New
#41
the logs
the logs
Wintermoon,
After looking at the results of the programs run, nothing pops out at me that could cause the warning.
Presuming IE 11 and Chrome are your browsers. Have you previously taken action to Reset both browsers?
Use the PC for a day or two, and post back if, or, whether the warning comes back.
It could be that turning the computer off, and then starting it again may have cleared the issue, since it appears you ran ADWCleaner and the Junkware Removal Tool.
Web pages often try popups or anything else to get your attention to click on something, but if you don't you are usually safe. If ever in doubt and you can't close the browser, just end the task in Task Manager or shut down the PC. As I said earlier I think that was what you saw, nothing more.
The FRST.txt file reports the DNS servers to be:
23.253.94.129 (Rackspace Hosting) Which seems a bit odd.
8.8.8.8 (Google's)
Wintermoon1919 stated that "...all the other computers in the house don't have the virus"...
...and they probably have the same DNS settings
...so this might not help, but I would consider using OpenDNS on the router
...and maybe on each computer too (in case the router gets reset someday).
it's not a normal pop-up i cant close it and continue to surf the web normally
tomorrow i'll try other solutions and i'll keep you updated
yes i still have the problem
now i think that gregrocker will try to help me through TeamViewer
a part form solving the problem what do you think about the issue? what could it be?
(still have the problem btw)
thanks
edit:
this is my "host" file and my "router home page"...is everything all right?
Last edited by Wintermoon1919; 24 May 2014 at 08:04.
Connected for Wintermoon and found rootkit.necurs.GO and two Trojans with MBAM. Rootkit was in drivers folder, apparently imported into the clean install with a driver.
After MBAM reboots PC and shows clean, the problem with all browsers persists with no ability to connect to the internet, blocked by apparent continued infection.
TDSS Killer finds nothing. SFC shows clean.
Since OP claims nothing imported except from the actual Chrome and other sites, no drivers imported since all were provided during install or Windows Updates, we looked at his router to find Firewall is diconnected.
After reconnecting router firewall I suggested he scan all other home PC's with MBAM, scan Win7 DVD with MBAM, then wipe the HD with Diskpart Clean Command to reinstall, again only getting drivers from installer and Updates.
Import nothing until browsers are tested.
Security specialists may have other solutions for rootkit.necurs.GO
Last edited by gregrocker; 26 May 2014 at 13:29.