Skip to main content

Issue finding and removing Ads by FreezeThePrice

Comments

8 comments

  • Support

    Hi DLance,

     

    1. Ran by Sony at 2015-01-21 06:52:02

    You have attached an old Addition.txt. Please, attach a new one.

     

    2. CHR dev: Chrome dev build detected! <======= ATTENTION
    Your Chrome is set to use test versions that are supposed to be used by developers. The test versions are less secure that the final versions. The only way to get back to the final versions is to uninstall Chrome, delete the folder C:\Users\Daniel\AppData\Local\Google\Chrome, restart the computer and install Chrome again.

     

     

    3. Run an online scan with Eset (easiest with Internet Explorer): http://www.eset.com/onlinescan/
    To shorten the scanning time disable your antivirus program while scanning.

    Select Enable detection of potentially unwanted applications.
    Click Advanced Settings.

    Deselect Remove found threats.

    Select:
    Scan Archives
    Scan for potentially unsafe applications
    Enable Anti-Stealth Technology

    Click Start.

    When the scan is finished, click on List of found threats and then Export to text file. Copy the content of the text file and paste its content in your reply.

    0
  • Customer

    Deleted Chrome, ran eset, then ran FRST and got a new Addition.txt

    eset.txt

    Addition.txt

    FRST.txt

    0
  • Support

    C:\Users\Daniel\Documents\Vuze Downloads\Sony Vegas Pro 13.0 build 290 (64 bit) Multilingual [ChingLiu]\Patch KHG\vegas.pro.13.0.(64-bit)-patch.exe a variant of Win32/HackTool.Patcher.AD potentially unsafe application
    It can be dangerous to use cracked programs.


    The following script will delete everything in the recycle bins and folders for temporary files. Please, check that you don't want to keep those files.

    Please, start Notepad.
    Copy all text that is in the box:


    CreateRestorePoint:
    CloseProcesses:
    Task: {8AE655D7-9E24-4EFA-BB49-DA8B8AD7812F} - \OctetIntern No Task File <==== ATTENTION
    Task: {A0B0220C-491A-484A-8D69-1E9A43865442} - \BookBee No Task File <==== ATTENTION
    Task: C:\Windows\Tasks\BookBee.job => c:\programdata\{3dd88c32-6e47-9582-3dd8-88c326e430c9}\6182965036950496787b.exe <==== ATTENTION
    Task: C:\Windows\Tasks\OctetIntern.job => c:\programdata\{82b726fd-7a16-4b92-82b7-726fd7a19bf5}\4060050488941669966b.exe <==== ATTENTION
    HKLM\...\Run: [] => [X]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    S2 Drab Woman; "C:\Program Files (x86)\Drab Woman\Drab Woman.exe" [X]
    S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
    S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
    2015-07-09 10:30 - 2015-07-21 04:33 - 00000356 _____ C:\Windows\Tasks\BookBee.job
    C:\Program Files (x86)\Client for Analytics
    EmptyTemp:

    and paste in Notepad. Check that no files have been split on two lines.
    Save the file as fixlist.txt on the desktop.

    Exit all programs.
    Start FRST, please.
    Click the Fix button.
    Wait until the tool has finished.

    It creates a log file, called Fixlog.txt, on the desktop.
    Please, paste the content of that file in your reply.

    0
  • Support

    Do you still get ads from FreezeThePrice or is it time to write the instruction for uninstalling FRST and AdwCleaner?

    0
  • Customer

    Here is the fixlog

    Fixlog.txt

    0
  • Customer

    I haven't gotten one in a little while now, and nothing infesting my google searches, so I think so.

    0
  • Support

    Time for final clean-up.

    1. Please, turn off all programs, including browsers.
    Double-click on AdwCleaner to start the program.

    Click on the Uninstall button.

    2. Download OTC http://oldtimer.geekstogo.com/OTC.exe
    Close all programs.
    Start OTC program.
    Click the CleanUp! button.
    Select Yes when asked "Begin cleanup process".
    If you are asked to reboot, select Yes.
    If any logs remain on the computer you can remove them.

     

    3. Improve the security in the computer[/b]
    It is very important to keep Windows and all programs updated. An old version of, for example, Flash contains vulnerabilities that makes it easy to infect the computer from a web page. To help you with keeping everything updated you can use the program Secunia Personal Software Inspector (PSI). http://www.bleepingcomputer.com/tutorials/detect-vulnerable-programs-with-secunia-psi/describes how to install and use the program.

    0
  • Support

    Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.


    If you're the topic starter, and need this topic reopened, please contact the staff member who was helping you with your issue.


    Everyone else please begin a New Topic.


    Thank you !

    0

Please sign in to leave a comment.