Free Registry Malware Popups :(

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by frontball, Feb 24, 2013.

  1. frontball

    frontball Private E-2

    Following READ & RUN ME FIRST instructions for Windows 7.
     

    Attached Files:

    Last edited by a moderator: Feb 24, 2013
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Re run Hitman and have it delete Potential Unwanted Programs

    Coupon Alert <-- Uninstall this.

    Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

    Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

    • R3 - URLSearchHook: (no name) - {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll
    • O2 - BHO: Toolbar BHO - {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - C:\PROGRA~2\COUPON~2\bar\1.bin\2pbar.dll
    • O2 - BHO: Search Assistant BHO - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll
    • O3 - Toolbar: Coupon Alert - {3462c343-be19-4143-af70-cefb56f46fc6} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbar.dll
    • O4 - HKLM\..\Run: [CouponAlert_2p Browser Plugin Loader] C:\PROGRA~2\COUPON~2\bar\1.bin\2pbrmon.exe
    • O23 - Service: Coupon AlertService (CouponAlert_2pService) - COMPANYVERS_NAME - C:\PROGRA~2\COUPON~2\bar\1.bin\2pbarsvc.exe


    After clicking Fix exit HJT.

    Delete these if they show up:

    C:\Program Files (x86)\CouponAlert_2p
    C:\PROGRA~2\COUPON~2

    Tell me what issues remain.
     
  3. frontball

    frontball Private E-2

    Having issues with Hitman Pro requesting I buy it. I was under the impression this was freeware or at least free trial. Downloading previous version (I think).
     
  4. frontball

    frontball Private E-2

    Alright I couldn't find any of those Hijackthis entries but I assume they disappeared after I removed the coupon program. However, the RegClean Pro program still seems to exist. I'm going to try a couple uninstallations and put a proper antivirus on (uncle's laptop, he thought a link on the desktop to Norton Antivirus website was an antivirus).
     
  5. frontball

    frontball Private E-2

    Alright, attempted to get Microsoft Essentials Protection and turn windows Defender back on, but the RegClean Pro program has reestablished itself and is preventing me from doing so.
     
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    RegClean Pro <--- Uninstall it but use Revo! Then... Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista or Windows7) Then attach the new C:\MGlogs.zip file that will be created by running this.

    Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds