Jump to content

Recommended Posts

Hi, I am new to this forum so sorry if it is not in the correct topic.

Recently I have been getting redirected from websites taking me to globalconsumersurvey.com asking me to fill out a questionnaire, i googled the site and it has brought up a lot of people saying that it is a virus of some kind. I have norton antivirus and it said I have a few Trogen.Gen but norton has removed them. I ran a full scan and it didn't show any other viruses? I am not sure what do to now, but I want this malware to be removed!

Thanks in advance - Callum 

Link to post
Share on other sites

Hello callumm2 and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post the log files in your next reply.

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Thanks for replying. Here is the log from the scan.

 

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 291045
Time elapsed: 4 minute(s), 37 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 15
HKCR\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> No action taken.
HKCR\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} (PUP.WebCake) -> No action taken.
HKCR\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4} (PUP.WebCake) -> No action taken.
HKCR\WebCakeIEClient.Layers.1 (PUP.WebCake) -> No action taken.
HKCR\WebCakeIEClient.Layers (PUP.WebCake) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} (PUP.WebCake) -> No action taken.
HKCR\WebCakeIEClient.Api (PUP.WebCake) -> No action taken.
HKCR\WebCakeIEClient.Api.1 (PUP.WebCake) -> No action taken.
HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\TidyNetwork.com (PUP.TidyNetwork) -> No action taken.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> No action taken.
HKCR\CLSID\{7736C7FA-512D-11E2-B871-DEC36088709B} (PUP.TidyNetwork) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7736C7FA-512D-11E2-B871-DEC36088709B} (PUP.TidyNetwork) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7736C7FA-512D-11E2-B871-DEC36088709B} (PUP.TidyNetwork) -> No action taken.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 8
C:\ProgramData\TARMA INSTALLER\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> No action taken.
C:\Program Files (x86)\Web Cake (PUP.Optional.WebCake.A) -> No action taken.
C:\Users\User\Local Settings\Application Data\TIDYNETWORK.COM (PUP.TidyNetwork) -> No action taken.
C:\Users\User\AppData\Local\TIDYNETWORK.COM (PUP.TidyNetwork) -> No action taken.
C:\ProgramData\TARMA INSTALLER (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{361E80BE-388B-4270-BF54-A10C2B756504} (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache (PUP.Optional.Tarma.A) -> No action taken.
 
Files Detected: 26
C:\Program Files (x86)\Movdap\WEBCAKEIECLIENT.DLL (PUP.WebCake) -> No action taken.
C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.Optional.Tarma.A) -> No action taken.
C:\Users\User\Downloads\horizon-setup.exe (PUP.DownloadAdmin) -> No action taken.
C:\Users\User\AppData\Roaming\explorer.exe (Trojan.Agent.Gen) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> No action taken.
C:\Program Files (x86)\Web Cake\WEBCAKEDESKTOP.UPDATER.INSTALLSTATE (PUP.Optional.WebCake.A) -> No action taken.
C:\Program Files (x86)\Web Cake\OptChrome.exe (PUP.Optional.WebCake.A) -> No action taken.
C:\Program Files (x86)\Web Cake\sqlite3.exe (PUP.Optional.WebCake.A) -> No action taken.
C:\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.exe (PUP.Optional.WebCake.A) -> No action taken.
C:\Users\User\Local Settings\Application Data\TIDYNETWORK.COM\sidTRUK03.tidy (PUP.TidyNetwork) -> No action taken.
C:\Users\User\Local Settings\Application Data\TIDYNETWORK.COM\tidy2ie.dll (PUP.TidyNetwork) -> No action taken.
C:\Users\User\Local Settings\Application Data\TIDYNETWORK.COM\tidy2update.exe (PUP.TidyNetwork) -> No action taken.
C:\Users\User\Local Settings\Application Data\TIDYNETWORK.COM\TidyNetwork.exe (PUP.TidyNetwork) -> No action taken.
C:\Users\User\Local Settings\Application Data\TIDYNETWORK.COM\tidynetwork.log (PUP.TidyNetwork) -> No action taken.
C:\Users\User\AppData\Local\TIDYNETWORK.COM\sidTRUK03.tidy (PUP.TidyNetwork) -> No action taken.
C:\Users\User\AppData\Local\TIDYNETWORK.COM\tidy2ie.dll (PUP.TidyNetwork) -> No action taken.
C:\Users\User\AppData\Local\TIDYNETWORK.COM\tidy2update.exe (PUP.TidyNetwork) -> No action taken.
C:\Users\User\AppData\Local\TIDYNETWORK.COM\TidyNetwork.exe (PUP.TidyNetwork) -> No action taken.
C:\Users\User\AppData\Local\TIDYNETWORK.COM\tidynetwork.log (PUP.TidyNetwork) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico (PUP.Optional.Tarma.A) -> No action taken.
C:\ProgramData\TARMA INSTALLER\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll (PUP.Optional.Tarma.A) -> No action taken.
 
(end)
 
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.