malwarebytes not finding malware, issues with running scan and bluescreen

[Gbaby614]

ok, i am about to do all that now, but i had ccleaner before and i know it deletes everything..is it going to delete my saved pw's and my pics that are in my webcam that is not currently working.. as the file is in a quarantine.. fiery was going to show me how to get it working and we found that i have a virus from the combofix... i thought we were removing that first before anything else.. i dont want it to delete the pw's bc i have some sites that just sign right in bc they are saved. also, i have deleted all my browsing history and temp internet files in firefox and i am still getting popups which seems to be from a browser hijacker type popup..

 

[Gbaby614]

Im worried that we are skipping to cleaning out junk files when I still have this virus on here, ESET found it on the desktop and i put it in the recyle bin, but have not emptied it as im waiting on direction to do so... I need to know the virus from the combofix u guys had me to dl is gone.. then i need to get my programs working correctly.. after all malware is gone.. then i should do this cleaning files up part right?? If there is another reason u are asking me to do this first pls state so, I just am wondering if this is something that can be put off in case I have extra stuff that may need deleted after ridding the virses

 

[Gbaby614]

Im still waiting on a reply before i continue with these actions, IDO NOT SEE ALL THE OPTIONS YOU CHECKED ON THE CCLEANER, AND YOU DIDNT SAY ANYTHING ABOUT UNCHECKING THE APPLICATIONS OPTIONS AS THEY ARE ALL CHECKMARKED AND I DO NOT WANT IT TO DELETE ALL MY PROGRAMS, AS I HAVE KNOWN CCLEANER TO DO, SHOULD I UNCHECK THE CHECK MARKS ON THE ONES CHECKED ON THE APPLICATIONS OR WILL IT NOT DELETE THEM???? I DO NOT WANT TO CONTINUE UNTIL YOU ANSWER ME, IF YOU ARE BUSY CAN YOU PLEASE GET SOMEONE TO HELP ME????? I am missing the IE options cached feeds and add-on statistics... and there are others missing OR listed that you do not have on your screen... I am using VISTA not Windows7 or XP......... also there is an advanced section listed that you did not mention which to check or uncheck...... and not sure about what is in the "options" button as I do not want to continue without advise.

 

[Gbaby614]

here is what i see.........

 

[Gbaby614]

also not showing on the applications thumbnail i sent u was the options to check applications: internet history, cookies, download history, session, site preferences, saved form information, saved passwords, compact databases....

 

[kuttus]

Sorry for the Late Replay.... Please don't run the CCleaner now then..


Please let me know are you getting this pop ups in Mozilla Firefox only? Or are you getting it in Internet Explorer also?

 

[Gbaby614]

so far just in firefox that i notice, i have copied some of them to a notepad, these are a few...
http://www.iminent.com/LandingDirect/367/texteffects?refid=367&SourceId=355&CreativeId=17690425&LineItemId=5974234&PublisherId=730044&SectionId=304183587&ym=00004fdfad60130e94c83a635a7869065c233

http://nym1.ib.adnxs.com/pop?enc=s14M5UQ78T-zXgzlRDvxPwAAAAAAAPA_s14M5UQ78T-zXgzlRDvxP3MQLcqGhudf8qc8AyIEkFDMvAVRAAAAAPRnDQAdAgAAHQIAAAIAAAACK0gAlEECAAAAAQBVU0QAVVNEANACLAEHBAAAqV8AAgQCAQUAAIQA7R85eAAAAAA.&cnd=!FCHCBAjk_jgQgtagAhgAIJSDCTADOIeICEAESJ0EUPTPNVgAYLoCaABwAHgAgAEAiAEAkAEBmAEBoAEKqAEAsAEAuQEpulpbRTvxP8EBKbpaW0U78T_JARUB2CliHfM_2QEAAAAAAADwP-ABhIsC&udj=uf%28%27a%27%2C+33304%2C+1359330508%29%3Buf%28%27r%27%2C+4729602%2C+1359330508%29%3B&ccd=!iQW8NAjk_jgQgtagAhiUgwkgBA..&vpid=45&apid=117225&creative_click=http%3A%2F%2F5bd2b-thss72qcx1ohv25n9u5r.hop.clickbank.net%2F%3Ftid%3DCPXEARTH&dlo=1

http://nym1.ib.adnxs.com/pop?enc=pDSbx2Gw6z-kNJvHYbDrPwAAAAAAAPA_pDSbx2Gw6z-kNJvHYbDrP0YKu5HvRMk98qc8AyIEkFB_3AVRAAAAAPRnDQAdAgAAHQIAAAIAAAADykMAlEECAAAAAQBVU0QAVVNEANACLAEHBAAATlYAAgQCAQUAAIQAECNdzgAAAAA.&cnd=!bSeswQjJ8zEQg5SPAhgAIJSDCTADOIeICEAESJ0EUPTPNVgAYLoCaABwAHgAgAEEiAH4C5ABAZgBAaABCqgBALABALkB8xOszmKw6z_BAfMTrM5isOs_yQHy5b5d65HuP9kBAAAAAAAA8D_gAaSBAg..&udj=uf%28%27a%27%2C+81804%2C+1359338623%29%3Buf%28%27r%27%2C+4442627%2C+1359338623%29%3B&ccd=!CgWPLwjJ8zEQg5SPAhiUgwkgBA..&vpid=45&apid=115778&creative_click=http%3A%2F%2Ftracktrk.net%2F%3Fa%3D362%26c%3D5010%26s1%3D&dlo=1

http://www.playwartune.com/a?entrypt=wt-aff_iqu---@73--iqu-6125--subid3

http://nym1.ib.adnxs.com/pop?enc=mPp5U5GK6j-Y-nlTkYrqPwAAAAAAAPA_mPp5U5GK6j-Y-nlTkYrqP6TB7zFLQ-MZ8qc8AyIEkFCcCQZRAAAAAPRnDQAdAgAAHQIAAAIAAACuy0MAlEECAAAAAQBVU0QAVVNEAOcD5wMHBAAARmAAAgQCAQUAAIQAzCSfOwAAAAA.&cnd=!sCMBGQiw8TEQrpePAhgAIJSDCTADOIeICEAESJ0EUPTPNVgAYLoCaABwAHgAgAEAiAEAkAEBmAEBoAEKqAEAsAEAuQHeYuamkYrqP8EB3mLmppGK6j_JAYpCOxJxj_k_2QEAAAAAAADwP-ABAA..&udj=uf%28%27a%27%2C+22256%2C+1359350172%29%3Buf%28%27r%27%2C+4443054%2C+1359350172%29%3Bppv%2815630%2C+%271865408660900921764%27%2C+1359350172%2C+1361942172%2C+817328%2C+147860%2C+0%2C+4%2C+10368000%29%3B&ccd=!HQXgLwiw8TEQrpePAhiUgwkgBA..&vpid=45&apid=115778&dlo=1

https://www.pirate101.com/play_free?utm_campaign=disp_motive&utm_source=mint.61496&utm_medium=display&utm_content=p101playfreeLP

 

[kuttus]

Okay....

Please do one thing go to the location C:\WINDOWS\system32\drivers\etc

there you can see one file called hosts Normally it will be a 1KB file. Delete that one and restart the computer. After that check if you are getting this pop ups in Firefox...

Same time are you getting any Advertisements bottom corners of your browser when you visit all website...?

 

[Gbaby614]

this one just popped up as well
http://www.asianbeauties.com/

 

[Gbaby614]

whatever it is, its a redirect page, a new tab always opens and sometimes a new window pops up.. so it may be a cpl different things..

 

[Gbaby614]

I just searched 1 issue that caused adds and it is an add-on...WOT a firefox matenience service i think it is in my progs.. but it is not what is causing all the popups just maybe a few.. i was getting them b4 i had that, and i dont mind removing it, just need to verify that an issue b4 i do, then find the main reason. it is late tho, i have not heard back from you so pls leave any advice and i will follw it when i wake up.. thanks and gn

 

[kuttus]

Do you try the TDSSKiller Steps I have given before?

