bettersurf still here

kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
kuttus said:
STEP 1: Clean your temporary files to gain more hard drive space and remove the junk files
  1. Download Ccleaner from the below link:
    CCLEANER DOWNLOAD LINK (This link will automatically download Ccleaner on your computer)
  2. Install Ccleaner by following the prompts
  3. Start Ccleaner
    4l5a4i.png
  4. Click
    16jox2o.png
    and choose
    5x3nu8.gif
  5. Uncheck
    amuvj8.gif
  6. Then go back to
    2jb4qyb.gif
    and click
    nf47ev.gif
    to run it.
  7. Exit CCleaner.
Click to expand...


On your computer is there any program called GreatArcade Hits, Scorpion Saver, Highlightly?
 
A

angryone

New Member
Thread author
Verified
Jan 29, 2014
16
Negative, none of those programs. Here's my program list, and my process list
 

Attachments

  • current programlist.png
    current programlist.png
    514.1 KB · Views: 115
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
STEP 1: Run a scan with OTL by OldTimer
  1. Download the OTL utility using the below link :
    OTL DOWNLOAD LINK (This link will automatically download OTL on your computer)
  2. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    OTL-logo.png
  3. When the window appears, underneath Output at the top change it to Minimal Output.
  4. Check the boxes beside LOP Check and Purity Check.
  5. Click the Run Scan button.
    OTL.png
  6. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    Please post this 2 logs in your first reply..

Settings You need to Select in OTL
  1. Click the Scan All Users checkbox.
  2. Change Standard Registry to All.
  3. Check the boxes beside LOP Check and Purity Check.
Note: If OTL.exe will not run, it may be blocked by malware. Try these alternate versions: OTL.scr, or OTL.com.
 
A

angryone

New Member
Thread author
Verified
Jan 29, 2014
16
here are the logs. Should I run fix or clean up now?
 

Attachments

  • OTL.Txt
    189.4 KB · Views: 68
  • Extras.Txt
    75.7 KB · Views: 54
kuttus

kuttus

Level 2
Verified
Oct 5, 2012
2,697
Please check what is this program is for

[WhatPulse] C:\Program Files (x86)\WhatPulse2\whatpulse.exe

Are you using this on?


STEP 2: Run the below OTL fix
  1. Start OTL.exe
  2. Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

    Code: 
    :OTL
[2014/01/10 06:48:58 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\OWNER\AppData\Roaming\mozilla\Firefox\Profiles\ooej3oam.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2014/01/18 23:00:04 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\OWNER\AppData\Roaming\mozilla\firefox\profiles\ooej3oam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/12/20 10:54:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\OWNER\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll



:commands
[emptytemp]
[reboot]


    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  3. Then click the Run Fix button at the top
  4. Let the program run unhindered, reboot when it is done
  5. Attach the new log produced by OTL (C:\_OTL)
 
Last edited:
A

angryone

New Member
Thread author
Verified
Jan 29, 2014
16
what pulse is a sociological program that tracks your computer usage i gave it permission to be on my computer from a reliable source. do you seriosly consider it a threat?also when i tried to up load the log this happened.
 

Attachments

  • logerror.png
    logerror.png
    82.9 KB · Views: 130
Last edited:
A

angryone

New Member
Thread author
Verified
Jan 29, 2014
16
All processes killed
========== OTL ==========
C:\Users\OWNER\AppData\Roaming\mozilla\Firefox\Profiles\ooej3oam.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content folder moved successfully.
C:\Users\OWNER\AppData\Roaming\mozilla\Firefox\Profiles\ooej3oam.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome folder moved successfully.
C:\Users\OWNER\AppData\Roaming\mozilla\Firefox\Profiles\ooej3oam.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} folder moved successfully.
C:\Users\OWNER\AppData\Roaming\mozilla\firefox\profiles\ooej3oam.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
File C:\Users\OWNER\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll not found.
C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: OWNER
->Temp folder emptied: 1996958 bytes
->Temporary Internet Files folder emptied: 4680573 bytes
->Java cache emptied: 65692 bytes
->FireFox cache emptied: 4790461 bytes
->Google Chrome cache emptied: 210463104 bytes
->Flash cache emptied: 57764 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 19841976 bytes
RecycleBin emptied: 32926 bytes

Total Files Cleaned = 231.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01302014_170757
 
A

angryone

New Member
Thread author
Verified
Jan 29, 2014
16
i think its dead now but the symptoms only left after i followed a seperate guide so i dont know if its gone for good but if it comes back ill be sure to come back here because you are tenacios at tryying to fix my computer. any post infection tips would be appreciated thanks for all your help:) ohh as for the fix.
go to your extensions activate dev tools look at the file address for the extension enter windows explorer use the organize tab to reveal hidden files and folders follow file address and terminate with extreme prejudice. well i haven't slept in three days so good night internet.
 

Similar threads

Shadowkitt10
  • Locked
Browser Keeps Changing to Bing or Yahoo Despite Default Browser Being Different
Replies
5
Views
858
Windows Malware Removal Help & Support
nasdaq
nasdaq
ebocious
    • Like
Advanced Plus Security Ebocious's Yoga 6 Security Config
Replies
18
Views
1,243
PC Setup Configuration Help & Showcase
ebocious
ebocious
W
    • Thanks
  • Locked
Bizzare incident with suspected malware
Replies
2
Views
739
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top