Removing static.salesresourcepartners.com/g/

Viruses and worms
1

About once a day, the user has been having a popup (see attached virus.png) in her browser.
Avast has been logging it in the shield log (see attached shield_log.txt).
I did an Avast full scan and boot time scan, but it still appeared the next day.
Per advice from our rep, I have run CCleaner and MalwareBytes.
I’m attaching the logs recommended in the forum.

2

also run AdwCleaner and attach log

remover are notified… it is way over midnight here in europe so i guess they wont be online for many hours :wink:

3

Hi,

Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

createsrpoint;
StandardSearch;
installer-list;
installedprogs;
uninstall-list;

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

-------------- Next ----------------

Please download aswMBR and save it to your desktop.

Double click aswMBR.exe to start the tool.

[*]Select Yes if prompted to download the Avast database.
[*]Click Scan
[*]Upon completion of the scan ( Scan finished successfully ) click Save log and save it to your desktop, and post that log in your next reply for review.
Note: do NOT attempt any Fix yet.

4

Here are the log files you asked for.
Thanks for your help!

5

Hi, tell me will this fix your problem?

Re-run zoek as you did before with this script, wait for zoek to finish his fix and post fresh created logreport.

iedefaults;
ipconfig /flushdns >> %temp%\log.txt;b
emptyalltemp;
6

I ran the script; the log file is attached.
Because the problem only happened once a day, we won’t know until the next morning if this has fixed the problem.
Thanks again for your help!

7

Ok, run this script too (as well, post fresh created zoek log) and test your computer for ~24h. :wink:


ffdefaults;
chrdefaults;
8

Here is the latest log.
I will let it run over the weekend, and let you know on Monday how it went.
Please have a good weekend!

9

Cool. :wink:

10

magna86,

Thank you so much for all your help! We have had no more of the popups since I ran the scripts you gave me on Friday.

Best regards,
Rex B.

11

Cool. Then I will remove my tools using DelFix tool:

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.

===== Next =====

I recommended you to keep Malwarebytes and to use MCShield if you will.
You may download MCShield from one of the following links:

MyCity - Official download link
Softpedija - Mirror download link

It will prevent infection by computer via USB flash drive, mobile phone or any other memory card.
And not only will prevent infection, but it will immediately clean flash drive, memory card or external HDD.