1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I have a problem with some kind of Virus or Malware

Discussion in 'Windows - Virus and spyware problems' started by cooltwou, Jul 25, 2014.

  1. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    I am running a computer that has Windows 8.1 & I have some kind of Virus or Malware on the computer that affects my web browsers I have Internet Explorer Google Chrome & Firefox.
    Now every time I open up a Website with one of these web browsers I get Pop-up after Pop-up & I have run Virus scan program Windows Defender & SuperAntiSyware Free Edition & Malwarebytes Anti-Malware & still none of that has fixed the problems & I ever tried running the program's in safe mode & that didn't work either & I have removed 2 browsers & reinstated them Google Chrome & Firefox because I couldn't uninstall Internet Explorer because then I have no web browser at all so what do I do next to fix this problem I am having
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Hi cooltwou,

    In order to help, I will need some information and reports from your system.

    First: I need you to run a scan tool to provide me with the information I need to construct a Fix for your problems.

    Step 1

    Please download -> Farbar Recovery Scan Tool and save it to your desktop.
    Note: You need to run the version compatible with your system (32 or 64bit). If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the correct version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.

      [​IMG]
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

    Step 2

    After you generate both reports, please attach them. There is a button [​IMG] below. Use it to attach all reports.

    Location of the reports:

    FRST.txt and Addition.txt --> are on the desktop or in the same folder where you downloaded FRST

    If you have difficulties attaching the reports, just open them and copy/paste it's content into the topic.


    2oG
     
  3. ddp

    ddp Moderator Staff Member

    Joined:
    Oct 15, 2004
    Messages:
    39,014
    Likes Received:
    78
    Trophy Points:
    128
    can also reset internet explorer under the advanced tab in internet options.
     
  4. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    ddp I don't use the internet explorer I use Firefox more than any other browser
     

    Attached Files:

  5. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    I started to tell ddp that would do no good, but I'm a nice guy and didn't want to hurt his feelings. :)

    I will go through the logs and see what we will need to do and get back with you as soon as I can. Probably tomorrow because it's past my bed time now.

    I'm not real strict on this site but please follow these simple rules so we can clean your computer as quick as we can:

    Before we begin, I want you to have this in mind:
    • Please do not install any new software during the cleaning process other than the tools I provide for you. This can hinder the cleaning process. Please do not perform System Restore or any other restore.
    • Please read through my instructions carefully and completely before executing them.
    • Please do not run any tools other than the ones I ask you to, when I ask you to. If you use a tool that I have not requested it can cause false positives, thereby delaying the complete cleaning of your machine.
    • All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.
    • Please stay with me until the end of all steps and procedures. Just because there is a lack of symptoms does not indicate a clean machine.
    • Please attach all reports using [​IMG] button below. Doing this, you make it easier for me to analyze and fix your problem.


    2oG
     
  6. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Ok I understand
     
  7. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    OK cooltwou, here we go:

    You are very infected and it came from the program, TornTV, which came bundled with Adware, a Trojan and a Worm.
    The trojan set up a network proxy and pulled in more malware. I am concerned that the worm may have spread through your router to other computers you may have and it would be prudent to check them out when finished here so that the worm will not keep bouncing around in your computers and spread out over e-mails, flash drives, etc.

    You have an Adware hijacker program called SavingsBull that is very difficult to remove. I have ran into it before so maybe it won't give us too much trouble. It really needs to be manually un-installed but is hidden from your un-install list. I have un-hid it in my FRST fix so you, hopefully, will be able to un-install it after running the fix.

    If you run into anything you don't understand, please stop and ask..........


    Download the attached fixlist.txt file and save it to the Desktop.
    NOTE: It's important that both files, FRST /FRST64 and fixlist.txt are in the same location or the fix will not work!

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.


    ***** NEXT *****


    Go to the Control Panel and to the uninstall list and uninstall the following:
    -> SavingsBull


    ***** NEXT *****


    Please download AdwCleaner by Xplode and save to your Desktop.

    Double click on AdwCleaner.exe to run the tool.
    • Click on the Scan button.
    • After the scan has finished click on the Clean button.
    Press OK when asked to close all programs and follow the onscreen prompts.
    Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Please attach this log in your reply..


    How is your computer now and did SavingsBull uninstall?
    2oG
     

    Attached Files:

  8. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    I have a problem with uninstall the Savings Bull program I get this message every time:
    Windows Installer:
    The feature you are trying to use is on a network resource that is unavailable.
    Click on OK to try again, or enter alternative path a folder containing he installation package: 't. msi' in the box below.
    I have tried to search for that installation package by that time no Luck at all in finding it
     
  9. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    Yeah, it does give a hard time when trying to get rid of it. Each time I run into it it has changed. :confused:

    Just skip trying to uninstall and run AdwCleaner. That will probably take it out.. We'll see.........
     
  10. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    the Program SavingsBull is gone now how do i know if all the malware is gone or not
     

    Attached Files:

  11. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,687
    Likes Received:
    35
    Trophy Points:
    78
    PLay with it.. bounce around on all your browsers and see if everything is ok and nothing popping up or acting funny.... then let me know...
     

Share This Page