MajorGeeks Support Forums

MajorGeeks Support Forums (http://forums.majorgeeks.com/index.php)
-   Malware Removal (http://forums.majorgeeks.com/forumdisplay.php?f=35)
-   -   Bestadbid Malware (http://forums.majorgeeks.com/showthread.php?t=284594)

zaslee 03-10-14 04:30

Bestadbid Malware
 
4 Attachment(s)
I am new to Major Geeks and came really out of sheer desperation on the suggestion of my brother. I have serious pop-up issues with a website called bestadbids. After some research I think it's because something malicious was bundled with another download, although under Control Panel I can't see any suspicious programme I can try uninstalling.

(I think) I am uploading logs from some anti-adware programmes (TDSSKiller, RogueKiller, Hitman Pro, MGTools...) I ran after reading other threads. I also think I saw some suspicious pirrit.suggestor (who knows what this is).

Please help! I will probably perish without your kind assistance. Thank you!

Kestrel13! 03-10-14 08:43

Re: Bestadbid Malware
 
Hi there. I still need to see the logs from Hitman, Malware Bytes and MGTools please. :)

zaslee 03-10-14 11:36

Re: Bestadbid Malware
 
3 Attachment(s)
THANK YOU so very much! I've attached the three logs requested.


Quote:

Originally Posted by zaslee (Post 1863946)
I am new to Major Geeks and came really out of sheer desperation on the suggestion of my brother. I have serious pop-up issues with a website called bestadbids. After some research I think it's because something malicious was bundled with another download, although under Control Panel I can't see any suspicious programme I can try uninstalling.

(I think) I am uploading logs from some anti-adware programmes (TDSSKiller, RogueKiller, Hitman Pro, MGTools...) I ran after reading other threads. I also think I saw some suspicious pirrit.suggestor (who knows what this is).

Please help! I will probably perish without your kind assistance. Thank you!


Kestrel13! 03-11-14 11:36

Re: Bestadbid Malware
 
Hi there.

Are you deliberately set up to use a proxy?

zaslee 03-12-14 21:14

Re: Bestadbid Malware
 
Dear Kestrel13!,

I'm not, I don't think. But I'm truly IT-illiterate. I also don't know how to read the logs produced by the various anti-malware tools. Basically I get lots of pop-ups every time I click anywhere on a website, even if it is just to scroll down. I had pirritsuggestor.exe and pirritdesktop.exe but they appear and disappear variously in the %appdata% > local file.

Quote:

Originally Posted by Kestrel13! (Post 1864140)
Hi there.

Are you deliberately set up to use a proxy?


Kestrel13! 03-13-14 18:20

Re: Bestadbid Malware
 
http://img805.imageshack.us/img805/9659/rktigzy.gif Fix items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
When it opens, press the Scan button
Now click the Registry tab (Or proxy tab) and locate these detections:
  • [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=hxxp://127.0.0.1:9880 [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND
  • [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
Place a checkmark next to each of these items, leave the others unchecked.
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[2].txt
Attach RKreport[2].txt to your next message. (How to attach)
Reboot the machine.



http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Attach JRT.txt to your next message.



How are things running now?

zaslee 03-13-14 21:48

Re: Bestadbid Malware
 
3 Attachment(s)
Dear Kestrel13!,

Thank you for the kind help! I have attached the logs from RK and JRT.

I don't have the strange live text on webpages anymore, but still get pop-ups from Bestadbid.

Kestrel13! 03-14-14 10:19

Re: Bestadbid Malware
 
Which browser does this occur in please?

zaslee 03-16-14 21:39

Re: Bestadbid Malware
 
Both in Chrome and in Internet Explorer. I don't (yet) have Firefox or any other browser.

Quote:

Originally Posted by Kestrel13! (Post 1864505)
Which browser does this occur in please?


Kestrel13! 03-17-14 16:01

Re: Bestadbid Malware
 
Try running this and let me know if Google Chrome works normally then.

Reset Chrome to Defaults


All times are GMT -5. The time now is 08:24.

Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger