xavi1000 0 Report post Posted September 17, 2014 (edited) Hi there, I have Ad-Aware pro security and it is unable to detect Snap.do - Safe Finder (yahoo). In regard of DDS -> "DDS is not meant to run in Compatibility Mode. This program shall now exit. Any help is welcomed. Edited September 17, 2014 by xavi1000 Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 17, 2014 Hi xavi1000, I guess that you have Windows 8.x and then you need to use FRST instead of DDS: Please, download Farbar Recovery Scan Tool (FRST) and save it on the desktop: For 64 bits Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe For 32 bits Windows: http://download.bleepingcomputer.com/farbar/FRST.exe Start the FRST program. Read the disclaimer and click Yes to accept it. Click Scan button. When done, FRST will create two log files, called FRST.txt and Addition.txt, on the desktop. Please, attach them to your reply (press More Reply Options button to see how to attach files). Share this post Link to post Share on other sites
xavi1000 0 Report post Posted September 18, 2014 Hi Cecilia, You are right. I´m using (unfortunately) Windows 8 Find enclosed the two files. Looking forward your feedback. Addition.txt FRST.txt Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 18, 2014 Hi xavi1000, 1. Please, uninstall or update "Java 7 Update 65" since it's an old version with knows vulnerabilities that can be exploited by a web page to infect the computer. 2. Please, save AdwCleaner by Xplode on the desktop: https://toolslib.net/downloads/viewdownload/1-adwcleaner/ Turn off all programs, including browsers. Double-click on AdwCleaner to start the program. Click on the Scan button. Wait until the search has finished. Click on the Report button. A report will be displayed, copy its content and paste into your answer. If the report isn't displayed, it exist as C:\AdwCleaner[R#].txt, where # is an ordinal number. Share this post Link to post Share on other sites
xavi1000 0 Report post Posted September 20, 2014 # AdwCleaner v3.310 - Reporte Creado 20/09/2014 en 12:04:59 # Actualizado 12/09/2014 por Xplode # Sistema Operativo : Windows 8.1 (64 bits) # Nombre de usuario : Xavi - XAVI # Ejecutado desde : C:\Users\Xavi\Desktop\adwcleaner_3.310.exe # Opción : Escanear ***** [ Servicios ] ***** ***** [ Archivos / Carpetas ] ***** Archivo Encontrado : C:\END Archivo Encontrado : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml Archivo Encontrado : C:\Users\Xavi\AppData\Local\AnyProtectScannerSetup.exe Archivo Encontrado : C:\Users\Xavi\AppData\Roaming\aps.uninstall.scan.results Archivo Encontrado : C:\Users\Xavi\AppData\Roaming\Mozilla\Firefox\Profiles\hkvvf9re.default\searchplugins\default-search.xml Archivo Encontrado : C:\Users\Xavi\AppData\Roaming\Mozilla\Firefox\Profiles\hkvvf9re.default\searchplugins\trovi-search.xml Archivo Encontrado : C:\Users\Xavi\AppData\Roaming\Mozilla\Firefox\Profiles\hkvvf9re.default\searchplugins\Web Search.xml Archivo Encontrado : C:\Users\Xavi\AppData\Roaming\Mozilla\Firefox\Profiles\hkvvf9re.default\user.js Carpeta Encontrado : C:\Program Files (x86)\globalUpdate Carpeta Encontrado : C:\Program Files (x86)\MyPC Backup Carpeta Encontrado : C:\Program Files (x86)\predm Carpeta Encontrado : C:\Program Files (x86)\SupTab Carpeta Encontrado : C:\Program Files (x86)\Uniblue Carpeta Encontrado : C:\Program Files (x86)\Uniblue\SpeedUpMyPC Carpeta Encontrado : C:\Program Files\PCDApp Carpeta Encontrado : C:\ProgramData\IePluginServices Carpeta Encontrado : C:\ProgramData\WindowsMangerProtect Carpeta Encontrado : C:\Users\Xavi\AppData\Local\globalUpdate Carpeta Encontrado : C:\Users\Xavi\AppData\Local\LPT Carpeta Encontrado : C:\Users\Xavi\AppData\Local\SearchProtect Carpeta Encontrado : C:\Users\Xavi\AppData\Local\Smartbar Carpeta Encontrado : C:\Users\Xavi\AppData\Local\Temp\Smartbar Carpeta Encontrado : C:\Users\Xavi\AppData\LocalLow\Smartbar Carpeta Encontrado : C:\Users\Xavi\AppData\Roaming\FirefoxToolbar Carpeta Encontrado : C:\Users\Xavi\AppData\Roaming\pdfforge Carpeta Encontrado : C:\Users\Xavi\Documents\Optimizer Pro ***** [ Tareas ] ***** Tarea Encontrado : APSnotifierPP1 Tarea Encontrado : APSnotifierPP2 Tarea Encontrado : APSnotifierPP3 ***** [ Accesos directos ] ***** ***** [ Registro ] ***** Clave Encontrado : HKCU\Software\AnyProtect Clave Encontrado : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Clave Encontrado : HKCU\Software\AppDataLow\Software\adawarebp Clave Encontrado : HKCU\Software\AppDataLow\Software\Crossrider Clave Encontrado : HKCU\Software\genesis Clave Encontrado : HKCU\Software\GlobalUpdate Clave Encontrado : HKCU\Software\InstallCore Clave Encontrado : HKCU\Software\Linkey Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Clave Encontrado : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1} Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Clave Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clave Encontrado : HKCU\Software\SmartBar Clave Encontrado : HKCU\Software\smartbarbackup Clave Encontrado : HKCU\Software\smartbarlog Clave Encontrado : HKCU\Software\Softonic Clave Encontrado : HKCU\Software\TutoTag Clave Encontrado : [x64] HKCU\Software\AnyProtect Clave Encontrado : [x64] HKCU\Software\genesis Clave Encontrado : [x64] HKCU\Software\GlobalUpdate Clave Encontrado : [x64] HKCU\Software\InstallCore Clave Encontrado : [x64] HKCU\Software\Linkey Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Clave Encontrado : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Clave Encontrado : [x64] HKCU\Software\SmartBar Clave Encontrado : [x64] HKCU\Software\smartbarbackup Clave Encontrado : [x64] HKCU\Software\smartbarlog Clave Encontrado : [x64] HKCU\Software\Softonic Clave Encontrado : [x64] HKCU\Software\TutoTag Clave Encontrado : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Clave Encontrado : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Clave Encontrado : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Clave Encontrado : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.bho Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Clave Encontrado : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Clave Encontrado : HKLM\SOFTWARE\Classes\speedupmypc Clave Encontrado : HKLM\SOFTWARE\FrEeSoFtOdAy Clave Encontrado : HKLM\SOFTWARE\GlobalUpdate Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Clave Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32 Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Clave Encontrado : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Clave Encontrado : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Clave Encontrado : HKLM\SOFTWARE\SearchProtect Clave Encontrado : HKLM\SOFTWARE\SmdmF Clave Encontrado : HKLM\SOFTWARE\SupDp Clave Encontrado : HKLM\SOFTWARE\SupTab Clave Encontrado : HKLM\SOFTWARE\supWindowsMangerProtect Clave Encontrado : HKLM\SOFTWARE\supWPM Clave Encontrado : HKLM\SOFTWARE\sweet-pageSoftware Clave Encontrado : HKLM\SOFTWARE\Tutorials Clave Encontrado : HKLM\SOFTWARE\Uniblue Clave Encontrado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices Clave Encontrado : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Clave Encontrado : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Clave Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Valor Encontrado : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [browser Infrastructure Helper] Valor Encontrado : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Valor Encontrado : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [ Navegadores ] ***** -\\ Internet Explorer v11.0.9600.17278 -\\ Mozilla Firefox v31.0 (x86 es-ES) [ Archivo : C:\Users\Xavi\AppData\Roaming\Mozilla\Firefox\Profiles\hkvvf9re.default\prefs.js ] Linea encontrada : user_pref("browser.search.order.1", "default-search.net"); Linea encontrada : user_pref("extensions.crossrider.bic", "143af5e27d13be5fa9666e6b623b97bb"); Linea encontrada : user_pref("extensions.helperbar.DockingPositionDown", false); Linea encontrada : user_pref("extensions.helperbar.SmartbarDisabled", false); Linea encontrada : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Linea encontrada : user_pref("extensions.helperbar.Visibility", false); Linea encontrada : user_pref("extensions.helperbar.backPageCapacity", 3); Linea encontrada : user_pref("extensions.helperbar.backPageCounter", 0); Linea encontrada : user_pref("extensions.helperbar.backPageDay", 5); Linea encontrada : user_pref("extensions.helperbar.backPageLastEvent", "1404371943350"); Linea encontrada : user_pref("extensions.helperbar.backPageMinInterval", 15); Linea encontrada : user_pref("extensions.helperbar.barcodeid", "144083"); Linea encontrada : user_pref("extensions.helperbar.countryiso", "be"); Linea encontrada : user_pref("extensions.helperbar.downloadprovider", "snapdott"); Linea encontrada : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\",\\\".search.yahoo.com\\\\\\/yhs\\\\\\/search?hspart=lkry\\\",\\\"www.only-apart[...] Linea encontrada : user_pref("extensions.helperbar.fromautoupdate", "false"); Linea encontrada : user_pref("extensions.helperbar.installationid", "fd408255-140c-753b-3e4a-a3283738f1cf"); Linea encontrada : user_pref("extensions.helperbar.installdate", "05/07/2014"); Linea encontrada : user_pref("extensions.helperbar.keepAliveLastevent", "1404544741"); Linea encontrada : user_pref("extensions.helperbar.lastExternalJsUpdate", "1406469767192"); Linea encontrada : user_pref("extensions.helperbar.publisher", "snapdott"); -\\ Google Chrome v37.0.2062.120 [ Archivo : C:\Users\Xavi\AppData\Local\Google\Chrome\User Data\Default\preferences ] Encontrado [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Encontrado [Extension] : bopakagnckmlgajfccecajhnimjiiedh Encontrado [Extension] : flpcjncodpafbgdpnkljologafpionhb ************************* AdwCleaner[R0].txt - [13795 octets] - [20/09/2014 12:04:59] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13856 octets] ########## Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted September 20, 2014 1. Please, turn off all programs, including browsers. Double-click on AdwCleaner to start the program. Click on the Scan button. Wait until the search has finished. Click on the Clean button. Click on OK. Click on OK on any message that pops up. The computer will be restarted, if it isn't done automatically please do it yourself. A report will be displayed, copy its content and paste into your answer. If the report isn't displayed, it exist as C:\AdwCleaner[s#].txt, where # is an ordinal number. 2. Run FRST again and attach the new FRST.txt (no Addition.txt this time), please. 3. Please, do a full scan with Ad-Aware. Is anything found? 4. Run an online scan with Eset http://www.eset.com/onlinescan/ To shorten the scanning time disable your antivirus program while scanning. Select "Enable detection of potentially unwanted applications". Click "Advanced Settings" Un-check "Remove found threats" Check: "Scan Archives" "Scan for potentially unsafe applications" "Enable Anti-Stealth Technology" Click Start When the scan is finished, click on "List of found threats" and then "Export to text file". Copy the content of the text file and paste its content in your answer. Share this post Link to post Share on other sites
CeciliaB 475 Report post Posted December 10, 2014 Due to lack of feedback, this topic has been closed. If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic. Thank You ! Share this post Link to post Share on other sites