1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I have a problem with Spyware and Malware

Discussion in 'Windows - Virus and spyware problems' started by cooltwou, May 1, 2015.

  1. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Some how programs and things like that have taken over my PC and all my web browsers.
    I used Windows Defender and it only found 2 items and these programs didn't help either:
    SuperAntiSpameware Free edition and Malwarebytes Anti-Malware.
    Also every time you change it to put the settings back in Internet Explorer or Firefox or Google Chrome it automatically goes back to what you had before were Spamware or whatever this in the browser and I don't how to fix this and me and my brother tried to fix and nothing worked at all.
    Here of some of the things I see:
    Nsv32AE.tmp(32 bit)
    CPU Miner
    Any Protect
    GamesDesktop 025.493 025.508 025.509
    Hades
    Infonaut 1.10.0.14
    Search Protect
    shopperz 2.0.0.458
    SmartWeb

    Also every time you uninstall these some how they always come back
     
  2. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    What is your operating system and browsers?
     
  3. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Windows 8.1 and Internet Explorer and Firefox and Google Chrome
     
  4. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    First, let's do a scan to see what problems you have:

    [​IMG] Scan with Farbar Recovery Scan Tool

    Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
    • When the tool opens click Yes to disclaimer.
    • Make sure that Addition option is checked.
    • Press Scan button and wait.
    • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
    Please attach both logs to your next reply. Use the "upload a file" button below to attach the logs...
     
  5. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Here is the files from the scan
     

    Attached Files:

  6. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    Ok cooltwou, I see a lot of Adware, PUPS and your Chrome installation is altered by malware. Reinstall is needed. I'll give instructions later. Your only Anti-virus is windows defender and that's not really good enough. Just take your time and follow my instructions. It will take several steps to clean your computer, so stay with me....

    Lets do a little clean up then scan again to see what we miss:
    Note: most of my instructions were written for Win7 so if you don't understand something, STOP and ask!

    First, we need to uninstall some bad programs.
    If you cannot find one or it will not uninstall, just skip it and go to the next..

    [​IMG] Uninstall some programs
    • Press the [​IMG] + R on your keyboard at the same time. Type appwiz.cpl and click OK.
    • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time
    The list of programs to uninstall:
    • GamesDesktop 025.493
    • GamesDesktop 025.508
    • GamesDesktop 025.509
    • Search Protect
    • shopperz 2.0.0.458
    • SmartWeb
    • Software Version Updater
    After completing uninstalls, please manually reboot your machine!

    Note: If you get the message like: An error occurred while trying to uninstall, just press Yes.


    After reboot we'll run a fix with zoek:

    [​IMG] Scan with ZOEK

    Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
    Please also download the attached scriptfile, named zoekscript.txt.


    [​IMG] Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

    Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below:
    [​IMG]

    Please approve any UAC prompt to allow this action to proceed.

    Answer Yes to the following prompt to allow the zoek script to run:

    [​IMG]

    This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning.

    When the tool finishes, the zoek-results.log is opened in Notepad.
    The log is also found on the systemdrive, normally C:\
    If a reboot is needed, the log is opened after the reboot.

    Please attach the zoek-results.log to your reply.


    NEXT re-scan with FRST so we can find anything that got missed...

    [​IMG] Scan with Farbar Recovery Scan Tool

    Please download Farbar Recovery Scan Tool x64 and save it to your Desktop.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
    • When the tool opens click Yes to disclaimer.
    • Make sure that Addition option is checked.
    • Press Scan button and wait.
    • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
    Please attach both logs to your next reply.

    20G
     

    Attached Files:

  7. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    I have a question were do you get this at: zoekscript.txt
     
  8. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    It is attached to that post. click on it and save it to your desktop. then follow the instructions to drag and drop it on zoek.exe.
     
    Last edited: May 2, 2015
  9. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Here is the Zoek results
     

    Attached Files:

  10. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Here is the Farbar Recovery Scan Tool Results
     

    Attached Files:

  11. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    cooltwou, that cleaned up a lot but not all. you were very infected.

    I will go through the FRST log and we will continue when I get a fix constructed.

    How is your computer acting now???
    2oG
     
  12. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Well I don't see any of the unwanted programs and there still some pop ups happening when you open up a web browser but not as bad as before
     
  13. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    You still have some things that will show up but don't run any more cleaning programs that I don't ask you to. just follow my instructions and we'll get you in good shape..

    Oh, is your Chrome browser still there???
     
  14. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    No I uninstalled that and but your saying there is still more on there
     
  15. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    Malware injects lines for chrome even when you don't have it installed.. that way they are ahead of you if you install it... :(

    The reason I asked is do you want to use it later??
     
  16. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    I have Google Chrome and Firefox because I don't really use Internet Explorer that much at all
     
  17. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    OK, I'll include a link in my Fix so you can reinstall it when we get to that point.......
     
  18. cooltwou

    cooltwou Regular member

    Joined:
    Jun 6, 2009
    Messages:
    130
    Likes Received:
    0
    Trophy Points:
    26
    Ok I understand
     
  19. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    see you later... hang in there........ be cool :cool:
     
  20. 2oldGeek

    2oldGeek Active member

    Joined:
    Jun 16, 2005
    Messages:
    3,691
    Likes Received:
    35
    Trophy Points:
    78
    cooltwou,

    [​IMG] Fix with Farbar Recovery Scan Tool

    [​IMG] This fix was created for this user for use on that particular machine. [​IMG]
    [​IMG] Running it on another one may cause damage and render the system unstable. [​IMG]

    Download attached fixlist.txt file and save it to the Desktop:

    NOTE: Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
    • Press the Fix button just once and wait.
    • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

    Please attach it to your reply.
    Also, let me know how everything is running now......
    There will be more so, don't loose faith. :)
    2oG
     

    Attached Files:

Share This Page