| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 135123 | 2013-09-28 09:10:00 | monstermarketplace.com virus | micky (7329) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1354490 | 2013-09-28 09:10:00 | I have monstermarketplace.com virus can tried lots of programmes but I still have it can some one advise to alter registery. | micky (7329) | ||
| 1354491 | 2013-09-28 10:04:00 | You could try this malwaretips.com Some more on google about it too. |
Driftwood (5551) | ||
| 1354492 | 2013-09-28 10:08:00 | Snap! DW got in just before me! Cheers Billy 8-{) |
Billy T (70) | ||
| 1354493 | 2013-09-28 18:52:00 | I have tried all the programs listed still can't get rid of need to do it manually, but need better instructions. | micky (7329) | ||
| 1354494 | 2013-09-28 19:11:00 | The guide shows webcake and delta. I just cleaned a PC yesterday with those (and others) on it... It wasn't hard, first I uninstalled from Control Panel - Programs and Features as you normally do. Then I ran the usual antispywares - Spybot, Malware Bytes. Cleaned up easily..... Checked with Hijackthis too...nothing.... |
pctek (84) | ||
| 1354495 | 2013-09-28 19:54:00 | Try running RKill first before running Malwarebytes or other removal tool. www.bleepingcomputer.com Description: From Bleeping Computer: RKill is a program developed at BleepingComputer.com that was originally designed for the use in our malware removal guides. It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job. So in summary, RKill just kills processes, imports a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools. Then it kills Explorer.exe so it will restart and enable some of the Registry changes. When done, RKill will then create a log listing all processes that were terminated while the program was running. Please note that this will include processes that were terminated manually by the user as well as RKill. Other than what is listed above, it does nothing else. |
blanco (11336) | ||
| 1354496 | 2013-09-28 21:59:00 | I have monstermarketplace.com virus can tried lots of programmes but I still have it can some one advise to alter registery. Please download AdwCleaner ('general-changelog-team.fr) by Xplode onto your desktop. Double click on AdwCleaner.exe to run the tool. Click on Clean. A logfile will automatically open after the scan has finished. Please post the content of that logfile with your next answer. You can find the logfile at C:\AdwCleaner[R1].txt as well. |
Pancake (6359) | ||
| 1354497 | 2013-09-29 05:26:00 | Please download AdwCleaner ('general-changelog-team.fr) by Xplode onto your desktop. Double click on AdwCleaner.exe to run the tool. Click on Clean. A logfile will automatically open after the scan has finished. Please post the content of that logfile with your next answer. You can find the logfile at C:\AdwCleaner[R1].txt as well. # AdwCleaner v3.005 - Report created 28/09/2013 at 06:18:20 # Updated 22/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Mike - MIKE-PC # Running from : C:\Users\Mike\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Users\Mike\AppData\Local\Conduit Folder Deleted : C:\Users\Mike\AppData\Local\cre Folder Deleted : C:\Users\Mike\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Mike\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\Mike\AppData\Roaming\DefaultTab File Deleted : C:\END ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedg pfiiedeimiebkmbilgmlc Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchSco pes Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DefaultTab Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\sxue391y.default-1380276774176\prefs.js ] Line Deleted : user_pref("extensions.crossrider.bic", "1416098564d1624fee665f92f6f6bfcc"); -\\ Google Chrome v [ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2102 octets] - [28/09/2013 06:17:05] AdwCleaner[S0].txt - [2017 octets] - [28/09/2013 06:18:20] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2077 octets] ########## # AdwCleaner v3.005 - Report created 29/09/2013 at 18:16:57 # Updated 22/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Mike - MIKE-PC # Running from : C:\Users\Mike\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\Program Files (x86)\Conduit Folder Deleted : C:\Program Files (x86)\DefaultTab Folder Deleted : C:\Users\Mike\AppData\Local\Temp\Conduit Folder Deleted : C:\Users\Mike\AppData\Roaming\DefaultTab ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedg pfiiedeimiebkmbilgmlc Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282698 Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ConduitFloatingPlugin_giolhomkcooifelkdfpejhidfida ahlc] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchSco pes Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DefaultTab Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v24.0 (en-US) [ File : C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\k9y96e5k.default\prefs.js ] Line Deleted : user_pref("CT3282698.FF19Solved", "true"); Line Deleted : user_pref("CT3282698.UserID", "UN11476018471904310"); Line Deleted : user_pref("CT3282698.browser.search.defaultthis.engineName", "true"); Line Deleted : user_pref("CT3282698.fullUserID", "UN11476018471904310.IN.20130926205944"); Line Deleted : user_pref("CT3282698.installDate", "26/09/2013 20:59:47"); Line Deleted : user_pref("CT3282698.installSessionId", "{403A8F6D-5A52-4945-B187-5C0FDEAF5EFE}"); Line Deleted : user_pref("CT3282698.installSp", "TRUE"); Line Deleted : user_pref("CT3282698.installerVersion", "1.7.1.4"); Line Deleted : user_pref("CT3282698.keyword", "true"); Line Deleted : user_pref("CT3282698.originalHomepage", "about:home"); Line Deleted : user_pref("CT3282698.originalSearchAddressUrl", ""); Line Deleted : user_pref("CT3282698.originalSearchEngine", ""); Line Deleted : user_pref("CT3282698.originalSearchEngineName", ""); Line Deleted : user_pref("CT3282698.searchRevert", "false"); Line Deleted : user_pref("CT3282698.searchUserMode", "2"); Line Deleted : user_pref("CT3282698.smartbar.homepage", "true"); Line Deleted : user_pref("CT3282698.versionFromInstaller", "10.20.1.8"); Line Deleted : user_pref("CT3282698.xpeMode", "0"); Line Deleted : user_pref("CT3289075.FF19Solved", "true"); Line Deleted : user_pref("CT3289075.UserID", "UN26947165251513419"); Line Deleted : user_pref("CT3289075.fullUserID", "UN26947165251513419.IN.20130922104328"); Line Deleted : user_pref("CT3289075.installDate", "22/09/2013 10:43:32"); Line Deleted : user_pref("CT3289075.installSessionId", "-1"); Line Deleted : user_pref("CT3289075.installSp", "FALSE"); Line Deleted : user_pref("CT3289075.installUsage", "24/09/2013 00:08:27"); Line Deleted : user_pref("CT3289075.installUsageEarly", "24/09/2013 00:08:27"); Line Deleted : user_pref("CT3289075.installerVersion", "1.7.0.9"); Line Deleted : user_pref("CT3289075.searchRevert", "FALSE"); Line Deleted : user_pref("CT3289075.searchUserMode", "1"); Line Deleted : user_pref("CT3289075.versionFromInstaller", "10.20.0.13"); Line Deleted : user_pref("CT3289075.xpeMode", "0"); Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", ""); Line Deleted : user_pref("browser.search.defaultenginename", "SweetTunes1 Customized Web Search"); Line Deleted : user_pref("browser.search.defaultthis.engineName", "SweetTunes1 Customized Web Search"); Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&CUI=UN11476018471904310&UM=2&SearchSource=3&q={searchTerms}"); Line Deleted : user_pref("browser.search.selectedEngine", "SweetTunes1 Customized Web Search"); Line Deleted : user_pref("extensions.crossrider.bic", "141541be5792a292c36dca66c3816a88"); Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&SearchSource=2&CUI=UN11476018471904310&UM=2&q="); Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3282698"); Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3282698&CUI=UN11476018471904310&UM=2&SearchSource=13"); Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3282698&SearchSource=2&CUI=UN11476018471904310&UM=2&q="); Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3282698"); Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3282698"); Line Deleted : user_pref("smartbar.machineId", "RXRAIB0BNZKDO5JEITG5JZ7OYF3TGHM4K/SBZEMBFQGOLGMMNK0WPWLHQVS4DATSGRQNVLB6IDSNRX8LOBLW QA"); -\\ Google Chrome v [ File : C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [7817 octets] - [28/09/2013 07:17:05] AdwCleaner[S0].txt - [7768 octets] - [28/09/2013 07:18:20] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7828 octets] ########## |
micky (7329) | ||
| 1354498 | 2013-09-29 05:36:00 | How is it know..?? | Pancake (6359) | ||
| 1354499 | 2013-09-29 05:51:00 | How is it know..?? I have Firefox running OK but I still have all crap on Chrome Cheers Mike |
micky (7329) | ||
| 1 2 | |||||