Adware - Techist - Tech Forum

Go Back   Techist - Tech Forum > Security | Computer, Devices, Software and Systems > Viruses, Spyware and Malware
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 03-26-2017, 12:02 PM   #1 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Adware

I've recently started using Microsoft Edge and believe acquired adware. I've tried multiple antiviruses, adware removers, etc. None of them ever find the adware. I search up stuff on google and a bunch of stuff pop up above my search results and they don't even claim to be ads. Every now and then when I click on any page it redirects me to another ad website. Plz help, I looked everywhere and haven't been able to resolved this yet.
__________________

__________________
TopNotchShark is offline   Reply With Quote
Old 03-26-2017, 01:45 PM   #2 (permalink)
Private Joker
 
carnageX's Avatar
 
Join Date: Feb 2007
Location: South Dakota
Posts: 24,985
Default Re: Adware

Start with checking your proxy settings under Internet Options -> Connections tab -> LAN Settings... -> make sure the proxy checkbox is unchecked.

Now, for scans:

Firstly, run a scan with Malwarebytes Antimalware (the Free version is fine, you don't need to activate the Pro trial). Scan with it, delete whatever it finds, reboot and post the log here. Download it from here:
https://www.malwarebytes.org/mwb-download/

Secondly, run a scan with AdwCleaner. Same as above, scan with it, delete what it finds, post the log file here. Download from here:
AdwCleaner Download

Thirdly, run a scan with HiJackThis. Run it as Admin, pick the "scan and generate log" option, and then post the logfile here. Do NOT remove ANYTHING unless told to do so, as removing the wrong entry can damage your system. Download it from here:
HiJackThis | SourceForge.net
__________________

__________________
Laptop: MSI GT70 2OC-059us | i7-4700MQ | 16GB | GTX 770m | 500GB SSD / 750GB HDD | 17.3" | Win10 Pro
Desktop: 4690k | 12GB g.Skill RipJaws | GTX 970 | 520hx | Z87X-UD4H | Corsair Vengeance C70 | Corsair H110 | Acer 25" | Acer 22" | Win10
Mobile: Google Pixel 3 XL


If I help you, or you just like what I said, rep me by clicking the under my post
carnageX is offline   Reply With Quote
Old 03-26-2017, 04:10 PM   #3 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

I've already tried Adw Cleaner and Malwarebytes, they both find nothing. I've run Hijackthis though. Here's the log:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 4:06:13 PM, on 3/26/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Macs Fan Control\MacsFanControl.exe
C:\Users\topno\AppData\Local\Microsoft\OneDrive\On eDrive.exe
C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\topno\AppData\Local\Temp\_iu14D2N.tmp
C:\Users\topno\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = [url]http://noblok.org/wpad.dat?c270e1a0661bc06b21968f460cec239426632399[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] "C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\topno\AppData\Local\Microsoft\OneDrive\O neDrive.exe" /background
O4 - HKCU\..\Run: [Discord] C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\Windows\system32\AppleOSSMgr.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.Sta ndardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Unknown owner - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos MCS Agent - Sophos Limited - C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
O23 - Service: Sophos MCS Client - Sophos Limited - C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
O23 - Service: Sophos Web Control Service - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
O23 - Service: Sophos Data Recorder (SophosDataRecorderService) - Sophos Limited - C:\Program Files\Sophos\Sophos Data Recorder\SDRService.exe
O23 - Service: Sophos System Protection Service (sophossps) - Sophos Limited - C:\Program Files\Sophos\Sophos System Protection\ssp.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Sophos Web Filter (swi_filter) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9264 bytes
__________________
TopNotchShark is offline   Reply With Quote
Old 03-26-2017, 04:12 PM   #4 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

