acesup

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

0 Neutral

About acesup

  • Rank
    Member
  1. Hi BWIN is not malicious. I have been using it for many years as have many people I know. 100% no problem. Yes I see what you are saying, and after running rouge killer it obviously hasn't helped the problem. There's certain web pages that must trigger the redirects. Some pages load fine without any re-directs than others go crazy and about 10 different URLs are visited... Any thoughts on how to proceed? Think it's something in the router?
  2. Hi I apologise I did not run this as you instructed, because I've been constantly working and can't afford the time atm to disconnect everything and then wait a cpl of hours while it runs. However I did run it whilst using the PC and wanted to post the results because they seemed quite alarming to me! It directed me to this page and mentioned PUM http://www.adlice.com/remove-pum/ Please advise ! THANKS!! RogueKiller V12.6.3.0 (x64) [sep 19 2016] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.14393) 64 bits version Started in : Normal mode User : Kelvin Beattie [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Mode : Scan -- Date : 09/27/2016 17:00:00 (Duration : 01:24:21) ¤¤¤ Processes : 1 ¤¤¤ [VT.Unknown] bwincom.exe(19356) -- C:\Programs\bwincom\bwincom.exe[7] -> Found ¤¤¤ Registry : 2 ¤¤¤ [PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3299114979-1869389477-86646056-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.dell.com -> Found [PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3299114979-1869389477-86646056-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.dell.com -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Not loaded [0x20]) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: ST1000DM ST1000DM003-1CH1 SCSI Disk Device +++++ --- User --- [MBR] 703a1b5c65a9f0e70a727276529bb8e8 [bSP] e3c92e5853805101f084f1330c26c6c2 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953316 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952598016 | Size: 450 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: WDC WD40EZRX-00SPEB0 SCSI Disk Device +++++ --- User --- [MBR] de496a602de0bb7323c1bb50695923e0 [bSP] 91c2c06436784351e2b16a77860a620b : Empty|VT.Unknown MBR Code Partition table: 0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB 1 - Basic data partition | Offset (sectors): 264192 | Size: 3815318 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: I-O DATA HDCL-UT USB Device +++++ --- User --- [MBR] 7924a9d7342dbfb560d6104b4ffed6fa [bSP] 08cdf90f09d3efa6799a1ac9d4f8d258 : Empty|VT.Unknown MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953866 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive3: Generic- SD/MMC USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive4: Generic- Compact Flash USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive5: Generic- SM/xD-Picture USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive6: Generic- MS/MS-Pro USB Device +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. )
  3. Didn't have time to run RougueKiller today it seemed like the scan would take a while will do it tomorrow. I ran adwcleaner today it found no threats. Thanks again for your assistance.
  4. I tried the steps you mentioned and it did not work. JRT results. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.8 (09.20.2016) Operating System: Windows 10 Home x64 Ran by Kelvin Beattie (Administrator) on Sun 09/25/2016 at 18:02:33.15 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 09/25/2016 at 18:03:47.34 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  5. Also 1 more question, would purchasing a new router be a chance of fixing this at all? Because it just seems very odd that a new HD, fresh install of DELL setup and Windows 10 is having the exact same problem instantly? I've been reseaching a bit about routers and it does seem possible threats can get in there....?
  6. HI Cecilia, thanks. I tried running ESET but it keeps crashing near the end of the search after it says 1 threat found. I shall keep trying it, for now (takes approx 1 hour to complete). For now here are the FRST results. Thanks again I appreciate the assistance with this. Addition.txt FRST.txt
