System Progressive Protection Virus

[chaswr]

Thanks for letting me know you don't have a problem with the time here!

After running roguekiller, it generated 2 files, so you will be getting those 2 as well as the 1 for adwcleaner....

 

[Fiery]

Can you give me a quick update of your PC?

 

[chaswr]

Still in safe mode with networking, task manager "looks" normal. Do you want me to boot into normal mode?

 

[Fiery]

Yes, boot to normal mode and let me know how things are. We will go from there

 

[chaswr]

Okay, will do. I get up and running and will return.

 

[chaswr]

Back and running. Once windows started, another adwcleaner log popped up. I will also include that. Otherwise! All seems normal... only apps running according to task manager are notepad and firefox. The rogue IE entries are gone in task manager. ALSO, in malwarebytes under the protection tab, it once again shows in green "protection enabled". During the virus problem, that was showing in red "protection disabled" and I could not re-enable it. It looks as though we may be successful!

 

[chaswr]

Quick question...

I do assume it is okay to delete all of those log files or should I save them into a log/fix folder of some sort? I know if there is another problem, they will have to be created again. As to your suggestion on virus/spyware programs?

 

[Fiery]

Excellent You can delete the logs that were created. Let's make sure we are out of the woods first.

Lastly, run Eset NOD32 Online AntiVirus

Note: You will need to use Internet Explorer for this scan.
Vista / 7 users: You will need to to right-click on the Internet Explorer icon and select Run as Administrator

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your current antivirus software. You can usually do this with its Notfication Tray icon near the clock.
• Click Start
• Make sure that the option "Remove found threats" is Un-checked, and the following Advance Settings are Checked
  • Scan unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Click Scan
• Wait for the scan to finish
• Re-enable your antivirus software.
• A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

 

[chaswr]

running that scan now...

 

[chaswr]

still running....

 

[Fiery]

It may take a while. Go take a break or watch some TV

 

[chaswr]

Thanks for the humor! Scan still running...

 

[chaswr]

scan is still going...11:21pm

 

[chaswr]

Scan done! 1 threat found but the log txt doesn't show it. I did copy to the clipboard and here is what it showed:

C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm\1.0_0\manager.js JS/Redirector.NCG trojan

---

Do I click "finish" on the eset scan window?

 

[Fiery]

Yes, you can click finish.

Open OTL. Under custom scan/fixes, copy and paste the following:

:Files
C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdjbnddbclciabnckgeahmneohjlahdm

Then click Run Fix. There should be another log created, post it.

 

[chaswr]

ran this fix, here is that log...

 

[Fiery]

Good

How is your PC now?

 

[chaswr]

seems okay, but we said that the last time too! Lol! So what's our next step?

 

[chaswr]

You know what? Some of the tools you've had me use are way over my head. I can figure most things out and do almost all my pc maintenance myself but not this one. It also looks like those same tools could really screw things up if used wrongly. All I can say is thanks for the help so far!

 

[Fiery]

The OTL tool has customizable script feature that allows us to delete certain files and registries that "automated" scanners can't detect because they use signatures. If the scanner you are using don't have the signature for the malware on your PC, it won't find it (which was the case here).

The ESET detection isn't major, nothing to fret about. Do a new OTL scan for me so I can verify that your PC is clean