I keep a pretty clean PC, and for 20 yrs. I've NEVER had a virus, or popup issue like this. Not saying I've never had a virus, or popup, but NEVER like this. What it does is as soon as I open Chrome it pops up a VERY convincing window with a smaller dialog box that has at the bottom UpdateNowPro.com. It is VERY pesky, and it only started coming up in the last few days. I've run SuperAnti-Spyware, and it still comes up. I also just about an hour ago had a msg appear that had a toll free # pop up that started with 855 (Can't remember the rest). It was a legit #, and the very nice guy on the other end said he was a L3 MCSE. What was so weird, and sent red flags up was the way his page popped up, as if to be SOO bogus. He didn't try to sell me any service at all. In fact, he told me I need to take it to GeekSquad (or whatever retail store) and spend $150-200 to clean my PC. Exqueeze ME! I'd rather just reformat the thing. THIS is why I have close to 10 different partitions ASIDE from my C drive.
Anyhoo, I just want to know if anyone has heard of UpdateNowPro.com, and if so, how are you banning them from your life?
I've never heard of UpdateNowPro.com but it was odd they didn't try to extort money from you. It was likely bundled, unknowingly, with something you recently installed.
Close all open programs.
To run the program, right-click AdwCleaner.exe and select: Run as Administrator
Click on Search and confirm the prompt.
After the program finishes, click the Report button. Please post the contents of the C:\AdwCleaner[Rx].txt in your next reply. In the reply window click the "#" icon at the top and paste the log text between the [code ] Paste Here [ /code] tags.
Do NOT perform the delete part before I or someone else can read the log.
To delete:
Run AdwCleaner once again.
This time click on:Delete, you will be asked to reboot to finish cleaning.
When done, please post the content of the C:\AdwCleaner[Sx].txtin your reply as outlined above.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home Built Desktop By DataTech OS: Windows 7 Ultimate X64 SP1 CPU: Intel i5-2550K, Differing ~4.4-4.8GHz No built in GPU Motherboard: ASUS P8Z68-V PRO/GEN3 Memory: 16GB G.Skill Sniper 1866MHz @ 2133MHz 2x8GB Graphics Card: ASUS GTX650TIB-DC2OC-2GD5, (650TI Boost) Sound Card: Onboard Realtek 5-1 Monitor(s) Displays: Samsung P2570HD Screen Resolution: 1920x1080 Keyboard: E-Z Eyes, bright yellow keys with large characters Mouse: steelseries SENSEI Laser Pro Gaming PSU: Corsair HX650W Case: Inwin Dragon Rider Cooling: Hyper 212 EVO w/two Noctua fans, push-pull, @1300 RPM Hard Drives: Samsung 840 Pro 256GB SSD for OS, 500GB Seagate Constellation (Enterprise drive) for Data Internet Speed: 48-51Mbs Mbs down, 11 Mbs up Xfinity Cable Browser: IE 10, Opera, Pale Moon if needed Antivirus: Norton Internet Security 2013 Other Info: 4 case fans, LG BluRay-RE, ASUS DVD-RW, Mr. Fusion power supply, 1.21 gigawatts.
GEEZ! I'm getting popups with almost every stroke! Britton, thanks for the quick help. I ran SAS on 2 PC's, both using Win7 64Bit Ent. Fortunately, my other one, which is my DAW, and life blood to my biz, hasn't seen the crap this one has. They both had files that I promptly removed. I haven't run the other AdwCleaner just yet, or the AnviSoft remedy. I'll be right back asap.
I ran AdwCleaner and I'm still getting Popups out the wazoo. You should be able to read my report. Quite honestly, I'm scared to run the AnviSoft app for UpdateNowPro.com. I went to the forum where your link sent me, but almost every time I click on the Anvisoft link there it sends me to a different page, so I'm kind of leary to click on anything there. Can you tell me EXACTLY what kind of page I'm supposed to see so I don't go COMPLETELY down the worm hole?
Go ahead and run Adwcleaner Delete poart, you may have to download it again, I've marked in red the infections or unwanted prgrams it has found. Conduit is a very bad one.
Code:
File Found : C:\Windows\System32\Tasks\Driver Booster Update
File Found : C:\Windows\Tasks\Driver Booster Update.job
Folder Found C:\Program Files (x86)\SearchProtect
Folder Found C:\Users\TRR-Office\AppData\Local\SearchProtect
Folder Found C:\Windows\SysWOW64\SearchProtect
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\installedbrowserextensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\WEDLMNGR
Key Found : [x64] HKCU\Software\installedbrowserextensions
Key Found : [x64] HKCU\Software\Microft\Internet Exploreosr\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\WEDLMNGR
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901174}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902274}
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.BHO
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.BHO.1
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.Sandbox
Key Found : HKLM\SOFTWARE\Classes\CrossriderApp0049074.Sandbox.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444904474}
Key Found : HKLM\Software\installedbrowserextensions
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901174}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422902274}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455905574}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466906674}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Found : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901174}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16521
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com/?ctid=CT3321542&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP9FDA5FC1-E6DE-4F23-9BD5-C14F98CC18FA&SSPV=
Computer Type: PC/Desktop System Manufacturer/Model Number: Home Built Desktop By DataTech OS: Windows 7 Ultimate X64 SP1 CPU: Intel i5-2550K, Differing ~4.4-4.8GHz No built in GPU Motherboard: ASUS P8Z68-V PRO/GEN3 Memory: 16GB G.Skill Sniper 1866MHz @ 2133MHz 2x8GB Graphics Card: ASUS GTX650TIB-DC2OC-2GD5, (650TI Boost) Sound Card: Onboard Realtek 5-1 Monitor(s) Displays: Samsung P2570HD Screen Resolution: 1920x1080 Keyboard: E-Z Eyes, bright yellow keys with large characters Mouse: steelseries SENSEI Laser Pro Gaming PSU: Corsair HX650W Case: Inwin Dragon Rider Cooling: Hyper 212 EVO w/two Noctua fans, push-pull, @1300 RPM Hard Drives: Samsung 840 Pro 256GB SSD for OS, 500GB Seagate Constellation (Enterprise drive) for Data Internet Speed: 48-51Mbs Mbs down, 11 Mbs up Xfinity Cable Browser: IE 10, Opera, Pale Moon if needed Antivirus: Norton Internet Security 2013 Other Info: 4 case fans, LG BluRay-RE, ASUS DVD-RW, Mr. Fusion power supply, 1.21 gigawatts.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home Built Desktop By DataTech OS: Windows 7 Ultimate X64 SP1 CPU: Intel i5-2550K, Differing ~4.4-4.8GHz No built in GPU Motherboard: ASUS P8Z68-V PRO/GEN3 Memory: 16GB G.Skill Sniper 1866MHz @ 2133MHz 2x8GB Graphics Card: ASUS GTX650TIB-DC2OC-2GD5, (650TI Boost) Sound Card: Onboard Realtek 5-1 Monitor(s) Displays: Samsung P2570HD Screen Resolution: 1920x1080 Keyboard: E-Z Eyes, bright yellow keys with large characters Mouse: steelseries SENSEI Laser Pro Gaming PSU: Corsair HX650W Case: Inwin Dragon Rider Cooling: Hyper 212 EVO w/two Noctua fans, push-pull, @1300 RPM Hard Drives: Samsung 840 Pro 256GB SSD for OS, 500GB Seagate Constellation (Enterprise drive) for Data Internet Speed: 48-51Mbs Mbs down, 11 Mbs up Xfinity Cable Browser: IE 10, Opera, Pale Moon if needed Antivirus: Norton Internet Security 2013 Other Info: 4 case fans, LG BluRay-RE, ASUS DVD-RW, Mr. Fusion power supply, 1.21 gigawatts.
You need to get rid of all the temporary files that the adware brought with it.
Please download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forum and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion. Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.
Computer Type: PC/Desktop System Manufacturer/Model Number: Bruce ... somewhere in his 40's OS: Windows 7 Ultimate 32bit SP1 CPU: Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz Motherboard: INTEL/D975XBX2 Memory: 4 GB Graphics Card: ATI Radeon HD 2600 Pro Monitor(s) Displays: Samsung SyncMaster 914v Screen Resolution: 1280 x 1024 Keyboard: Standard PS/2 Keyboard Mouse: Microsoft PS/2 Mouse PSU: Rocketfish 700 W Case: G.Skill Gigabyte Chassis Hard Drives: 2/500GB each ... ST3500630AS ATA Device.
One is not connected Internet Speed: DSL Browser: IE 11 Antivirus: Avira Internet Security Other Info: ATI HDMI Audio
Thanks Jacee. Right now, the problem SEEMS to have gone away. At the very least, as the old southern saying goes "If it ain't broke, don't fix it." However, I WILL keep this thread in my Inbox folder for future reference.
This site looks like BAD VIRUS NEWS, and keeps popping up in my UPDATED Chrome browser advising me to update Chrome. How can I prevent it from popping up?
Thanks,
GPL