Bestadbid Malware

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by zaslee, Mar 10, 2014.

  1. zaslee

    zaslee Private E-2

    I am new to Major Geeks and came really out of sheer desperation on the suggestion of my brother. I have serious pop-up issues with a website called bestadbids. After some research I think it's because something malicious was bundled with another download, although under Control Panel I can't see any suspicious programme I can try uninstalling.

    (I think) I am uploading logs from some anti-adware programmes (TDSSKiller, RogueKiller, Hitman Pro, MGTools...) I ran after reading other threads. I also think I saw some suspicious pirrit.suggestor (who knows what this is).

    Please help! I will probably perish without your kind assistance. Thank you!
     

    Attached Files:

  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hi there. I still need to see the logs from Hitman, Malware Bytes and MGTools please. :)
     
  3. zaslee

    zaslee Private E-2

    THANK YOU so very much! I've attached the three logs requested.


     

    Attached Files:

  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Hi there.

    Are you deliberately set up to use a proxy?
     
  5. zaslee

    zaslee Private E-2

    Dear Kestrel13!,

    I'm not, I don't think. But I'm truly IT-illiterate. I also don't know how to read the logs produced by the various anti-malware tools. Basically I get lots of pop-ups every time I click anywhere on a website, even if it is just to scroll down. I had pirritsuggestor.exe and pirritdesktop.exe but they appear and disappear variously in the %appdata% > local file.

     
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    [​IMG] Fix items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab (Or proxy tab) and locate these detections:

    • [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=hxxp://127.0.0.1:9880 [Country: (Private Address) (XX), City: (Private Address)]) -> FOUND
    • [PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND
    Place a checkmark next to each of these items, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Reboot the machine.



    [​IMG] Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.



    How are things running now?
     
  7. zaslee

    zaslee Private E-2

    Dear Kestrel13!,

    Thank you for the kind help! I have attached the logs from RK and JRT.

    I don't have the strange live text on webpages anymore, but still get pop-ups from Bestadbid.
     

    Attached Files:

    Last edited by a moderator: Mar 14, 2014
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Which browser does this occur in please?
     
  9. zaslee

    zaslee Private E-2

    Both in Chrome and in Internet Explorer. I don't (yet) have Firefox or any other browser.

     
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member


MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds