Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I proceed ?


  • Please log in to reply
17 replies to this topic

#1 Aris Lee

Aris Lee

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 14 December 2013 - 09:00 PM

Hi, my name is Aris.

Im new to MBAM so I seek for some help from experienced users to make sure I dont mess something up.
I just did a full scan on my computer with MBAM and found some POP.Optional.Conduite.A files and folders and a RiskWare.Tool.CK (this must be from the easyaccount.exe my brother used to get instant lvl55 on CoD4 judging by the location).
I havent proceeded into removing anything yet, I thought it would be better to get some advice before taking action.

Here are the logs from the scan : 
 

www.malwarebytes.org
 
Database version: v2013.12.14.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Asus X52J :: ASUSX52J-PC [administrator]
 
Protection: Enabled
 
15/12/2013 2:23:32 πμ
MBAM-log-2013-12-15 (03-37-33).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 411335
Time elapsed: 1 hour(s), 12 minute(s), 48 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 2
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> No action taken.
 
Files Detected: 8
C:\Users\Asus X52J\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AAFK0CK3\mism[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0LEQXCP\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\wz33b5\EA_1.7\EasyAccount.exe (RiskWare.Tool.CK) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Asus X52J\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
 
(end)


So, what should I do now ?

Thanks in advance,

Aris.


BC AdBot (Login to Remove)

 


#2 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 14 December 2013 - 09:22 PM

Do you still have the scan window open....if so.......


* When the scan is Complete, click OK, then Show Results to view the results.
Be sure that everything is checked and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here in your next Reply
Be sure to restart the computer.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

 

_______________________

 

If you have closed it....rerun the scan, only this time, When the scan is Complete, click OK, then Show Results to view the results.
Be sure that everything is checked and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here in your next Reply.....Be sure to restart the computer.

 


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#3 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 14 December 2013 - 09:31 PM

Hello Condobloke, 
first of all, I wish to thank you for the immediate assistiance.

I still had the scan window open with the results, checked everything and removed it and then rebooted my computer as you said.
Here are the newest logs after that: 
 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.14.06
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Asus X52J :: ASUSX52J-PC [administrator]
 
Protection: Enabled
 
15/12/2013 2:23:32 πμ
mbam-log-2013-12-15 (02-23-32).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 411335
Time elapsed: 1 hour(s), 12 minute(s), 48 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 2
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
Files Detected: 8
C:\Users\Asus X52J\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AAFK0CK3\mism[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G0LEQXCP\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\wz33b5\EA_1.7\EasyAccount.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\Asus X52J\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
 
(end)


#4 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 14 December 2013 - 09:44 PM

 
 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool,  If you get a message that RKill is an infection, do not be concerned. This message is just a fake warning given by the infection when it terminates programs that may potentially remove it. If you run into these infections warnings that close RKill, a trick is to leave the warning on the screen and then run RKill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that RKill can terminate the Infection that we are attempting to get rid of. So, please try running RKill until the malware is no longer running. You will then be able to proceed with the rest of the guide. Do not reboot your computer after running RKill as the malware programs will start again.


rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.

 

 

Please Download  AdwCleaner
* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on the Scan button.
* When the scan has finished click on the
Clean button.
* NOTE : Your computer will be
rebooted automatically. A text file will open after the restart.
* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner.txt as well.
Once I OK the log, please click the Uninstall button to fully remove all

 

 

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#5 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 14 December 2013 - 10:26 PM

Ok, after doing all that here are the logs :



 

Rkill 2.6.3 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/15/2013 04:58:00 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe (PID: 2592) [AU-HEUR]
 * C:\Windows\SysWOW64\ACEngSvr.exe (PID: 3288) [WD-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
 
Backup Registry file created at:
 C:\Users\Asus X52J\Desktop\rkill\rkill-12-15-2013-04-58-09.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 12/15/2013 05:01:09 AM
Execution time: 0 hours(s), 3 minute(s), and 8 seconds(s)







# AdwCleaner v3.015 - Report created 15/12/2013 at 05:05:43
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Asus X52J - ASUSX52J-PC
# Running from : C:\Users\Asus X52J\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Partner
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16736
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Asus X52J\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1249 octets] - [15/12/2013 05:05:43]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1309 octets] ##########





# AdwCleaner v3.015 - Report created 15/12/2013 at 05:06:32
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Asus X52J - ASUSX52J-PC
# Running from : C:\Users\Asus X52J\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Partner
File Deleted : C:\END
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\InstallIQ
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16736
 
 
-\\ Google Chrome v31.0.1650.63
 
[ File : C:\Users\Asus X52J\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1393 octets] - [15/12/2013 05:05:43]
AdwCleaner[S0].txt - [1299 octets] - [15/12/2013 05:06:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1359 octets] ##########






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Asus X52J on ‰¬¨ 15/12/2013 at  5:13:59,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ‰¬¨ 15/12/2013 at  5:21:14,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


By the way, i didnt unistall adwcleaner yet as i didnt know if i had to do it before running JRT or after we're done with all of that..
 


#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 14 December 2013 - 10:38 PM

 
 

Thats cool....rerun AdwCleaner and this time Select Clean

 

One more to go....and then we can clean up

Be aware.....this next scan will take some TIME....two hours + is not unusual

I note that it is quite late where you are.

I am quite happy for the scan result to reach me in another 12+ hours....

