Possible adware

Discussion in 'Malware Help (A Specialist Will Reply)' started by Brouwer, Feb 17, 2014.

  1. Brouwer

    Brouwer Private E-2

    Problem for a few weeks. Possibly after downloading torrents, not sure.
    Pop-up ads, words on web pages highlighted for links when they shouldn't be, re-directions, multiple ads shown at top after google searches when they shouldn't be there, non-tab ads appearing at side and bottom of screen.

    All best, cheers
     

    Attached Files:

    Brouwer, Feb 17, 2014
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    http://img805.imageshack.us/img805/9659/rktigzy.gif Fix items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7/8 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now click the Registry tab and locate this detection:

    • [V1][ROGUE ST] WS.Enabler-S-71009536.job : c:\programdata\setapp\ws.enabler\WS.Enabler.exe - /schedule /profile "c:\programdata\setapp\ws.enabler\71009536.ini" [x][-] -> FOUND
    Place a checkmark next to this item, leave the others unchecked.
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[2].txt
    Attach RKreport[2].txt to your next message. (How to attach)
    Reboot the machine.


    Re run Hitman and have it remove Potential Unwanted Programs. (These may be set to ignore by default but I do want you to delete them)


    Delete these:

    • C:\ProgramData\54d035dc9590a1c0
    • c:\programdata\setapp\ws.enabler
    • C:\Windows\tasks\WS.Enabler-S-71009536.job



    http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Attach JRT.txt to your next message.




    Now run the C:\MGtools\GetLogs.bat file by double clicking on it. (Right click and run as admin if using Vista, Windows7 or Win8) Then attach the new C:\MGlogs.zip file that will be created by running this.

    Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!
     
    Kestrel13!, Feb 18, 2014
    #2
  3. Brouwer

    Brouwer Private E-2

    Sorry for the delay.

    Had two problems with following instructions:

    1. The RKreport has 0 rather than 2 as a name.

    2. I ran Hitman and none of these came up:

    C:\ProgramData\54d035dc9590a1c0
    c:\programdata\setapp\ws.enabler
    C:\Windows\tasks\WS.Enabler-S-71009536.job

    Instead two other threats were found, one to do with FLV player and the other to do with Softonic. I attempted to delete these anyway and couldn't without activating (subscribing to) Hitman.

    Things are running the same they were before (things highlighted when they shouldn't be, virus pop ups, etc) unfortunately. Thanks for your previous post.
     

    Attached Files:

    Brouwer, Mar 6, 2014
    #3
  4. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You need to read instructions more carefully. I did not ask you to remove these with Hitman, I just asked you to delete them (meaning manually) Can you do so now and let me know how you get on? Thanks. :)
     
    Kestrel13!, Mar 7, 2014
    #4
  5. Brouwer

    Brouwer Private E-2

    Sorry, I was careless.

    I located and deleted the first two. I couldn't locate the third after deleting the first two. The third one seemed to be within a folder of the second one. One of the files in the folder had filename S-71009536 in any case (but without the .job).

    I'm still encountering the same infection problems post-deletion.
     
    Brouwer, Mar 7, 2014
    #5
  6. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Good morning. :)

    Which browser are you having the pop ups occur in please?
     
    Kestrel13!, Mar 8, 2014
    #6
  7. Brouwer

    Brouwer Private E-2

    Hey, good morning. It's GoogleChrome. I checked Firefox and Internet Explorer and they seem not to be having the same problems.
     
    Brouwer, Mar 8, 2014
    #7
  8. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Kestrel13!, Mar 8, 2014
    #8
  9. Brouwer

    Brouwer Private E-2

    Great! That seems to have sorted it. Thanks!
     
    Brouwer, Mar 8, 2014
    #9
  10. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Surf around for one day, then post back. If all is still well I can post final steps instructions for you to follow.
     
    Kestrel13!, Mar 8, 2014
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds