Search:

Hi All, My sincere apologies to Juliet firstly , I went away and when I finally returned here to reengage to our search and destroy mission I found I was exactly one month too late and you had closed...

Hi again,

Sorry I must be too tired to be here and repeated the first half of my OTL and CFscript logs.Here is the second half
...

C:\Users\gokarna\AppData\Roaming\Mozilla\Firefox\Profiles\kp5xybf2.default-1397910583341\yasearch-xb\packages\{4177a8a5-e810-42e1-babf-23508a37688c}\native\fx\translator\icons folder moved...

Hello Juliet,

Here are the 1. OTL which must be divided into two pieces and 2. CFTScript logs :

1. All processes killed
========== OTL ==========
========== FILES ==========...

Dear Juliet,

Here is the SystemLook log :-

SystemLook 30.07.11 by jpshortstuff
Log created at 11:49 on 22/05/2014 by gokarna
Administrator - Elevation successful

========== filefind...

2. C:\Users\gokarna\AppData\Roaming\Mozilla\Firefox\Profiles\kp5xybf2.default-1397910583341\yasearch-xb\packages\{4177a8a5-e810-42e1-babf-23508a37688c}\locale\ru\mail folder moved successfully....

Hi Juliet,

Once again I was unable to get back to you sooner because my life is like that. You did not say disable your security software before I ran OTL and so I did not but then I see at the...

Hello Juliet,

Apologies for not being back as soon as I hoped. Having now performed RevoUninstall I have redone 1. ComboFix and 2. SystemLook :-

1. ComboFix 14-05-16.01 - gokarna 05/17/2014 ...

..... my first port of call after Yandex came to menace me. It is listed in programs but trying to uninstall it brings up a message which says something like "please wait until the current program...

Hi Juliet, here are the 1. CFScript and 2. SystemLook Logs :

ComboFix 14-05-13.01 - gokarna 05/14/2014 10:53:06.5.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3062.1786 [GMT...

sorry, I realized how it worked seconds after posting the above

......disable Spybot antivirus search and protection as its not on your list Juliet and, although I somehow stumbled on it last time it was necessary and, have tried to o find my way back, the way...

Hi Juliet, here is the log for Systemlook


SystemLook 30.07.11 by jpshortstuff
Log created at 19:19 on 13/05/2014 by gokarna
Administrator - Elevation successful

========== folderfind...

The Download Mirror #1 brought up this warning when I clicked on it

Reported Attack Page!

This web page at jpshortstuff.247fixes.com has been reported as an attack page and has been blocked...

but Yandex is still very much there so what can we do now please :confused: You didn't say a reboot was necessary so I haven't but I will just to see if perhaps thatis the key...........

Hello Juliet,

How is it going ? Well Yandex is still very much with me which is a downer. You haven't given me feedback on what's happening there for sometime. While it it has hijacked Firefox...

Hi Juliet, moving right along towards a conclusion then here is the fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:05-05-2014
Ran by gokarna at 2014-05-05...

Hello Juliet,

So it looks even to my novice eyes that we may be getting to the nitty grits of my infection . Here is the ESEETSCAN log :

C:\Users\gokarna\Downloads\DriversForFreeSetup.exe a...

Hi Juliet, Sorry about the tea timer misunderstanding I just didn't know if my Spybot S and D ran this service or not and now I understand that it doesn't.

Pasted below is resultant log for...

......because in my Spybot Sand D I do not seem to have these functions offered to me ???? No legal dialog, no mode selection, no 'Tools' section or, therefore a 'resident option'. I feel we must be...

Dear Juliet, Sorry about the glitch on the reboot front, I just didn't connect with what your directions implied and what happened. I have done as you suggested with Mozilla and that worked fine -...

Btw typo above SP was meant to be SB ie.,Spybot

Dear Juliet, HELP !!

I had to spend a bit of time discovering how exactly to disable SP (I also btw took out the Fırewall), meanwhile I had already downloaded Combo fix which seemed to involve a...

.....but then I haven't a clue about waht might actually be going on as I can't understand the unauthorised changes it does report. I saved the scan logs just in case you were interested

Talk...

.......as I just discovered trying to circumvent the Mozilla take-over :fear::fear: !! For a long while ie., 2 months multiple Chromes have opened at a double click each with an error type message...

H Juliet,

Yesterday I saw that contrary to what seemed to be that that awful browser Yandex is still with me and was managing the download of a program. Now this morning I botted up and discover...

Hi Juliet, Here be that OTM log.


All processes killed
========== FILES ==========
File/Folder C:\Users\gokarna\AppData\Roaming\sweet-page not found.
File/Folder...

Dear Juliet,
In the period since I last contacted you ie., a several days ago, I have run Spybot every day and the Win32.LoadMoney threat SEEMS to have disappeared - although some registry...

Hi Juliet, Its been several days since I could check in and am still with you and will proceed with that last suggested direction.

Cheers, Wendy

........is unnecessary if it is meant to address the problem I reported on saving stuff to notepad. I think it is my own fault as I have subsequently tried again but this time removed the asterix *...

Hi Juliet,

I do appreciate you are doing your best and that it is proving tricky.

I have an hit an unexpected problem following your instructions :

I reset all the browsers and then read...

.......didn't phrase my sentence properly so you could understand that, sorry about that. Yes I did delete the old copy of FRST and download it next to the Fixlog to the desktop and then run it. and...

Hi Juliet,

I have deleted the old version of FRST and it is next to the fixlog on the desktop BUT when I open FRST and click fix it comes back with the message that the Fixlog and FRST need to be...

Hello again Juliet,

I followed the instruction for bringing up 'safe mode' went into it and downloaded the JRT program again. It seems to present no difference to the first time which You thought...

2014-03-21 04:03 - 2014-03-21 04:03 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-21 04:03 - 2014-03-21 04:03 - 01247744 _____ (Microsoft Corporation)...

2014-03-16 10:30 - 2013-03-04 14:35 - 00101448 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
2014-03-16 10:27 - 2014-03-16 10:29 - 06782358 _____ (Kuzyakov Artur)...

2014-03-19 17:15 - 2010-11-20 15:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2014-03-19 17:15 - 2010-11-20 15:17 - 00061952 _____ (Microsoft Corporation)...

2014-03-19 17:15 - 2010-11-20 15:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2014-03-19 17:15 - 2010-11-20 15:17 - 00061952 _____ (Microsoft Corporation)...

2014-03-19 23:54 - 2014-03-19 23:54 - 00000000 ____D () C:\Users\gokarna\AppData\Roaming\Media Player Classic
2014-03-19 17:56 - 2014-03-29 18:46 - 00000298 _____ () C:\Windows\wininit.ini...

Hi Juliet, Here is part one of he fixlist.txt log :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 (ATTENTION: ====> FRST version is 27 days old and could be...

Hi Juliet,

Life has been busy and its been a few days since I could attend to this problem.

You say that the JRT process looks corrupted and to run it again out of safe mode but I am not sure...

Hello again,

So I carried out to the best of my perceptions your instructions but have to admit a bit of confusion as to operations and implementation.

I am not getting a save to my desktop
...

Hello Juliet,

I have followed your instructions to the point of c and p the anti Adware log :

# AdwCleaner v3.023 - Report created 05/04/2014 at 21:53:30
# Updated 01/04/2014 by Xplode
#...

Hi Juliet,
Just a query about Yandex as it is till on my computer and seems determined to stay and it did look as if it was responsible for the computer crash I mentioned in my last post which...

Hi Juliet, At the moment I don't run any antivirus software beyond Windows defender and Spybot SandD - which I think is not what you mean by antivirus - right ? I used to have a VAIO ie. Sony system...

Hello Juliet, and thanks for your so prompt attention to my problems. I have done as you suggested below however some things were a bit different than as specified:

1. Right clicking on the...

:greeting: It is with great relief - I suspect and hope - that I have found the Malware Removal community and forums hosted by Spybot. This is my first post and although I have read up on the general...

Hello I am a newbie so please excuse my lack of knowledge. I Have installed spybot 2.0 to try and eliminate a persistent invader of my browser which calls itself 22Find siteleri portali ( I live in...