Page 6 of 7 FirstFirst ... 234567 LastLast
Results 51 to 60 of 65

Thread: lotsss offfffffftroj

  1. #51
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,284

    Default

    F:system volume (which is my external hard disk where i archive movies ,games music,chess data etc)

    Super Anti spyware find 1 file -which it clenaed - in F:system volume
    ~~~~~
    Is it possible this is the file that HitmanPro was finding before?

    ~~
    Let's try this for Firefox
    Backup Firefox Bookmarks
    Reset Firefox

    ~~~~~
    Have you tried to run MalwareBytes in safe mode?
    If you haven't already can you give it a try?

    ~~~

    Malwarebytes Anti-Rootkit Beta
    • Download Malwarebytes Anti-Rootkit Beta and extract it to your desktop (MBAR will be launched shortly after the extraction);
    • Click on Next, and then on the Update button to let it update its database. Once the database has been successfully updated, click on Next;
    • Make sure all the checkboxes are checked, then click on the Scan button, and let it completes its scan (this can take a while);
    • Once the scan is done, make sure that every item is checked, and click on the Cleanup button (a reboot might be required);
    • After that (and the reboot, if one was required), go back in the mbar folder and look for a text file called mbar-log-TODAY'S-DATE.txt;
    • Copy/paste the content of that log in your next reply;


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`

    MBAR scan log - mbar-log-yyyy-mm-dd (hh-mm-ss).txt - should be created every time there's a scan, regardless of detection or no detection. It's not actually created in the \mbar folder though, until you exit MBAR.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  2. #52
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default hi again

    no i think they are totally diffrent .cuz hitmanpro never find anything on F:. as far as i remeber it never searched F:
    btw i did firefox as u say. but i really need some good ads blocker both for youtube and general ads blocker extension if u can suggest me one it'll be great & for opera too ..(but for mozılla its more urgent cuz i think opera uses more cpu /ram per tab . so its not very practical to use opera for my laptop anyway.. )
    anyway: i did downloaded safe moded malwarebytes stuff .
    now i' have to go to sleep cuz last night i didnt sleept a second .
    i'll do the malwerbytes safe run while i sleep
    and inform u as soon as i can. thanks .. see u soon

  3. #53
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default it was a pretty fast scan

    find 3 items ..btw i made sure every box is checked so it created a system restore point just before the cleaning attempt .then wrote cleaning and then wanted the reboot to finish the work.
    i hope the system restore point is ok ?
    here the log :
    Malwarebytes Anti-Rootkit BETA 1.9.3.1001
    www.malwarebytes.org

    Database version:
    main: v2017.04.19.04
    rootkit: v2017.04.02.01

    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 8.0.6001.18702
    ozg :: PC [administrator]

    19.04.2017 16:34:46
    mbar-log-2017-04-19 (16-34-46).txt

    Scan type: Quick scan
    Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
    Scan options disabled:
    Objects scanned: 243979
    Time elapsed: 21 minute(s), 28 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 3
    HKLM\SOFTWARE\jhdbca (Adware.Elex) -> Delete on reboot. [23cd24ce5e4adf57701d8de342bedf21]
    HKU\.DEFAULT\SOFTWARE\jhdbca (Adware.Elex) -> Delete on reboot. [01ef985a674139fdbdeea9c6758bbd43]
    HKU\S-1-5-18\SOFTWARE\jhdbca (Adware.Elex) -> Delete on reboot. [dd1337bb0d9bb97d069a81ef37c9b24e]

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    Physical Sectors Detected: 0
    (No malicious items detected)

    (end)

  4. #54
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,284

    Default

    You did fine.
    Creating a restore point works for me.

    Were you able to run the rootkit scan (MalwareBytes anti rootkit?)

    For Firefox and YouTube
    https://addons.mozilla.org/en-US/fir.../adblock-plus/

    ads blocker for Firefox
    https://addons.mozilla.org/en-US/fir...k-for-firefox/
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  5. #55
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default i sent a post from mozilal but its gone :S

    a couple of hour ago i snet u a new reply from mozıla but ıts gone : very strange ..
    ok i'll rewrite now .
    1- i have already done the rootkitscan of malwerbyte and posted it above

    2- thanks for the add -ons. i instaleld them.

