Hi, i am getting constant alerts for clickered.com. how can i stop this please?
here are the 2 logs generated from FRST
Thanks
Hi Chris93,
If able, please run and attach these two programs: Malwarebytes Anti-Malware (MBAM) and aswMBR.exe
→ https://forum.avast.com/index.php?topic=53253.0
A certified malware expert will be contacted for you once these logs are attached.
Hi, thanks. the files are attached…
Let me know if this clears it
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe HKLM-x32\...\Run: [] => [X] SearchScopes: HKCU - URL http://search.conduit.com/Results.aspx?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP4ECC96D4-64C1-4430-9E54-F80DDFF023FD&q={searchTerms}&SSPV= SearchScopes: HKCU - SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} SearchScopes: HKCU - {2C4E9946-FF70-45EC-BA9B-8590C8393E7B} URL = http://www.buenosearch.com/?babsrc=SP_kms&affID=128518&tt=&mntrid=741F00FF3094E40C&tsp=5344&q={searchTerms}&r=527 2014-09-01 10:32 - 2014-09-01 10:31 - 05185536 _____ (AVAST Software) C:\Users\Chris\Desktop\aswmbr.exe 2014-09-01 10:31 - 2014-09-01 10:31 - 05185536 _____ (AVAST Software) C:\Users\Chris\Downloads\aswmbr.exe 2014-08-31 21:23 - 2014-08-31 21:24 - 00000000 ____D () C:\Users\Public\70BD88F2B9C94CAB808F0DB189A0F806 2014-08-31 21:23 - 2014-08-31 21:24 - 00000000 ____D () C:\Users\Chris\AppData\Local\Idle~_~Crawler 2014-08-31 21:23 - 2014-08-31 21:23 - 00004592 _____ () C:\Windows\System32\Tasks\Idle~_~Crawler Runner 2014-08-18 09:36 - 2014-08-18 09:36 - 00000000 ____D () C:\Program Files (x86)\predm 2014-08-18 09:26 - 2014-08-18 09:26 - 00000000 ____D () C:\Users\Chris\Documents\Optimizer Pro 2014-08-18 09:21 - 2014-08-18 09:21 - 00004032 _____ () C:\Windows\System32\Tasks\LaunchSignup 2014-08-18 09:21 - 2014-07-30 20:45 - 04816384 _____ () C:\Windows\score.exe 2014-08-18 09:20 - 2014-08-18 09:20 - 00000000 _____ () C:\END 2014-09-01 10:09 - 2014-02-26 18:09 - 00000316 _____ () C:\Windows\Tasks\SaveSense.job 2014-09-01 08:42 - 2014-08-19 23:13 - 00000000 ____D () C:\Users\Chris\AppData\Roaming\VOPackage 2014-09-01 08:42 - 2014-08-18 10:43 - 00000000 ____D () C:\ProgramData\DSearchLink 2014-09-01 08:42 - 2014-08-18 10:28 - 00000000 ____D () C:\Users\Public\35E9EDF930224B22B13B8AC8AD779456 2014-09-01 08:42 - 2014-01-04 15:09 - 00000000 ____D () C:\Users\Chris\AppData\Local\genienext Task: {08AA8447-4B47-473A-8EDC-1EA21B110E58} - System32\Tasks\Microsoft\Windows\Maintenance\Idle~_~Crawler Update => %LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe <==== ATTENTION Task: {3BD00344-82FE-4115-ACB0-597E49C801A7} - \SaveSense No Task File <==== ATTENTION Task: {94E3AE95-83D0-4322-9B27-614B8F00763F} - System32\Tasks\Idle~_~Crawler Runner => %LOCALAPPDATA%\Idle~_~Crawler\Idle~_~Crawler.exe <==== ATTENTION Task: {CD2BE085-9D41-49B2-B4CE-85489746808C} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Chris\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION C:\Program Files (x86)\Mobogenie C:\Users\Chris\AppData\Local\Mobogenie EmptyTemp: CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
thanks. i have done that, here are the logs
How is the computer now ?
I havent had a notification since, so all looks good now!
Thanks for your help!
In that case methinks I will send you on your merry way
Subject to no further problems
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Download and run Delfix
https://dl.dropboxusercontent.com/u/73555776/delfix.JPG
: Keep Java Updated :
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
CryptoPrevent install this programme to lock down and prevent crypto ransome ware
https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG
Update and run weekly to keep your system clean
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe