| Author |
Topic: AdWare |
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 4 Dec 2012 7:10 pm |
|
My Kaspersky shows that I have the following
"Not-A-Virus: AdWare.Win32.Bromngr.b"
Any suggestions for Removal ?? when I google it it wants me to go to SpyWare.org 7 get a free scan.
I did download FireFox, & Babylon came with it.. Would that have done it?? |
|
|
 |
Wiz Feinberg
From:
Mid-Michigan, USA
|
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 5 Dec 2012 6:01 am
|
|
| Golly Wiz I can't remember, I just typed in Firefox & a bunch came up & I downloaded it. Then Babylon came with it & when I tried to use Firefox or Chrome, Babylon came up all the time so I uninstalled Babylon, Firefox, & Chrome in add/remove programs..but now keeps telling me I have Not-a-Virus:AdWare.Win32.Bromngr.b |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Dec 2012 7:20 am
|
|
You have been scammed into downloading the browser from a rogue source. They have bundled adware with it, earning commissions for each installation.
If you have followed my previous posts concerning spyware, etc, you will be aware of Malwarebytes' Anti-Malware. You can download it and use it manually for free. See if it detects and offers to remove your adware.
If MBAM fails to detect the adware, try Ad-Aware, from Lavasoft. Ad-Aware is specifically made to look for ad serving PUPs (Potentially Unwanted Programs).
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 5 Dec 2012 7:40 am
|
|
| Thanks Wiz. Yes I bought MBam, but it didn't remove it. I will run adaware. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Dec 2012 11:54 am
|
|
| jolynyk wrote: |
| Thanks Wiz. Yes I bought MBam, but it didn't remove it. I will run adaware. |
This is no surprise, because MBAM is geared toward detecting real malware, not popup or search adware. Those items are usually less damaging than actual malicious software (malware).
If Ad-Aware doesn't detect the program, try Spybot S&D.
BTW: Have you looked in Control Panel > Add/Remove Programs to see if you can just uninstall the adware?
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 5 Dec 2012 1:04 pm
|
|
Wiz, I ran MBam, Spybot, AdAware, Adaware found 79, Spybot found 44, Kaspersky found nothing.. so I've pretty much depleted my resources..
Computer still acting funny.. Downloads are not completing, but hanging up. somre programs not opening. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Dec 2012 2:21 pm
|
|
Jolynyk;
Please download SuperAntiSpyware from http://www.superantispyware.com/. Install and update it then run a full scan. It may be necessary to reboot into Safe Mode, then run a second scan.
Furthermore, it is possible that this badware has been backed up in your System Restore folder. If this is the case, you'll need to turn off System Restore, then rescan for and remove the threat.
If this fails, Hitman Pro may do the trick. Contact me for details later on.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 5 Dec 2012 3:01 pm
|
|
| Thanks Wiz.. Just heading out to a wedding, & will run those as soon as I get home tonite.. will let you know how it turns out.. |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 5 Dec 2012 3:28 pm
|
|
| Is there a download manager I can get that if a my download quits or hangs up, it will resume where the download left off, rather than start the download from the beginning again?? |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Dec 2012 4:16 pm
|
|
| jolynyk wrote: |
| Is there a download manager I can get that if a my download quits or hangs up, it will resume where the download left off, rather than start the download from the beginning again?? |
Firefox contains a download manager with pause and resume functions.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 5 Dec 2012 4:21 pm
|
|
Jolynyk;
I found the following files to be deleted on another forum. They are related to your adware/virus and should be deleted if found.
C:\Windows\tasks\At1.job
C:\Windows\tasks\At2.job
C:\ProgramData\x5tdXKBkN6o
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 6 Dec 2012 5:24 am
|
|
Thanks Wiz, I really appreciate your help..
What is the procedure for me to find & remove those 3 items..
Incidentally, when I want to reply to these posts, it asks me for my name & password, I enter that & check the box to log me on automatically, but even if I come back every 5 minutes I have to re-enter everything. It doesn't remember my input..
Can you suggest a link for me to download Firefox from.. ?? |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 6 Dec 2012 5:18 pm
|
|
| jolynyk wrote: |
Thanks Wiz, I really appreciate your help..
What is the procedure for me to find & remove those 3 items..
Incidentally, when I want to reply to these posts, it asks me for my name & password, I enter that & check the box to log me on automatically, but even if I come back every 5 minutes I have to re-enter everything. It doesn't remember my input..
Can you suggest a link for me to download Firefox from.. ?? |
Here's your Firefox link! http://www.mozilla.com/en-US/firefox/.
Your other browser must be optioned to not accept cookies or to not remember logins, or your credentials would remain in effect across sessions.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 6 Dec 2012 6:06 pm
|
|
| Thanks for the link Wiz.I can't find those 3 items to delete them.. will keep looking. |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 6 Dec 2012 6:27 pm
|
|
| jolynyk wrote: |
| Thanks for the link Wiz.I can't find those 3 items to delete them.. will keep looking. |
Then they are not on your PC. Out of curiosity, could you look up and list anything that is under your Tasks folder?
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 7 Dec 2012 5:19 am
|
|
OK, now you got me  where & how do I find the task folder, is that CAD? |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 7 Dec 2012 5:33 am
|
|
Wiz, that stxmenumgr.exe says it's a FreeAgent Launcher...
AdAware.exe
adawarebp.exe
avp.exe
CameraHelperShell.exe
COCIManager.exe
csrss.exe
dwm.exe
EEvenManager.exe
explorer.exe
firefox.exe
FlashUtil32_11_5_502_11_ActiveX.exe
FUFAXSTM.exe
hkcmd.exe
hmpsched.exe
iexplore.exe
iexplore.exe
iexplore.exe
igfxpers.exe
igfxsrvc.exe
LWS.exe
sidebar.exe
Skype.exe
stxmenumgr.exe
SuperAntiSpyware.exe
taskhost.exe
taskmgr.exe
TeaTimer.exe
winlogon.exe
wuaudt.exe
[/b] |
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 7 Dec 2012 8:34 am
|
|
Under Task Scheduler (Local)
Apple
Leader Technologies
Microsoft
WPD
Under All Running Tasks
MsCtfMonitor
SystemSoundsService
|
|
|
|
Wiz Feinberg
From:
Mid-Michigan, USA
|
Posted 7 Dec 2012 8:42 am
|
|
Look under you Program Files directory for a subdrectory that has a name that resembles your Adware. There must be either a .exe or a .dll files somewhere that gets launched to activate the adware.
With a folder name one can do further searches in one's Registry, to see which keys are used to launch this PUP.
_________________
"Wiz" Feinberg, Moderator SGF Computers Forum
Security Consultant
Twitter: @Wizcrafts
Main web pages: Wiztunes Steel Guitar website | Wiz's Security Blog | My Webmaster Services | Wiz's Security Blog |
|
|
|
jolynyk
From:
Prince Albert Sask. Canada
|
Posted 7 Dec 2012 1:16 pm
|
|
Wiz, I looked in Program files, & to my UNtrained eyes I don't see anything like that, but will keep checking..
John |
|
|
|
