Hi I'm using my GF's laptop and IE keeps poping-up on a "partypoker" site. IE's homepage is win default "go.microsoft.com", since the deafult browser is Firefox. I performed a complete scan with SAS and it only found 3 tracking cookies. Real-time protection is NOD32 with Blackspear's settings and BOClean. I'll try to manually find this and fix it, but some help will be appreciated.
I tried looking around a bit, this thing is a bugger evidently. I wonder if trying to remove it with Revo Uninstaller would do the trick? Also, if there is still an IE toolbar reference left over, check here to remove it: http://www.howtogeek.com/howto/wind...-items-from-the-internet-explorer-tools-menu/
Thanks for your suggestion, i'll check it out. I just performed a scan with PrevxCSI. It found 3 files, all listed as adware: 1.- "manager live.exe" located at "docs and settings/All users/application data/Admin Inter 1 Mags" 2.- "Long Burn Inside.exe" located at "Docs and settings/JAC/Application data/Hope Internet Cash" 3.- "bis1138.exe" located at "Docs and settings/JAC/local conf/Temp" Also when checking msconfig, I found "Long Burn Inside" on the startup list
Hello HURST. Go to Add or Remove Programs and uninstall PokerStar and/or PartyPoker. If your gf installed the game(s) on purpose, let her decide if she really wants it/them (and the pop-ups). Download the ff: http://www.merijn.org/files/bfu.zip (use right-click>save target as...) http://metallica.geekstogo.com/alcanshorty.bfu Here's a tutorial on using BFU. Kindly submit the following files to samples[at]superantispyware.com, manager live.exe Long Burn Inside.exe bis1138.exe thanatos
Try scanning with a-squared free 3.5. http://www.emsisoft.com/en/software/download/ It usually picks up what SAS doesn't and vice versa. Then try their free version of HijackFree. Allows you to manually go through all your registry and peform a search for a specific filename to then kill the process and remove the file.
Will try a-squared today. I'll send manager live.exe and bis1138.exe to SAS, but Long Burn Inside.exe was eliminated by CureIt. She didn't install it. Only she and myself use that laptop under admin mode. Didn't find any reference in "add/remove programs".
Just guessing because of the filenames and the symptoms, but I think this will turn out to be a LOP infection. If you still have problems check your Scheduled Tasks and see if you have one that looks like this: A6EF1C1391849263.job letters and numbers may vary, but the structure should be the same. If you do, post back and let us know which file it starts.
Will check it out soon, right now I'm ill so I'm guessing it will be tomorrow or the day after... thanks for the suggestion