    3- since yesterday i ' m using browsers and youtube channels etc. and the weird thing is my computer became so sluggish ! .
    for ex : when i open 2 tabs from mozılla the memory usage jumps to 700mb and cpu to 85- 100 %
    and if i try opera then the memory usage/tab is so high . so none of the 2 options works efficently for me !
    i mean before the infection and format it was running so smoothly that i was using firefox with 30-50 tabs open at once !!
    now i cant go above 5-10 then it really stars getting crazy.

    3- and anothe really realyl weird thing just happeend today twice ! :( while i was watcing viode on youtube after a couple of hours-even though there wasnt any update or someyhign it restarrted iitself , and after liek half an horu again restrated ! )
    so what do think about those weird things and my problematic system ? ( is it probable i might be still infected even though we cant find the remrants ?)
    thanks

  6. #56
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default Shocking News ! they are back !

    2 of the trackin cookies that we had deleted days ago returned !! hitmanpro just find it !
    they are named as "addthis.com " and " doubleclick.net "

    They are both on C:\Documents and Settings \ozg\application Data\Mozilla\Firefox\ Profiles ................................\cookies.sqlite

    (the file names were too long to write)
    i wasnt wrong about being so suspicous..
    btw were u able to read my previous 2 posts ?

  7. #57
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default Urgent-More bad news.: !

    today after my las post :2:54 A.M. . i just had a blue screen! and pc rebooted.. :S

  8. #58
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,284

    Default

    1- i have already done the rootkitscan of malwerbyte and posted it above
    Yes, I see that now thank you.

    3- and anothe really realyl weird thing just happeend today twice ! :( while i was watcing viode on youtube after a couple of hours-even though there wasnt any update or someyhign it restarrted iitself , and after liek half an horu again restrated ! )
    so what do think about those weird things and my problematic system ? ( is it probable i might be still infected even though we cant find the remrants ?)
    thanks
    I think these are system failure events not related to malware. My opinion is the computer is showing it's age.
    2 of the trackin cookies that we had deleted days ago returned !! hitmanpro just find it !
    they are named as "addthis.com " and " doubleclick.net "
    They are both on C:\Documents and Settings \ozg\application Data\Mozilla\Firefox\ Profiles ................................\cookies.sqlite
    What is DoubleClick?
    http://www.google.com/doubleclick/
    An advertising co. not a virus.

    https://www.howtogeek.com/111925/del...rs-in-windows/
    scroll down to Mozilla Firefox

    read over this topic for cookies.sqlite
    https://forums.techguy.org/threads/s...yware.1067850/

    today after my las post :2:54 A.M. . i just had a blue screen! and pc rebooted.
    I need to ask that you register at the below forum, I'm a member too, and let the tech guys there try to walk you through some testing to see if your computer is developing hardware failure signs. You can copy and paste this link for your topic here and let them see what we've done to remove malware.
    https://forums.whatthetech.com/index.php?showforum=126
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  9. #59
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default thank u very much, i was kind of busy

    thank you very much . i finally manged my cookies. can u also suggest a safe ad block for opera .
    btw i just treid to ente the site but opera does not let me in for the forum taha u mentioned !
    ( says : This site can’t provide a secure connection
    forums.whatthetech.com uses an unsupported protocol.
    The client and server don't support a common SSL protocol version or cipher suite. This is likely to be caused when the server needs RC4, which is no longer considered secure. )
    please help

  10. #60
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default 2 questions

    1- how can i make my firefox English ? i installed it turkish by mistake and now ,cant change it . i already downloaded the extension called "Quick Locale Switcher" but it only changed the home page to english ,not the porgrams interface -menu bars etc ,everything is turkish . so i have to translate everything , (using the english versionwould be much more easier for me )

    2- even though we set firefox to default with u my old extensions are still there . and since there is a lot i wanna give u the list to check if there is anything fake or harmfull extensions. (maybe they are the cause of my strange mozilla behaviour . i just remembered before formatting there were too much and either conflicting or slowing down firefox too much)

    AdBlock for Firefox
    Adblock Plus
    Adblock Plus iin Element Hiding helper
    Adblocker for Youtube
    BetterPrivacy
    F.B. Purity - Cleans Up Facebook
    Flash Block (Plus)
    Memory Restart
    Quick Locale Switcher
    Ramblock
    Restart
    Time Restart

    Microsoft.Net Framework Asistant (disabled)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •