Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 25

Thread: Persistent Warning

  1. #11
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,363

    Default

    Did you allow what RogueKiller found to be deleted?

    How is your computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  2. #12
    Senior Member
    Join Date
    Oct 2005
    Location
    Indialantic, Florida USA
    Posts
    116

    Default

    It seems like Roguekiller identified a couple of things it found and gave an option to eliminate them, but I did not do so. I didn't recall an instruction to do that. Since I just got the same popup/audio again, I still have the problem.

    Should I run Roguekiller again, and allow it to delete what it finds?

  3. #13
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,363

    Default

    The site y our visiting is hosting something it shouldn't or they are not aware of it being attached.

    When you have that pop up simply, open task manager, locate your browser and right, to end task.

    It seems like Roguekiller identified a couple of things it found and gave an option to eliminate them, but I did not do so. I didn't recall an instruction to do that
    right-click on Roguekiller and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
    Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
    Wait for the scan to complete
    On completion, the results will be displayed
    Check every single entry (threat found), and click on the Remove Selected button
    On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
    This will open the report in Notepad. Copy/paste its content in your next reply

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Emsisoft Emergency Kit - Fix Mode
    Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
    • Download the Emsisoft Emergency Kit and execute it. From there, click on the Install button to extract the program in the EEK folder;
    • Once the extraction is complete, the EEK folder will open. Right-click on start emergency kit scanner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
    • EEK will suggest that you run an online update before using the program. Click on Yes to launch it.
    • After the update, click on Malware Scan under 2. Scan and accept to let EEK detect PUPs (click on Yes).
    • Once the scan is complete, make sure that every item in the list is checked, and click on the Quarantine selected button;
    • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
    • After the restart, open EEK again (in the C:\EEK folder);
    • This time, click on Logs;
    • From there, go under the Quarantine Log tab, and click on the Export button;
    • Save the log on your desktop, then open it, and copy/paste its content in your next reply;


    Please post these 2 logs when finished.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  4. #14
    Senior Member
    Join Date
    Oct 2005
    Location
    Indialantic, Florida USA
    Posts
    116

    Default

    Sorry for my long silence. I was traveling for ten days.

    ***

    RogueKiller V12.11.27.0 [Dec 4 2017] (Free) by Adlice Software
    mail : http://www.adlice.com/contact/
    Feedback : https://forum.adlice.com
    Website : http://www.adlice.com/download/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
    Started in : Normal mode
    User : Ed [Administrator]
    Started from : C:\Users\Ed\Downloads\RogueKiller_portable32.exe
    Mode : Delete -- Date : 12/21/2017 09:10:37 (Duration : 00:39:28)

    Processes : 0

    Registry : 2
    [PUM.HomePage] HKEY_USERS\S-1-5-21-3659970256-991337627-2867597209-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://toast.net/start -> Replaced (http://go.microsoft.com/fwlink/p/?LinkId=255141)
    [PUM.SearchPage] HKEY_USERS\S-1-5-21-3659970256-991337627-2867597209-1001\Software\Microsoft\Internet Explorer\Main | Search Bar : Preserve -> Replaced (http://search.msn.com/spbasic.htm)

    Tasks : 0

    Files : 0

    WMI : 0

    Hosts File : 0

    Antirootkit : 0 (Driver: Loaded)

    Web browsers : 1
    [PUM.HomePage][Firefox:Config] c1chj0up.default-1479757157401 : user_pref("browser.startup.homepage", "http://toast.net/start/"); -> Replaced (about:home)

    MBR Check :
    +++++ PhysicalDrive0: ST320LT007-9ZV142 +++++
    --- User ---
    [MBR] 0ca11b9123e05cfef88bb9f1d87d8255
    [BSP] 7aadc9b130d3831ed8795562e918dbf1 : Windows Vista/7/8|VT.Unknown MBR Code
    Partition table:
    0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 3450 MB
    1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 7067648 | Size: 301793 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
    User = LL1 ... OK
    User = LL2 ... OK

    +++++ PhysicalDrive1: SanDisk Ultra USB Device +++++
    --- User ---
    [MBR] b2a5207711aaeee8437ff9e9e721809e
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
    Partition table:
    0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 21952 | Size: 59285 MB
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )

    +++++ PhysicalDrive2: TOSHIBA TransMemory USB Device +++++
    --- User ---
    [MBR] fef81fdee75be3af8bc5addbeae9d54b
    [BSP] 33a07a59d299ab4ea9f4ab0156f9d86f : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 7624 MB
    User = LL1 ... OK
    Error reading LL2 MBR! ([32] The request is not supported. )

    ***

    Emisisoft Emergency Kit was installed and run as Administrator. Malware Scan found nothing and created no log.

    ***

  5. #15
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,363

    Default

    I would recommend you use a pop up blocker if your still having problems with that.

    How is your computer now?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  6. #16
    Senior Member
    Join Date
    Oct 2005
    Location
    Indialantic, Florida USA
    Posts
    116

    Default

    Let me run my laptop for a day or so to see whether or not the popup repeats.

    Please recommend a popup blocker, preferably one that's free.

  7. #17
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,363
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  8. #18
    Senior Member
    Join Date
    Oct 2005
    Location
    Indialantic, Florida USA
    Posts
    116

    Default

    I clicked on Add to Firefox, and then saw a tab saying it was installed. Made a small donation via PayPal, BUT I don't see any evidence anywhere of AdBlock being installed. Suggestion?

    I have not seen/heard the obnoxious popup that prompted me to start this thread for the last couple of days. If you want to declare victory, let me know.

    Thanks much for your help. Merry Christmas and a Happy 2018!

  9. #19
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,363

    Default

    The below link is for how to use AdBlock
    https://adblockplus.org/getting_started

    Merry Christmas and a Happy 2018 to you too!

    I have not seen/heard the obnoxious popup that prompted me to start this thread for the last couple of days. If you want to declare victory, let me know.
    Yes!

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    ***********
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
    Want to help others? Join the ClassRoom and learn how.

  10. #20
    Senior Member
    Join Date
    Oct 2005
    Location
    Indialantic, Florida USA
    Posts
    116

    Default

    Will read: adblockplus.org/getting_started

    I neglected to check Activate UAC when I ran DelFix (I went too fast...) Is this a problem?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •