Did you allow what RogueKiller found to be deleted?
How is your computer now?
Printable View
Did you allow what RogueKiller found to be deleted?
How is your computer now?
It seems like Roguekiller identified a couple of things it found and gave an option to eliminate them, but I did not do so. I didn't recall an instruction to do that. Since I just got the same popup/audio again, I still have the problem.
Should I run Roguekiller again, and allow it to delete what it finds?
The site y our visiting is hosting something it shouldn't or they are not aware of it being attached.
When you have that pop up simply, open task manager, locate your browser and right, to end task.
right-click on Roguekiller and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)Quote:
It seems like Roguekiller identified a couple of things it found and gave an option to eliminate them, but I did not do so. I didn't recall an instruction to do that
Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
Wait for the scan to complete
On completion, the results will be displayed
Check every single entry (threat found), and click on the Remove Selected button
On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
This will open the report in Notepad. Copy/paste its content in your next reply
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://i.imgur.com/G0tu5D9.pngEmsisoft Emergency Kit - Fix Mode
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
- Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
- Once the extraction is complete, the EEK folder will open. Right-click on http://i.imgur.com/G0tu5D9.pngstart emergency kit scanner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
- EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
- After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
- Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
- If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
- After the restart, open EEK again (in the C:\EEK folder);
- This time, click on Logs;
- From there, go under the Quarantine Log tab, and click on the Export button;
- Save the log on your desktop, then open it, and copy/paste its content in your next reply;
Please post these 2 logs when finished.
Sorry for my long silence. I was traveling for ten days.
***
RogueKiller V12.11.27.0 [Dec 4 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Ed [Administrator]
Started from : C:\Users\Ed\Downloads\RogueKiller_portable32.exe
Mode : Delete -- Date : 12/21/2017 09:10:37 (Duration : 00:39:28)
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 2 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-3659970256-991337627-2867597209-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://toast.net/start -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3659970256-991337627-2867597209-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Replaced (http://search.msn.com/spbasic.htm)
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][Firefox:Config] c1chj0up.default-1479757157401 : user_pref("browser.startup.homepage", "http://toast.net/start/"); -> Replaced (about:home)
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST320LT007-9ZV142 +++++
--- User ---
[MBR] 0ca11b9123e05cfef88bb9f1d87d8255
[BSP] 7aadc9b130d3831ed8795562e918dbf1 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 3450 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 7067648 | Size: 301793 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
+++++ PhysicalDrive1: SanDisk Ultra USB Device +++++
--- User ---
[MBR] b2a5207711aaeee8437ff9e9e721809e
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 21952 | Size: 59285 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
+++++ PhysicalDrive2: TOSHIBA TransMemory USB Device +++++
--- User ---
[MBR] fef81fdee75be3af8bc5addbeae9d54b
[BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 7624 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
***
Emisisoft Emergency Kit was installed and run as Administrator. Malware Scan found nothing and created no log.
***
I would recommend you use a pop up blocker if your still having problems with that.
How is your computer now?
Let me run my laptop for a day or so to see whether or not the popup repeats.
Please recommend a popup blocker, preferably one that's free.
I clicked on Add to Firefox, and then saw a tab saying it was installed. Made a small donation via PayPal, BUT I don't see any evidence anywhere of AdBlock being installed. Suggestion?
I have not seen/heard the obnoxious popup that prompted me to start this thread for the last couple of days. If you want to declare victory, let me know.
Thanks much for your help. Merry Christmas and a Happy 2018!
The below link is for how to use AdBlock
https://adblockplus.org/getting_started
Merry Christmas and a Happy 2018 to you too!
Yes!Quote:
I have not seen/heard the obnoxious popup that prompted me to start this thread for the last couple of days. If you want to declare victory, let me know.
- Please download DelFix or from Here and save the file to your Desktop.
- Double-click DelFix.exe to run the programme.
- Place a checkmark next to the following items:
- Activate UAC
- Remove disinfection tools
- Click the Run button.
- -- This will remove the specialized tools we used to disinfect your system.
Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).
***********
Will read: adblockplus.org/getting_started
I neglected to check Activate UAC when I ran DelFix (I went too fast...) Is this a problem?