AdWare

[jolynyk]

My Kaspersky shows that I have the following
"Not-A-Virus: AdWare.Win32.Bromngr.b"
Any suggestions for Removal ?? when I google it it wants me to go to SpyWare.org 7 get a free scan.
I did download FireFox, & Babylon came with it.. Would that have done it??

[Wiz Feinberg]

I download a new version of Firefox every month and not once has Babylon shipped with it. Where did you download Firefox from?

[jolynyk]

Golly Wiz I can't remember, I just typed in Firefox & a bunch came up & I downloaded it. Then Babylon came with it & when I tried to use Firefox or Chrome, Babylon came up all the time so I uninstalled Babylon, Firefox, & Chrome in add/remove programs..but now keeps telling me I have Not-a-Virus:AdWare.Win32.Bromngr.b

[Wiz Feinberg]

You have been scammed into downloading the browser from a rogue source. They have bundled adware with it, earning commissions for each installation.

If you have followed my previous posts concerning spyware, etc, you will be aware of Malwarebytes' Anti-Malware. You can download it and use it manually for free. See if it detects and offers to remove your adware.

If MBAM fails to detect the adware, try Ad-Aware, from Lavasoft. Ad-Aware is specifically made to look for ad serving PUPs (Potentially Unwanted Programs).

[jolynyk]

Thanks Wiz. Yes I bought MBam, but it didn't remove it. I will run adaware.

[Wiz Feinberg]

Thanks Wiz. Yes I bought MBam, but it didn't remove it. I will run adaware.

This is no surprise, because MBAM is geared toward detecting real malware, not popup or search adware. Those items are usually less damaging than actual malicious software (malware).

If Ad-Aware doesn't detect the program, try Spybot S&D.

BTW: Have you looked in Control Panel > Add/Remove Programs to see if you can just uninstall the adware?

[jolynyk]

Wiz, I ran MBam, Spybot, AdAware, Adaware found 79, Spybot found 44, Kaspersky found nothing.. so I've pretty much depleted my resources..
Computer still acting funny.. Downloads are not completing, but hanging up. somre programs not opening.

[Wiz Feinberg]

Jolynyk;
Please download SuperAntiSpyware from http://www.superantispyware.com/. Install and update it then run a full scan. It may be necessary to reboot into Safe Mode, then run a second scan.

Furthermore, it is possible that this badware has been backed up in your System Restore folder. If this is the case, you'll need to turn off System Restore, then rescan for and remove the threat.

If this fails, Hitman Pro may do the trick. Contact me for details later on.

[jolynyk]

Thanks Wiz.. Just heading out to a wedding, & will run those as soon as I get home tonite.. will let you know how it turns out..

[jolynyk]

Is there a download manager I can get that if a my download quits or hangs up, it will resume where the download left off, rather than start the download from the beginning again??

[Wiz Feinberg]

Is there a download manager I can get that if a my download quits or hangs up, it will resume where the download left off, rather than start the download from the beginning again??

Firefox contains a download manager with pause and resume functions.

[Wiz Feinberg]

Jolynyk;
I found the following files to be deleted on another forum. They are related to your adware/virus and should be deleted if found.

C:\Windows\tasks\At1.job
C:\Windows\tasks\At2.job
C:\ProgramData\x5tdXKBkN6o

[jolynyk]

Thanks Wiz, I really appreciate your help..
What is the procedure for me to find & remove those 3 items..
Incidentally, when I want to reply to these posts, it asks me for my name & password, I enter that & check the box to log me on automatically, but even if I come back every 5 minutes I have to re-enter everything. It doesn't remember my input..
Can you suggest a link for me to download Firefox from.. ??

[Wiz Feinberg]

Thanks Wiz, I really appreciate your help..
What is the procedure for me to find & remove those 3 items..
Incidentally, when I want to reply to these posts, it asks me for my name & password, I enter that & check the box to log me on automatically, but even if I come back every 5 minutes I have to re-enter everything. It doesn't remember my input..
Can you suggest a link for me to download Firefox from.. ??

Here's your Firefox link! http://www.mozilla.com/en-US/firefox/.

Your other browser must be optioned to not accept cookies or to not remember logins, or your credentials would remain in effect across sessions.

[jolynyk]

Thanks for the link Wiz.I can't find those 3 items to delete them.. will keep looking.

[Wiz Feinberg]

Thanks for the link Wiz.I can't find those 3 items to delete them.. will keep looking.

Then they are not on your PC. Out of curiosity, could you look up and list anything that is under your Tasks folder?

[jolynyk]

OK, now you got me where & how do I find the task folder, is that CAD?

[jolynyk]

Wiz, that stxmenumgr.exe says it's a FreeAgent Launcher...

AdAware.exe
adawarebp.exe
avp.exe
CameraHelperShell.exe
COCIManager.exe
csrss.exe
dwm.exe
EEvenManager.exe
explorer.exe
firefox.exe
FlashUtil32_11_5_502_11_ActiveX.exe
FUFAXSTM.exe
hkcmd.exe
hmpsched.exe
iexplore.exe
iexplore.exe
iexplore.exe
igfxpers.exe
igfxsrvc.exe
LWS.exe
sidebar.exe
Skype.exe
stxmenumgr.exe
SuperAntiSpyware.exe
taskhost.exe
taskmgr.exe
TeaTimer.exe
winlogon.exe
wuaudt.exe


[/b]

[Wiz Feinberg]

Tasks are found in C:\Windows\Tasks folder, as .job files. You can find the friendly names for tasks by navigating to Start > All Programs > Accessories > System Tools >>> Task Scheduler

[jolynyk]

Under Task Scheduler (Local)
Apple
Leader Technologies
Microsoft
WPD


Under All Running Tasks
MsCtfMonitor
SystemSoundsService

[Wiz Feinberg]

Look under you Program Files directory for a subdrectory that has a name that resembles your Adware. There must be either a .exe or a .dll files somewhere that gets launched to activate the adware.

With a folder name one can do further searches in one's Registry, to see which keys are used to launch this PUP.

[jolynyk]

Wiz, I looked in Program files, & to my UNtrained eyes I don't see anything like that, but will keep checking..
John