Please try this also...

Okay....

Please do one thing go to the location C:\WINDOWS\system32\drivers\etc

there you can see one file called hosts Normally it will be a 1KB file. Delete that one and restart the computer. After that check if you are getting this pop ups in Firefox...

Same time are you getting any Advertisements bottom corners of your browser when you visit all website...?

 

[Gbaby614]

i will be doing the TDSSkiller now, but i just deleted the host file and im going to restart the pc, there was also a file called lmhosts.sam what is that? should i leave it or delete it too?

 

[Gbaby614]

i also just removed the firefox matenience service.. so we will see

 

[Gbaby614]

Do you try the TDSSKiller Steps I have given before?

Please try this also...

Okay....

Please do one thing go to the location C:\WINDOWS\system32\drivers\etc

there you can see one file called hosts Normally it will be a 1KB file. Delete that one and restart the computer. After that check if you are getting this pop ups in Firefox...

Same time are you getting any Advertisements bottom corners of your browser when you visit all website...?

Here is the results:

 

[Gbaby614]

thee was another.. i think i loaded the modules on this one

 

[kuttus]

Hi,

Just leave the file lmhosts.sam. Delete only hosts... Now restart the computer and check how's Firefox working now...

 

[Fiery]

Hi there,

I'm back, feeling better now. Let's continue where we left off.

Open OTL. Under custom scan/fixes, copy and paste the following:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{251E6002-154D-42BD-BCE2-460628EE3FA7}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
[2013/01/02 10:44:19 | 000,000,000 | ---D | M] (SelectionLinks) -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\plugin@selectionlinks.com
[2013/01/30 12:05:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\staged
FF - prefs.js..extensions.enabledAddons: plugin%40selectionlinks.com:1.5
[2013/01/18 18:09:12 | 000,000,000 | ---D | M] (BasicSeek) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{40D65E82-75AC-47CA-8A73-1CEDC2668EFF}
O2 - BHO: (no name) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.

:Files
C:\Users\Michelle\AppData\Local\visi_coupon
ipconfig /flushdns /c

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.

Let me know how your PC is running and list the issues that you are still experiencing.

 

[Gbaby614]

Hi there,

I'm back, feeling better now. Let's continue where we left off.

Open OTL. Under custom scan/fixes, copy and paste the following:

:OTL
IE:64bit: - HKLM\..\SearchScopes\{251E6002-154D-42BD-BCE2-460628EE3FA7}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
[2013/01/02 10:44:19 | 000,000,000 | ---D | M] (SelectionLinks) -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\plugin@selectionlinks.com
[2013/01/30 12:05:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\2v64zce3.default\extensions\staged
FF - prefs.js..extensions.enabledAddons: plugin%40selectionlinks.com:1.5
[2013/01/18 18:09:12 | 000,000,000 | ---D | M] (BasicSeek) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{40D65E82-75AC-47CA-8A73-1CEDC2668EFF}
O2 - BHO: (no name) - {300BEC06-B743-4D19-86B9-11DC711D7FFB} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.

:Files
C:\Users\Michelle\AppData\Local\visi_coupon
ipconfig /flushdns /c

:Commands
[EMPTYTEMP]
[RESETHOSTS]

Then click Run Fix. Let your PC reboot to normal mode. A new log will be created automatically, post the content in the next reply.

Let me know how your PC is running and list the issues that you are still experiencing.

okay I will do this but Kuttus was giving me advice to delete hosts file and reply w results, I AM STILL GETTING POPUP SCREENS AND TABS OPENING and right now on firefox in the bottom left corner is a little window type box that says: (NaN) Security Alerts found. View Now-Close. I will wait for a reply before doing the above just in case u need me to view those alerts as I have not yet done so...

---

Glad you are feeling better, I wasn't feeling well earlier but I'm ready to fix this, lol. Welcome back }

 

[Fiery]

Hope you'll feel better soon! Welcome back.

The fix above includes the deletion of the host file. Try the fix above and see if you are still getting pop-ups after.