Jump to content

A1cntrler

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral

About A1cntrler

  • Birthday 04/12/1977

Profile Information

  • Location
    Moorpark, CA
  1. Everything looks great. Thanks! I'll be notifying my Father-in-Law of the forums here as I seem to be the go-to almost weekly for cleaning the junk off his computer. I am never sure if I got it all from the phone conversations, but the instructions you provided were simple and quite easy to follow. Hope I wasn't too difficult. I've bought you a drink through the link below at PayPal. Thank you so much!
  2. No new suspicious activity on the machine. Here are the requested logs attached below. Thanks! Rkill.txt Fixlog.txt FRST.txt Addition.txt
  3. Blackbird: Sorry I did not get a message last time you responded. I had figured it was cleaned and we were good to go. I'd like to go ahead and run the scans and post the requested logs, however there are a couple changes to my system. My wife needed to print for work and with the non-working HP printer I had to remove it and install my new printer. The new printer has been working fine and I don't get any errors. I also found a tutorial online to fix tohe teredo issue and it has not popped back up again. The system has been running trouble free for the past few days, but I haven't been using it too much. There are a couple of other programs I'd like to remove from it (Utorrent and Peerblock) but will wait until we're complete here. I'll check the forums manually to see if there is a response instead of waiting for the email notification. So am I clear to use the fixlog you sent or not because of the change in removing the HP printer and adding a new one?
  4. I checked the properties of the shortcut for Firefox on my desktop. It was set to go to the weird search website. Same was true for the shortcut on the taskbar. I deleted them and recreated the shortcut out of the main Firefox install folder and it no longer opens the search website as before. I guess I should have looked at those properties earlier. The only remaining concern I now have it the Microsoft Teredo Tunneling Adapter. To be honest I'm not even sure what is is that it does, but I know there weren't any issues with my device manager up until I had the infection. As for my printer showing there is an issue as well, I've got a new printer here and have just been waiting to get the Salus issue cleared up and make sure I'm not infected before I remove the HP Printer and install my new one. Once I've got the all clear from you I'll get all the HP software off my system and begin to get my new Brother printer installed on my network. Ever since I've had my HP Printer (I think I bought it back in 2003 or 2004) I don't think there has been a period of time more than 2 months where something goes wonky with the HP software that came with it and needs a fresh install. Thanks again for your help.
  5. I've run the scans you asked me to. Log files are attached. Firefox Still opens the weird search page from the shortcut on my desktop. Microsoft Teredo Tunneling Adapter still shows the yellow mark in Device manager. Check for drivers shows it is up to date, but it gives this error under properties: This device cannot start. (Code 10) Still no sign of Salus on the system today (yay!) Should I delete my Firefox Shortcut and recreate one? Both the shortcut and the quicklaunch icon take me to the odd search page that loads in and redirects me to elsewhere (as I watch the address bar) Rkill.txt Fixlog.txt MBAMLog.txt FRST.txt AdwCleanerS0.txt
  6. I can't edit my post for some reason, so attached is the new Malwarebytes scan requested with rootkit scan enabled: MalwarebytesScan.txt
  7. Sorry but I was just reviewing my logs and noticed that I had left "Scan for Rootkits" unchecked int eh Malwarebytes scan. I'm rescanning now (hopefully will take about an hour) and will eith the above post with the correct Malwarebytes log when it is available.
  8. Hello and thank you for looking at my issue. In my previous post I had mentioned about "Ads by Salus" reappearing on my system day after day even after repeated uninstalling of the program. It always had bogus install dates of various years from 2012-2014. Yesterday before I had posted here and sent my FRST logs on myh original post I had run a program called HitmanPro_x64 that I found by searching for Salus removal. This program did find instances of Salus that Malwarebytes and Microsoft Security Essentials both never saw. It cleaned them off and today for the first time in a long whle I haven't had the "Ads by Salus" or the Salus program self install on my machine. Not positive it is fixed, but hopefully you won't find anything in my logs you requested. The Firefox hijack is still in place however. Even uninstall/reinstall of Firefox didn't fix it. My homepage shows it is set to google.com but it still loads http://www-search.info/?src=us instead. I've followed the 6 steps you asked me to and hopefully didn't miss anything. I've added them as attachments below. One thing that I noticed about the same time that I started seeing the ads was a problem with a few of my drivers on this machine. 1. My scanner/printer: In device manager it stared showing me that the driver for my printer was not installed. I was able to print/scan with no issues despite this. Allowing windows to search for the proper driver always failed. I uninstalled/reinstalled the printer/scanner software from HP and still I can print/scan with it but still shows the yellow triangle in device manager. 2. In Device Manager I have another yellow triange on somehting called "Microsoft Teredo Tunneling Adapter" in the Network Adapters category. I have 2 network adapters (The one built into my board is disabled because the Gigabit was acting flaky on it back when I built the system so I put a Intel Gigabit PCI card in it) I've tried to let troubleshooter fix the problem but it is unable do because of an "Error 10". I uninstalled my network card and reinstalled it and it came up again with the same error after reboot. The Defogger didn't ask me to reboot (infact none of the run programs/scans asked me to). Also included the "Addition.txt" file from teh FRST64 Scan. defogger_disable.log AdwCleanerR0.txt MWBScan.txt FRST.txt Addition.txt GMERScan.log
  9. About a week ago I started being plastered by ads while browsing the internet. I can't point to a specefic location where I aquired the infection. I've got Microsoft Security Essentials and Malwarebytes (Licensed Version) running and they never detect the "Ads By Salus" program. I found the program in my programs list and it is never on a recent date. While the date matches (It will say installed on 1/6) the year has been between 2012 and 2013. The only way I can find it is by searcing installed programs for "Salus" and uninstalling it. It always asks my if I'd like to reconsider before uninstalling it. I proceed with the removal and it remains gone until the next day. I can reboot my computer multiple times and once it is gone it won't reappear until the next day. Also about the same time my Firefox home page has been reset to http://www-search.info/?src=us. I've cleared out all cookies, reset the browser, uninstalled and reinstalled yet I can't get it to direct away from that page when I first open it. If I open a new tab or click on the home button it goes to Google (behavior I have it set to do) or a blank page (behavior for a new tab) Below are the requested scans as per the Pinned post at the top of this page. I do use a P2P program, but it has been and will remain disabled until this issue is resolved. Also I wil not be making any registry changes or uninstalling anything unless told to do so. The last thing I tried was a program called HitmanPro this morning right after my daily ritual of uninstalling Salus from the programs in Control Panel. It did find a few entries titled "Salus" in my Program Files(x86) on my C drive and it said it deleted them. Not positive that it corrected the problem though. I've attached the requested files to this post to keep the message from being a "scroll fest". Thank you for your time in reviewing them. FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.