LDTate

Moderators
  • Content count

    21,392
  • Joined

  • Last visited

About LDTate

  • Rank
    Forum Deity
  • Birthday 05/30/1951

Contact Methods

  • ICQ
    0

Profile Information

  • Location
    Missouri, USA

Recent Profile Visitors

44,334 profile views
  1. Download and run Chrome Cleaner https://www.google.com/chrome/cleanup-tool/ If that didn't work: Lets try this: Start Task Manager To start Task Manager, take any of the following actions: Press CTRL+ALT+DELETE, and then click Task Manager. or Press CTRL+SHIFT+ESC. End the process for **all** Google and / or Chrome items. Reset your browser settings 1.In the top-right corner of the browser window, click the Chrome menu 2.Select Settings. 3.At the bottom, click Show advanced settings. 4.Under the section "Reset settings,” click Reset settings. 5.In the dialog that appears, click Reset. **If that didn't do the trick** Start Task Manager To start Task Manager, take any of the following actions: Press CTRL+ALT+DELETE, and then click Task Manager. or Press CTRL+SHIFT+ESC. End the process for **all** Google and / or Chrome items. If you have Bookmarks that you want to save, you want to do that first. Export / Import Bookmarks. https://support.google.com/chrome/answer/96816?hl=en We need to uninstall Chrome completely and remove the user folder, then re-install it if you want to keep Chrome It's hidden so we have to show hidden files and folders. Here's how to display hidden files and folders. Open Folder Options by clicking the Start button (Windows Globe), clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options. Click the View tab. Under Advanced settings, click Show hidden files, folders, and drives, and then click OK. Go to: C:\Users\(your name)\AppData\Local\Google\Chrome\User Data <----Delete this folder Go to: C:\Users\(your name)\AppData\Local\Google <----Delete this folder Now we need to rehide files, folders: Open Folder Options by clicking the Start button (Windows Globe) , clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options. Click the View tab. Under Advanced settings, uncheck Show hidden files, folders, and drives, and then click OK. Also if you have utilized chrome's "sync" ability, that may be bringing the infection back as well we need to uninstall check the section for "delete your synced data from your Google Account " at the bottom of the page http://support.google.com/chrome/bin/answer.py?hl=en&answer=185277 Reinstall Chrome https://www.google.com/intl/en/chrome/browser/ Please install AdBlock for Chrome: https://adblockplus.org/category/adblock-plus-chrome/ **Let me know if that solves the issue.** p((. _Larry Tate - *"LDT"* Consumer Support Specialist & Malware Removal Specialist_ !https://www.malwarebytes.org/images/staff.png(Crushes Malware Restores Confidence)!:https://www.malwarebytes.org/
  2. -Type your response at the top of this reply.- **Please ignore that if you see it as it will run everything together. Just use the open windows area to reply** We are not: A pop-up blocker, cookie cleaner, anti-virus, firewall nor do we monitor email providers. We don't prefiter web pages. That is your web browsers + antivirus along with the firewalls job. We remove **Malware** Malwarebytes doesn't automatically remove legit programs but we can assist in removal of programs you do not want. We can check for Malware You might want to print this out Take your time This should work unless it is tied to Chrome which will require a additional fix after this. If you get stuck on any step, just move on to the next step. **Close all browser's, Chrome, Fire Fox or Internet Explorer before running the tools** Start Task Manager To start Task Manager, take any of the following actions: Press CTRL+ALT+DELETE, and then click Task Manager. or Press CTRL+SHIFT+ESC. End the process for **all** browser's Disable your AntiVirus and AntiSpyware applications (Not Malwarebytes) **if possible**, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : http://forums.whatthetech.com/index.php?showtopic=96260 **Step 1:** Please open Malwarebytes. Open Malwarebytes (MBAM) > History > Quarantine > Delete All Open Malwarebytes (MBAM) > History > Application Logs > Delete All Click the Settings Tab Click Advanced Settings make **sure** Enable Self-Protection Module is **unchecked** Now Right Click the MBAM icon down by the clock and select Exit Install the Malwarebytes Anti-Malware latest database by following the link below. http://downloads.malwarebytes.org/file/mbam/ Save the file and double-click it to begin the installation. It will install over the top so you won;t need to add your ID / Key Potentially Unwanted Programs (PUPs) You will need to modify your MBAM settings, if you haven't already, and want them checked for removal. By default it will scan them but will not mark them for removal. Please open Malwarebytes. Click the Settings Tab Click the Detections and Protection Tab **check** Scan for RootKits. **check** Use Advanced Heuristics Non-Malware Protection Change the Action for (PUP) and (PUM) to treat Detections as Malware Run a new **Threat** scan and **quarantine** / **Remove** whatever is found. **Step 2:** This is a two step process. First run you use **Scan** Second run you use **Clean** Please download **AdwCleaner** from here: You should see a Green Tab to click to download http://forums.whatthetech.com/index.php?autocom=downloads&showfile=55 or https://toolslib.net/downloads/viewdownload/1-adwcleaner/ Double click on AdwCleaner.exe to run the tool. Click on **Scan** Button. A logfile will automatically open after the scan has finished. Please attach that log in your reply. You can find the logfile at C:\AdwCleaner [Sn].txt ('n' is the number of scan actions performed). Once the **Scan** part is finished you will be able to click the **Clean** button This tool might remove add-ons that you added by choice like Ask Toolbar. Please uncheck / untick any items you don't want to remove. Click the **Clean** Button. It will require a reboot, so please be sure to close any other open programs first. A text file will open after the restart. Please attach that log file in your reply. You can find the logfile at C:\C:\AdwCleaner [Cn].txt ('n' is the number of clean actions performed). Please save using the default Notepad format, DO NOT USE WORD or any other office type of software. DO NOT COPY & PASTE the log, send it as an attachment. Reply to THIS ticket, DO NOT create a new one. p((. _Larry Tate - *"LDT"* Consumer Support Specialist & Malware Removal Specialist_ !https://www.malwarebytes.org/images/staff.png(Crushes Malware Restores Confidence)!:https://www.malwarebytes.org/ How to use AdwCleaner https://www.youtube.com/watch?v=EYWYxPFXbK0
