I’ve run Avast, Malwarebytes and SuperAntiSpyware and nothing out of the ordinary has been found.
However, I’m having sound problems (sometimes I can hear audio, sometimes I can’t and I have to restart the computer). I also have problems with ads/pop-ups. They’re all weird Russian ones that are either obviously to do with dating/s*x or weird illnesses (I can’t understand them because I can’t read Russian but the pictures are fairly obvious).
Can anyone help me please?
I didn’t put the logs up because they didn’t find anything but I’ll follow that process and add them here.
Actually, I didn’t scan for rootkits so I need to run the scan again.
unless you know How to read those diagnostic logs you won’t see if anything was found…so attach logs
.
Hi! 
My name’s Naat I will try to help you.
Please attach the rest of the logfiles and I will do my best to solve your issue
Thank-you.
I saw you managed to run AdwCleaner.
Please go to c:\AdwCleaner folder and search for any logs there. They should be named like AdwCleaner[R*].txt and AdwCleaner[S*].txt.
Attach any of them you will find.
DO NOT re-run AdwCleaner unless instructed to do so!
Other logs added…
I can no longer find the instructions for using OTL on this forum. Am I not to use it? I seem to remember it being the “fixing” tool.
OTL is a quite outdated tool, not even updated to work with Windows 8. For now we use FRST & ZOEK as our first-contact ones
OK, thanks. I think I’ve added all the logs now.
I’m analyzing your postings currently, bare with me as I need to study and understand alot of lines.
In the meantime please tell me do you know this software/installed it on a purpose:
BitMeter2 I deliberately installed. It measures internet usage. I’ve used it for years and doesn’t seem to be problematic.
ACEstream is similar to Sopcast and I think I installed it on purpose, but I don’t find it very reliable so I don’t use it often.
My audio is very eratic, sometimes it works, sometimes not, and shockwave flash is giving me problems (crashes).
Computer seems generally very sluggish.
Plus there are those stupid Russian adverts everywhere.
Hi
Let’s run also this one.
https://sites.google.com/site/cannedfixes/junkware-removal-tool/JRTbythisisu.png
Fix with Junkware Removal Tool
Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
[*]Right-click on
https://sites.google.com/site/cannedfixes/junkware-removal-tool/JRTbythisisu.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[*]Follow the prompts and let this process run uninterrupted.
[*]This scan can take a while, depending on your System specs.
[*]Upon completion, a log (JRT.txt) will open on your desktop.
Please include the contents of that file in your reply.
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.
I forgot to switch off antivirus and antispyware.
Actually, it seems to have switched Avast off anyway. Please let me know if I need to rerun the scan. Otherwise, I’ll just leave it with the one attached here.
OK, let’s try something different. We’re dealing probably with a new variant here.
https://sites.google.com/site/cannedfixes/gmer/gmericon.png
Scan with Gmer
This type of scan often produces false positives. At any point do not take any action for any suspicious entries you may see there. Instead post the log to be analyzed.
Please download GMER by Gmer and save the file to your desktop.
It will come as a randomly named file (like a6ge38b4.exe) - that’s absolutely normal.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.
[*]Right-click on randomly named
https://sites.google.com/site/cannedfixes/gmer/gmericon.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[*]It is very important that you do not use your computer while Gmer is running!
[*]Gmer will open to the Rootkit/Malware tab and perform an automatic quick scan.
[*]If you receive a warning about rootkit activity and are asked to fully scan your system click NO!
When the pre-scan is completed, please do the following:
[*]Please check in the Quick scan box.
[*]Please uncheck the IAT/EAT and Show All.
[*]Click Scan.
[*]If you see a rootkit warning window click OK.
[*]When the scan is finished, Save the results to your desktop as gmer.log.
Please include the content of this file in your next reply.
Don’t forget to re-enable previously switched-off protection software!
http://forum.programosy.pl/images/smilies/icon_idea.gif
If you encounter any problems, try running GMER in Safe Mode.
http://forum.programosy.pl/images/smilies/icon_idea.gif
If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning.
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[]In the main box please paste in the following script:
createsrpoint;
process;
services-list;
systemspecs;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;
filesrcm;
installedprogs;
[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
I tried the first one three times. First time it crashed my computer, the twice after it crashed itself. It could be to do with me running a 64 machine as I think it was a 32 program. I’ll try the other one now. Thanks.
Here’s the Zoek file.