I've tried AdwCleaner and Malwarebytes, they both don't find anything. I've run Hijackthis though. Here's the log:
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 4:06:13 PM, on 3/26/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Macs Fan Control\MacsFanControl.exe
C:\Users\topno\AppData\Local\Microsoft\OneDrive\On eDrive.exe
C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Users\topno\AppData\Local\Temp\_iu14D2N.tmp
C:\Users\topno\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]Bing[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/p/?LinkId=255141]MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = [url]http://noblok.org/wpad.dat?c270e1a0661bc06b21968f460cec239426632399[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O4 - HKLM\..\Run: [Sophos AutoUpdate Monitor] "C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\topno\AppData\Local\Microsoft\OneDrive\O neDrive.exe" /background
O4 - HKCU\..\Run: [Discord] C:\Users\topno\AppData\Local\Discord\app-0.0.297\Discord.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\Windows\system32\AppleOSSMgr.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.Sta ndardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Unknown owner - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sophos AutoUpdate Service - Sophos Limited - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Sophos MCS Agent - Sophos Limited - C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsAgent.exe
O23 - Service: Sophos MCS Client - Sophos Limited - C:\Program Files (x86)\Sophos\Management Communications System\Endpoint\McsClient.exe
O23 - Service: Sophos Web Control Service - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
O23 - Service: Sophos Data Recorder (SophosDataRecorderService) - Sophos Limited - C:\Program Files\Sophos\Sophos Data Recorder\SDRService.exe
O23 - Service: Sophos System Protection Service (sophossps) - Sophos Limited - C:\Program Files\Sophos\Sophos System Protection\ssp.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Sophos Web Filter (swi_filter) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
O23 - Service: Sophos Web Intelligence Service (swi_service) - Sophos Limited - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9264 bytes
__________________
TopNotchShark is offline   Reply With Quote
Old 03-26-2017, 04:13 PM   #5 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

If this helps, I am currently running boot camp windows 10 on a mid 2012 MacBook Pro.
__________________
TopNotchShark is offline   Reply With Quote
Old 03-26-2017, 04:57 PM   #6 (permalink)
Private Joker
 
carnageX's Avatar
 
Join Date: Feb 2007
Location: South Dakota
Posts: 24,985
Default Re: Adware

The only entry that makes me curious is this one:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigURL = [url]http://noblok.org/wpad.dat?c270e1a06...ec239426632399[/url]

Is NoBlok.org something you intentionally use?

Do the ads and such appear in all browsers, or just a specific browser? Have you tried alternate browsers? If it's just a single browser, then please check the installed extensions/add-ons to see if there's something fishy there.

Also, I suggest removing Sophos and moving to Avira. It's free and performs better.
My recommendation is based off of AV-Comparatives testing, here:
https://www.av-comparatives.org/wp-c..._201612_en.pdf
__________________
Laptop: MSI GT70 2OC-059us | i7-4700MQ | 16GB | GTX 770m | 500GB SSD / 750GB HDD | 17.3" | Win10 Pro
Desktop: 4690k | 12GB g.Skill RipJaws | GTX 970 | 520hx | Z87X-UD4H | Corsair Vengeance C70 | Corsair H110 | Acer 25" | Acer 22" | Win10
Mobile: Google Pixel 3 XL


If I help you, or you just like what I said, rep me by clicking the under my post
carnageX is offline   Reply With Quote
Old 03-26-2017, 05:03 PM   #7 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

I'll go check out NoBlok.org. No Idea what that is
-Thanks
__________________
TopNotchShark is offline   Reply With Quote
Old 03-26-2017, 05:09 PM   #8 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

I've just deleted it. I try going to different websites and browsing to check if I still get ads. Also, I think I'll switch to Avira.
__________________
TopNotchShark is offline   Reply With Quote
Old 03-26-2017, 05:10 PM   #9 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

It's only in the browser, haven't checked chrome or firefox.
__________________
TopNotchShark is offline   Reply With Quote
Old 03-27-2017, 05:32 PM   #10 (permalink)
Newb Techie
 
Join Date: Mar 2017
Location: Texas
Posts: 19
Default Re: Adware

Nope, the ads are still popping up occasionally. Anything else I can do?
__________________

__________________
TopNotchShark is offline   Reply With Quote
Reply

Tags
adware, microsoft edge, windows 10

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
need help adware blocking the internet from working need a good free program for adware bleachedcustoms Hardware Repairs and Troubleshooting 5 01-23-2011 03:31 PM
SpyWare/Adware Keeps coming back! Total Immortal Microsoft Windows and Software 15 04-26-2004 02:28 PM
Web pages wont load / adware apps mrlewp Microsoft Windows and Software 0 04-16-2004 07:27 AM
number of adware/spyware's in a PC subdivizion Microsoft Windows and Software 17 02-14-2004 01:57 PM
Adware aberg Microsoft Windows and Software 3 02-13-2004 11:38 AM



All times are GMT -5. The time now is 11:49 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2020, vBulletin Solutions, Inc.