Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Followed the s.m2pup removal...still have popups
Message
<blockquote data-quote="woody328" data-source="post: 194200" data-attributes="member: 22285"><p>Below I have the reports that I have kept. I have ran avast!, tdsskiller, iexplore, hitman pro, rogue killer, JRT, and I ran the eset scan for at least 3 and 1/2 hours before I killed it. So far I have removed a good portion of the infected files, however my computer is still slow, and the browser (chrome) is still coming up with pop ups from ad click track and s.m2pup.</p><p>I have no idea where to go from here and is super frustrating.</p><p>Please help me.</p><p></p><p>RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software</p><p>mail : <a href="http://www.adlice.com/contact/" target="_blank">http://www.adlice.com/contact/</a></p><p>Feedback : <a href="http://forum.adlice.com" target="_blank">http://forum.adlice.com</a></p><p>Website : <a href="http://www.adlice.com/softwares/roguekiller/" target="_blank">http://www.adlice.com/softwares/roguekiller/</a></p><p>Blog : <a href="http://www.adlice.com" target="_blank">http://www.adlice.com</a></p><p></p><p>Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version</p><p>Started in : Safe mode with network support</p><p>User : Tyler [Admin rights]</p><p>Mode : Scan -- Date : 05/11/2014 09:21:00</p><p>| ARK || FAK || MBR |</p><p></p><p>¤¤¤ Bad processes : 0 ¤¤¤</p><p></p><p>¤¤¤ Registry Entries : 6 ¤¤¤</p><p>[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND</p><p>[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND</p><p>[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND</p><p>[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND</p><p>[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND</p><p>[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND</p><p></p><p>¤¤¤ Scheduled tasks : 0 ¤¤¤</p><p></p><p>¤¤¤ Startup Entries : 0 ¤¤¤</p><p></p><p>¤¤¤ Web browsers : 0 ¤¤¤</p><p></p><p>¤¤¤ Browser Addons : 0 ¤¤¤</p><p></p><p>¤¤¤ Particular Files / Folders: ¤¤¤</p><p></p><p>¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤</p><p></p><p>¤¤¤ External Hives: ¤¤¤</p><p></p><p>¤¤¤ Infection : ¤¤¤</p><p></p><p>¤¤¤ HOSTS File: ¤¤¤</p><p>--> %SystemRoot%\System32\drivers\etc\hosts</p><p></p><p></p><p></p><p></p><p></p><p>¤¤¤ MBR Check: ¤¤¤</p><p></p><p>+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BEVT-60A0RT0 +++++</p><p>--- User ---</p><p>[MBR] 46e7a9450d2019c76816f021e845c0ef</p><p>[BSP] 1ac05a33202522a1059339c1fa85067a : Windows 7/8 MBR Code</p><p>Partition table:</p><p>0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB</p><p>1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461399 MB</p><p>2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 945354752 | Size: 15237 MB</p><p>3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB</p><p>User = LL1 ... OK!</p><p>User != LL2 ... KO!</p><p>--- LL2 ---</p><p>[MBR] 5a597428d1462f0429b025938554ea94</p><p>[BSP] 1ac05a33202522a1059339c1fa85067a : Windows 7/8 MBR Code</p><p>Partition table:</p><p>0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB</p><p>1 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 159793152 | Size: 4000 MB</p><p>2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167985152 | Size: 2000 MB</p><p>3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 172081152 | Size: 20000 MB</p><p></p><p>Finished : << RKreport[0]_S_05112014_092100.txt >></p><p>_______________________________________________________________________________</p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p>Junkware Removal Tool (JRT) by Thisisu</p><p>Version: 6.1.4 (04.06.2014:1)</p><p>OS: Windows 7 Home Premium x64</p><p>Ran by Tyler on Fri 05/09/2014 at 23:03:22.64</p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p></p><p></p><p></p><p></p><p>~~~ Services</p><p></p><p></p><p></p><p>~~~ Registry Values</p><p></p><p></p><p></p><p>~~~ Registry Keys</p><p></p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r563-n-bi_RASAPI32</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r563-n-bi_RASMANCS</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r563-n-bi_RASAPI32</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r563-n-bi_RASMANCS</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32</p><p>Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS</p><p></p><p></p><p></p><p>~~~ Files</p><p></p><p></p><p></p><p>~~~ Folders</p><p></p><p></p><p></p><p>~~~ Event Viewer Logs were cleared</p><p></p><p></p><p></p><p></p><p></p><p>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</p><p>Scan was completed on Fri 05/09/2014 at 23:31:45.95</p><p>End of JRT log</p><p>______________________________________________</p><p># AdwCleaner v3.207 - Report created 11/05/2014 at 14:14:16</p><p># Updated 05/05/2014 by Xplode</p><p># Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)</p><p># Username : Tyler - WOODCOCKFAMILY</p><p># Running from : C:\Users\Tyler\Downloads\AdwCleaner.exe</p><p># Option : Scan</p><p></p><p>***** [ Services ] *****</p><p></p><p></p><p>***** [ Files / Folders ] *****</p><p></p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p></p><p>***** [ Registry ] *****</p><p></p><p></p><p>***** [ Browsers ] *****</p><p></p><p>-\\ Internet Explorer v11.0.9600.17041</p><p></p><p></p><p>-\\ Google Chrome v34.0.1847.131</p><p></p><p>[ File : C:\Users\Nichole\AppData\Local\Google\Chrome\User Data\Default\preferences ]</p><p></p><p></p><p>[ File : C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\preferences ]</p><p></p><p></p><p>*************************</p><p></p><p>AdwCleaner[R0].txt - [6216 octets] - [09/05/2014 15:46:23]</p><p>AdwCleaner[R1].txt - [980 octets] - [11/05/2014 09:21:51]</p><p>AdwCleaner[R2].txt - [841 octets] - [11/05/2014 14:14:16]</p><p>AdwCleaner[S0].txt - [6143 octets] - [09/05/2014 15:48:09]</p><p>AdwCleaner[S1].txt - [1040 octets] - [11/05/2014 09:22:48]</p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1020 octets] ##########</p></blockquote><p></p>
[QUOTE="woody328, post: 194200, member: 22285"] Below I have the reports that I have kept. I have ran avast!, tdsskiller, iexplore, hitman pro, rogue killer, JRT, and I ran the eset scan for at least 3 and 1/2 hours before I killed it. So far I have removed a good portion of the infected files, however my computer is still slow, and the browser (chrome) is still coming up with pop ups from ad click track and s.m2pup. I have no idea where to go from here and is super frustrating. Please help me. RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software mail : [url]http://www.adlice.com/contact/[/url] Feedback : [url]http://forum.adlice.com[/url] Website : [url]http://www.adlice.com/softwares/roguekiller/[/url] Blog : [url]http://www.adlice.com[/url] Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Safe mode with network support User : Tyler [Admin rights] Mode : Scan -- Date : 05/11/2014 09:21:00 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤ [HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BEVT-60A0RT0 +++++ --- User --- [MBR] 46e7a9450d2019c76816f021e845c0ef [BSP] 1ac05a33202522a1059339c1fa85067a : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461399 MB 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 945354752 | Size: 15237 MB 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 976560128 | Size: 103 MB User = LL1 ... OK! User != LL2 ... KO! --- LL2 --- [MBR] 5a597428d1462f0429b025938554ea94 [BSP] 1ac05a33202522a1059339c1fa85067a : Windows 7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 MB 1 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 159793152 | Size: 4000 MB 2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167985152 | Size: 2000 MB 3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 172081152 | Size: 20000 MB Finished : << RKreport[0]_S_05112014_092100.txt >> _______________________________________________________________________________ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Tyler on Fri 05/09/2014 at 23:03:22.64 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r563-n-bi_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetup-r563-n-bi_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r563-n-bi_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetup-r563-n-bi_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 05/09/2014 at 23:31:45.95 End of JRT log ______________________________________________ # AdwCleaner v3.207 - Report created 11/05/2014 at 14:14:16 # Updated 05/05/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Tyler - WOODCOCKFAMILY # Running from : C:\Users\Tyler\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Google Chrome v34.0.1847.131 [ File : C:\Users\Nichole\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [6216 octets] - [09/05/2014 15:46:23] AdwCleaner[R1].txt - [980 octets] - [11/05/2014 09:21:51] AdwCleaner[R2].txt - [841 octets] - [11/05/2014 14:14:16] AdwCleaner[S0].txt - [6143 octets] - [09/05/2014 15:48:09] AdwCleaner[S1].txt - [1040 octets] - [11/05/2014 09:22:48] ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1020 octets] ########## [/QUOTE]
Insert quotes…
Verification
Post reply
Top