Can't remove Obrona
- Thread starter Ed_M1
- Start date
- Apr 24, 2014
- 3,395
What is meaningless?
MiniToolBox reset proxy http://www.bleepingcomputer.com/download/minitoolbox/dl/65/
AdwCleaner reset proxy
You can also manually
MiniToolBox reset proxy http://www.bleepingcomputer.com/download/minitoolbox/dl/65/
AdwCleaner reset proxy
You can also manually
- Jan 31, 2015
- 62
What is meaningless? How about a reply with just "report" in it, no instructions or explanation! Did you want me to do something? Is it still needed?
Anyway, I googled & got help to reset proxy manually--which was essential because I COULD NOT DOWNLOAD AND RUN ANYTHING until that was done. I got it done. I ran AdwWare. Things have continued to improve.
I'm still getting some re-directs, to some obviously bogus "security" sites.
What else to do?
Anyway, I googled & got help to reset proxy manually--which was essential because I COULD NOT DOWNLOAD AND RUN ANYTHING until that was done. I got it done. I ran AdwWare. Things have continued to improve.
I'm still getting some re-directs, to some obviously bogus "security" sites.
What else to do?
- Jan 31, 2015
- 62
Here's the AdwCleaner report. Is that what you wanted?
# AdwCleaner v4.109 - Report created 04/02/2015 at 05:22:54
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : emowrey1 - LAPTOP1
# Running from : C:\Users\emowrey1\Downloads\AdwCleaner(1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\emowrey1\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\emowrey1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBRONA BlockAds
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Red Sky
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\SmdmF
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:9880
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
[92iyrfuh.default-1419819414002\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.com,default-search.net,DuckDuckGo,eBay,Twitter,Wikipedia (en)");
-\\ Google Chrome v40.0.2214.94
[C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [6627 octets] - [02/04/2014 06:42:58]
AdwCleaner[R1].txt - [3480 octets] - [04/02/2015 05:19:26]
AdwCleaner[S0].txt - [5824 octets] - [02/04/2014 06:44:13]
AdwCleaner[S1].txt - [3215 octets] - [04/02/2015 05:22:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3275 octets] ##########
# AdwCleaner v4.109 - Report created 04/02/2015 at 05:22:54
# Updated 24/01/2015 by Xplode
# Database : 2015-02-03.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : emowrey1 - LAPTOP1
# Running from : C:\Users\emowrey1\Downloads\AdwCleaner(1).exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\emowrey1\AppData\Roaming\FirefoxToolbar
Folder Deleted : C:\Users\emowrey1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OBRONA BlockAds
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Deleted : C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Red Sky
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\SmdmF
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:9880
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
[92iyrfuh.default-1419819414002\prefs.js] - Line Deleted : user_pref("browser.search.hiddenOneOffs", "Yahoo,Bing,Amazon.com,default-search.net,DuckDuckGo,eBay,Twitter,Wikipedia (en)");
-\\ Google Chrome v40.0.2214.94
[C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\emowrey1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [6627 octets] - [02/04/2014 06:42:58]
AdwCleaner[R1].txt - [3480 octets] - [04/02/2015 05:19:26]
AdwCleaner[S0].txt - [5824 octets] - [02/04/2014 06:44:13]
AdwCleaner[S1].txt - [3215 octets] - [04/02/2015 05:22:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3275 octets] ##########
- Jan 31, 2015
- 62
Now, no "proxy not connect" problems. I fixed them with instructions I googled.
I use Firefox and got a couple of those re-directs a while ago. None now for a while.
What should I do if they return?
- Apr 24, 2014
- 3,395
Please download Malwarebytes Anti-Malware and save it to your desktop.
http://www.malwarebytes.org/mwb-download/var4/
- Install the progam and select update.
- Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
- Click the Scan tab, choose Threat Scan is checked and click Scan Now.
- If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
- Upon completion of the scan (or after the reboot), click the History tab.
- Click Application Logs and double-click the Scan Log.
- At the bottom click Export and choose Text file.
- Jan 31, 2015
- 62
Scan with Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware and save it to your desktop.
http://www.malwarebytes.org/mwb-download/var4/
Save the file to your desktop and include its content in your next reply.
- Install the progam and select update.
- Once updated, click the Settings tab, in the left panel choose Detection & Protection and tick Scan for rootkits.
- Click the Scan tab, choose Threat Scan is checked and click Scan Now.
- If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
- Upon completion of the scan (or after the reboot), click the History tab.
- Click Application Logs and double-click the Scan Log.
- At the bottom click Export and choose Text file.
I have attached the scan log.
- Apr 24, 2014
- 3,395
Glad we could help. We will delete all used tools.
Download DelFix by Xplode and save it to your desktop.
Tool deletes old system restore points and create a fresh system restore point after cleaning.
Download DelFix by Xplode and save it to your desktop.
- Run the tool by right click on the
icon and Run as administrator option.
- Make sure that these ones are checked:
- Remove disinfection tools
- Purge system restore
- Reset system settings
- Push Run and wait until the tool completes his work.
- All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)
Tool deletes old system restore points and create a fresh system restore point after cleaning.
- Jan 31, 2015
- 62
Glad we could help. We will delete all used tools.
Download DelFix by Xplode and save it to your desktop.
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
- Run the tool by right click on the
icon and Run as administrator option.- Make sure that these ones are checked:
- Remove disinfection tools
- Purge system restore
- Reset system settings
- Push Run and wait until the tool completes his work.
- All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt)
Tool deletes old system restore points and create a fresh system restore point after cleaning.
When I first ran DelFix my Trend Micro deleted it and then my computer froze and I had to do a cold boot. Should I do anything about that?
I disabled Trend, ran DelFix as administrator, and all seemed ok. I've attached the log.
- Jan 31, 2015
- 62
Done. It looks like most everything is working as it should. Are there any other things you recommend I do to further clean and protect my PC?
- Apr 24, 2014
- 3,395
Unchecky
http://unchecky.com/
to prevent from installing additional foistware (adware > Obrona, etc), implemented in legitimate installations.
http://unchecky.com/
to prevent from installing additional foistware (adware > Obrona, etc), implemented in legitimate installations.
Similar threads
