e782b40704a376266

Filename: ZGtfxyv.exe
Status:
Scan finished. 1 out of 22 scanners reported malware.
Scan taken on: Thu 18 Sep 2014 04:17:23 (CET) Permalink

File already analysed
This file was last analysed by VirusTotal on 2014-09-18 02:00:50 UTC, it was first analysed by VirusTotal on 2014-09-10 15:01:26 UTC.

Detection ratio: 3/55

You can take a...

SHA256: 52c534b3b004149880f7927bf33676abad55eaed64ed5d54494925b3fc543ab2
File name: ZGtfxyv.exe
Detection ratio: 3 / 55
Analysis date: 2014-09-18 02:00:50 UTC ( 0 minutes ago )
0 0
Analysis
...

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Jonesboy at 2014-09-18 11:30:52 Run:2
Running from C:\Users\Jonesboy\Desktop
Boot Mode: Normal...

RogueKiller V9.2.10.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog :...

Btw thanks for your time and effort to try solve this problem. I think it must be annoying by now - this job.

02:54:10.0615 0x193c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
02:54:25.0124 0x193c ============================================================
02:54:25.0124 0x193c Current date...

File Search First, Registry search second.

Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Jonesboy at 2014-09-18 01:55:13
Running from C:\Users\Jonesboy\Desktop
Boot Mode: Normal...

Speed Browser
PCClean365 and the Survey Request are some of the pop ups I'm getting. Plus Insta share ads everywhere.

There were no other homepages listed.
No other pages load initially but I use Google.com as the homepage.
If I go to say a newspaper page then a new tab will pop up asking me to take part in a...

Nope. Didn't find INsta share or anything.

An auto Malwarbytes Log after an auto scan. Still infected though.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/09/2014
Scan Time: 11:51:00 AM
Logfile: Malwarbytes...

Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Jonesboy at 2014-09-17 11:12:24
Running from C:\Users\Jonesboy\Desktop
Boot Mode: Normal

================== Search Files: "Insta...

Unfortunately non of that worked. Didn't find Insta Share in any of the areas specified either.

It's in both Google and IE. Don't think I have Firefox that I know of.

I used a program Revo Uninstaller to remove Insta Share (which may have exacerbated the problem) and normal windows...

No change. Instashare pop ups still there. Thanks


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Jonesboy at 2014-09-17 00:16:08 Run:1
Running...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Jonesboy (administrator) on JONESBOY-PC on 16-09-2014 11:50:36
Running from C:\Users\Jonesboy\Desktop
Platform:...

I think this is a better malwarbytes log. I will run FRST again and post logs shortly.
Thanks

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16/09/2014
Scan Time: 9:42:57 AM...

3 logs below. Thanks for the help.
:cool:


# AdwCleaner v3.310 - Report created 16/09/2014 at 08:42:58
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack...

Hi
I've at the very least got a problem with Instashare pop up ads. Tried to uninstall. Failed. Used RevoUninstall and that appears to have just hidden it. Ran Malwarebytes but hasn't removed it...