  7. This virus caused a fatality. It was locking up my PC and so I was unfortunately getting in the habit of turning the PC off by the switch and not shutting down correctly. This lead to my main HD failing and it's been sent away to a special team to see if anything can be salvaged. It had a lot of my work and personal stuff on it. Including baby photos. This virus is literally ruining my life. I doubt I will even be able to afford the recovery if they can recover it, since it will cost upward of $1000. So I get the new HD in, and feeling miserable because lost all my data but then a little ray of sun shines as I realize at least that virus will be gone thank god! So after noticing fast boot times and great PC speed with my new HD today things start slowing down. then i open chrome and BAM - double click, zedo redirects right back to where it started! I have not downloaded anything suspicious. Could it be in the router? How common is something getting into the router? The only other thing I can think of is something on my other drive which i call Z is hidden in there. I also keep some personal stuff on there and thanks fully had a little bit of work stuff backed up in there too. Also I did download The Journal 7 yesterday and Winamax Poker today (just un-installed the later)... For now, I'm running ESET.
  8. Here they are :,( Thank you!! FRST.txt Addition.txt
  9. Here is the file you requested to move forward with the issue last time. Thanks again! AdwCleanerS21.txt
  10. OMG it's back! Was gone for a day after we swatted it last time. I deleted skype it's not making any difference. And it doesn't appear in the folder where I thought I had located it previously (chrome extensions). It was actually on the second PC on the network a cpl of weeks ago btw. After running JRT and ADWcleaner it removed it (came up with the same adwarebp type threats and removing them completely fixed the problem). This is what it says when I run adwcleaner (after delete and reboot and after scan). What steps should I try next? Malware Bytes and AVG never seem to pick-up issues like this unfortunately :,,(
  11. Just incredible! After deleting the file you mentioned for the first time in a month when I run AdwCleaner it reports no threats! Thanks so much for your assistance with this, I really appreciate you taking the time to provide the level service you have it's helped me out so much. BIG LAVASOFT FAN
  12. I really think you've nailed it. The file you mention was installed a month ago when the problems started again. This does not show up in the extensions. And the Chrome Cleaner didn't pick it up either. I went into the actual folder manually and deleted it... I'll run cleaners again and let you know the result.
  13. Thanks for that I ran the fix you said. So I had the same problem about 18 months ago and ran adwcleaner and JunkRemovalTool and it fixed it It came back a cpl of times and I didn't know why, then I realized it seemed to be whenever I connected my iPhone it would come back. I'm really strict with my PC because I use it for all my work by I did check a couple of unsavoury websites on my iPhone and I'm sure that has some sort of malware/trojan/virus. It's possible the 2 aren't related I guess since it doesn't seem to be an issue that has come up frequently, but I felt they were. Especially since last time my iPhone was connected (a cpl of weeks ago) the virus came back. However this time I can't seem to get rid of it. I heard sometimes these problems can be nested in the router so I reset that but had no luck. When I run chrome I can see redirects constantly shooting off in the url message window although the pages I'm viewing are unaffected. Also it only seems to happen at certain websites. Like youtube gets it quite bad and it gets to the point where videos get so bogged down they won't load and gradually things get worse to the point where I can't even type text in the search box (typing just stops working). The PC gets so slow after around 5 hours work that I need to restart it I've been using those poker programs for years they are a way of life for me. Although AmericasCardRoom I did only start using around 5 months ago. This is a program used by millions around the world though I'd be surprised if that could cause an issue? The rediects are things like adserver, doubleclick something, zedo etc. I didn't notice Edge (Explorer) doing it but I'm sure it was because youtube started slowing down to a halt last time I used it and become unusable. My PC is generally really fast otherwise. Any advice? Thanks very much for your assistance.
  14. Hi I am having the same issue. Everytime I delete then reboot the adaawarebp.exe appears and when I scan it's detected as a virus. Could someone pls possibly help me? Here are the frst.txt and addition.txt files. Specifically adwcleaner keeps finding an issue with these files and since they have popped up on my PC (see below screen print). I'm getting these doubleclick and zedo redirects endlessly from browsers because of this. Happened once before but using the JRT and adwcleaner fixed it. I'm using malware antibytes and Lavasoft virus protection but they don't seem to pick them up. FRST.txt Addition.txt