  3. Douglas, Are you talking about a "browser Tab"? If so, which browser are you using?
  4. Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.
  5. It was a False Positive. Update your Malwarebytes.
  6. Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.
  7. https://www.virustotal.com/nl/file/af589b32018153525129a3ad30d01e5973b610509431f0e95b8c84401fda7eec/analysis/1468934428/ https://www.virustotal.com/nl/file/4ade4ea5ff1ad55d11eb7ed88c9ace80585a08e648609af1d0fddaf816f7e8c5/analysis/1468933469/
  8. Let me have this checked with our Research Team.
  9. At this point I can only suggest your IT folks re-image the computer.
  10. We have to be careful here as your IT folks have restrictions as well as a proxy set. Is this a school pc? Do you have an IT department?
  11. I have a question. Are you using this pc for school or work? sena.edu ProxyServer: [HKLM] => proxy2.sena.edu.co:80
  12. For Chrome: Download and run Chrome Cleaner https://www.google.com/chrome/cleanup-tool/ If that didn't work: Lets try this: Start Task Manager To start Task Manager, take any of the following actions: Press CTRL+ALT+DELETE, and then click Task Manager. or Press CTRL+SHIFT+ESC. End the process for **all** Google and / or Chrome items. Reset your browser settings 1.In the top-right corner of the browser window, click the Chrome menu 2.Select Settings. 3.At the bottom, click Show advanced settings. 4.Under the section "Reset settings,” click Reset settings. 5.In the dialog that appears, click Reset. **If that didn't do the trick** Start Task Manager To start Task Manager, take any of the following actions: Press CTRL+ALT+DELETE, and then click Task Manager. or Press CTRL+SHIFT+ESC. End the process for **all** Google and / or Chrome items. If you have Bookmarks that you want to save, you want to do that first. Export / Import Bookmarks. https://support.google.com/chrome/answer/96816?hl=en We need to uninstall Chrome completely and remove the user folder, then re-install it if you want to keep Chrome It's hidden so we have to show hidden files and folders. Here's how to display hidden files and folders. Open Folder Options by clicking the Start button (Windows Globe), clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options. Click the View tab. Under Advanced settings, click Show hidden files, folders, and drives, and then click OK. Go to: C:\Users\(your name)\AppData\Local\Google\Chrome\User Data <----Delete this folder Go to: C:\Users\(your name)\AppData\Local\Google <----Delete this folder Now we need to rehide files, folders: Open Folder Options by clicking the Start button (Windows Globe) , clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options. Click the View tab. Under Advanced settings, uncheck Show hidden files, folders, and drives, and then click OK. Also if you have utilized chrome's "sync" ability, that may be bringing the infection back as well we need to uninstall check the section for "delete your synced data from your Google Account " at the bottom of the page http://support.google.com/chrome/bin/answer.py?hl=en&answer=185277 Reinstall Chrome https://www.google.com/intl/en/chrome/browser/ Please install AdBlock for Chrome: https://adblockplus.org/category/adblock-plus-chrome/ **Let me know if that solves the issue.** For chrome:
  13. Hello Ovalle, I have attached A file I need you to download and save it to the same place that you saved the FRST program Download attached **fixlist.txt** and save it to same location where the FRST tool is located. NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work. Close all browsers before running. !https://sites.google.com/site/cannedfixes/home/deskcompictures/frst-fixlist.jpg! After that you don't have to do anything else with the fixlist, we will continue using the FRST tool. Right-click on *FRST* icon ( !https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif! ) and select ( !https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg! ) *Run as Administrator* to start the tool. _XP users just double-click, and then click run after receipt of Windows Security Warning - Open File._ _8 users will be prompted about Windows SmartScreen protection - click More information and Run._ !https://sites.google.com/site/cannedfixes/home/cleaning-guide/frst-run.png! The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use. This time please press *FIX* and wait patiently. !https://sites.google.com/site/cannedfixes/home/deskcompictures/frst-fixconsole.jpg! A reboot may occur. Upon completion a logfile will be opened (also saved to the desktop) called *fixlog.txt*. !https://sites.google.com/site/cannedfixes/home/deskcompictures/frst-fixlog.jpg! They will look like this: https://sites.google.com/site/cannedfixes/home/deskcompictures/frst-fixlist.jpg Please *attach that file* for my review. **Also let me know how it's running now** p((. _Larry Tate - *"LDT"* Consumer Support Specialist & Malware Removal Specialist_ !https://www.malwarebytes.org/images/staff.png(Crushes Malware Restores Confidence)!:https://www.malwarebytes.org/ fixlist.txt
  14. Both those files are normal and created by Microsoft applications, one by Windows Media Player DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF The other as a font cache by Windows itself. GDIPFONTCACHEV1.DAT
  15. Topic reopened per request