[arlywarly]

I have a Dell Inspiron 530S pc that seems to be having more and more problems. I don't know if the root of the problem is a virus or spyware, although I run daily scans on AVG free. I first noticed that when searching on Google, instead of the result opening on the same page, a new page opens with something completely different (the preferences are not set to that option). We have noticed that the same (Vimax) ad keeps appearing on some sites we go on (like this one). Some people suggested using Ad Aware, but that didn't help (although it picked up some spyware). Also Internet Explorer sometimes shuts itself when first opened.
I'm now noticing non-internet related stuff: When I put the pc to 'sleep' it doesn't work and now the most annoying thing I've discovered is the dvd rw drive doesn't work properly any more. It registers there is a dvd (-rw) in there but I cannot "open"it (I double click as usual but nothing happens) - the drive door opens and shuts okay though. I've tried clicking and dragging items into it to no avail, and sending to with no luck. When there is no disc in the drive and you double click 2 messages pop up - one saying the drive is in use and the other asking for a disc to be inserted.
Sorry to go on, but I've no idea what to do. We've had to run a system restore a couple of times but all that seemed to do was remove Ad Aware. Can anyone help?

[Spandexer]

Hi,

Sounds to me like a browser hijacker and probably other things as well.

I'd recommend you hit the Report button down at the bottom of your post and request a Moderator move you over to Malware Removal where one of those fine people with a shield next to their name can guide you through cleaning out your pc. They're very good at cleaning malware from pc's. Just be patient though, because with the volume of people needing help it may take them a little bit to get to you.

[arlywarly]

Quote:

Originally Posted by Spandexer

Hi,

Sounds to me like a browser hijacker and probably other things as well.

I'd recommend you hit the Report button down at the bottom of your post and request a Moderator move you over to Malware Removal where one of those fine people with a shield next to their name can guide you through cleaning out your pc. They're very good at cleaning malware from pc's. Just be patient though, because with the volume of people needing help it may take them a little bit to get to you.

Thanks, I'll give that a go.

[eddie5659]

Hiya

Moved you as requested


Hiya

Are you still having this problem? If so, do the following:

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.






Download and scan with SUPERAntiSpyware Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
• An icon will be created on your desktop. Double-click that icon to launch the program.
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
• Under "Configuration and Preferences", click the Preferences button.
• Click the Scanning Control tab.
• Under Scanner Options make sure the following are checked (leave all others unchecked):
  • Close browsers before scanning.
  • Scan for tracking cookies.
  • Terminate memory threats before quarantining.
• Click the "Close" button to leave the control center screen.
• Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
• On the left, make sure you check C:\Fixed Drive.
• On the right, under "Complete Scan", choose Perform Complete Scan.
• Click "Next" to start the scan. Please be patient while it scans your computer.
• After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
• Make sure everything has a checkmark next to it and click "Next".
• A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
• If asked if you want to reboot, click "Yes".
• To retrieve the removal information after reboot, launch SUPERAntispyware again.
  • Click Preferences, then click the Statistics/Logs tab.
  • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
  • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
  • Please copy and paste the Scan Log results in your next reply.
• Click Close to exit the program.

================

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2

• Double-click GooredFix.exe to run it.
• Select 1. Find Goored (no fix) by typing 1 and pressing Enter.
• A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt).

Note: Do not run Option #2 yet.

=============

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
• Doubleclick on the HJTInstall.exe icon on your desktop.
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

=============

Please include the MBAM log, SAS log, GooredLog.txt and a HijackThis log in your next reply

Regards

eddie

[arlywarly]

I'm not able to download or run any of your suggestions - the page comes up as 'Internet Explorer cannot display the webpage', or a blank page comes up. I'm not sure what to do.

[eddie5659]

Is that just for the sites I've listed above, or all sites?

If its just for the sites above, try this first:


*removed, explain in PM*

[eddie5659]

Whilst I'm waiting regarding the issue via PM, see if this works:


Download ComboFix from one of these locations:

Link 1
Link 2
Link 3


* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[eddie5659]

Also, try this:

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
• Doubleclick on the HJTInstall.exe icon on your desktop.
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

eddie