 

 

Please scan your computer with ESET Online Scanner
Disable active Antivirus and Antimalware programs How To Temporarily Disable Your Anti-virusHow To Temporarily Disable Your Anti-virus
This scan is best performed with Internet Explorer, as it uses ActiveX
If you will not use Internet Explorer, then please read item 3 in this post
1 - Open Internet Explorer and hold down Control (Ctrl) key and click on This Link  to open ESET OnlineScan in a new window.
2 - Click the ESET Online Scanner button.
3 - For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
a - Click on eset.exe  to download the ESET Smart Installer. Save it to your desktop.
b - Double click on the  icon on your desktop.
4 - Check "YES, I accept the Terms of Use."
5 - Click the Start button.
6 - Accept any security warnings from your browser.
7 - Under scan settings, check "Scan Archives" and "Remove found threats"
8 - Click Advanced settings and select the following:
* Scan potentially unwanted applications
* Scan for potentially unsafe applications
* Enable Anti-Stealth technology
9 - ESET will then download updates for itself, install itself, and begin scanning your computer.
10 - Please be patient as this will take some time (first time scans are always longer).
11 - When the scan completes, click List Threats
12 - Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
13 - Click the Back button and then Click the Finish button.
NOTE:Sometimes if ESET finds no infections it will not create a log.
If you lose the log it can be found at C:\Program Files\ESET\EsetOnlineScanner\log.txt
If no infections are found then please tell me -
You can ignore any ESET detection of AdwCleaner...it is a false positive detection.

 

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#7 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 14 December 2013 - 10:55 PM

I runned Adwcleaner again and cleaned here's the log:

 

# AdwCleaner v3.015 - Report created 15/12/2013 at 05:46:15
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Asus X52J - ASUSX52J-PC
# Running from : C:\Users\Asus X52J\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Asus X52J\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1393 octets] - [15/12/2013 05:05:43]
AdwCleaner[R1].txt - [895 octets] - [15/12/2013 05:45:42]
AdwCleaner[S0].txt - [1439 octets] - [15/12/2013 05:06:32]
AdwCleaner[S1].txt - [817 octets] - [15/12/2013 05:46:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [876 octets] ##########


Is it okay to unistall Adwcleaner now? If I try to do it, it say's the Quarantine will be emptied so that makes me wonder a bit.
Im gonna run the ESET online Scan through IE since it seems more simple and faster to do so and get back at you as soon as I have the results.

Also, there's no need to worry about the time here. Im taking full advantage of my weekend at the moment :)

 



#8 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 14 December 2013 - 11:02 PM

Yes.....run uninstall on AdwCleaner.....thats fine.

All found items will disappear as will the program itself.

Let Eset loose.....be sure to disable your antivirus and Malwarebytes as well

 

Enjoy your weekend !


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#9 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 14 December 2013 - 11:07 PM

Ok, one last question. Should i also remove/delete Rkill and JRT (including their logs) ?

As soon as im done cleaning my computer ill enjoy it !
 



#10 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 14 December 2013 - 11:18 PM

 
 

Yup....they can be safely deleted.....right click....delete.....poof !....Gone !

 

 

 

malwarebytes is a good program to keep.

it doesnt need to be the paid version ....unless of course you want the auto feature.

 

To have any pups auto selected for removal...::

 

In Malwarebytes Anti-Malware, PUP detection will show up unchecked on the results list by default. The user would have to manually check them for removal to ensure that they do indeed want these removed.

But if you ever find yourself staring at a giant list of PUPs to check mark and remove, to do so quickly, you can highlight one of the detection by left clicking on it. Then, right-click on the highlighted detection, and click Check all items. Next, select Remove Selected.

Additionally, you can change the default to automatically check mark all PUPs to ready for removal by following the directions below.

Go to Settings:   Under Settings, select Scanner Settings. Toward the bottom, where it says “Action for potentially unwanted programs (PUP)” change the option from “Show in results list and do not check for removal” to “Show in results list and check for removal.”

 

 

 

 

 

 

Edited by Condobloke, 14 December 2013 - 11:28 PM.

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#11 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 15 December 2013 - 01:19 AM

Okay, just got done with eset online scan, here's the results :

C:\Program Files (x86)\Cheat Engine 6.3\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application cleaned by deleting - quarantined
C:\Program Files (x86)\Cheat Engine 6.3\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF application cleaned by deleting - quarantined
C:\Users\Asus X52J\Downloads\CheatEngine63.exe multiple threats cleaned by deleting - quarantined
D:\Secondary Program Files\The Chronicles of Riddick - Assault on Dark Athena\System\Win32_x86\dvm.dll a variant of Win32/HackTool.Crack.D application cleaned by deleting - quarantined



 



#12 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 15 December 2013 - 01:40 AM

 
 

ok....that all looks very good

 

Run this simple scan for me....

(These are both relatively quick )

 

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

 

and then finally !

 

Please download TFC, or Temp File CleanerTFC, by Old Timer
Usage Instructions:

Download TFC from the download link above and save the file on your desktop.
Close ALL running applications as TFC will terminate them before attempting to clean up the temporary files.
Double-click on the TFC icon.
When the program opens, click on the Start button. TFC will terminate the Explorer process and all running applications and then begin the process of cleaning out all of your temp folders.
When done, press OK and reboot your computer and finish the cleanup.

 

Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#13 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 15 December 2013 - 02:26 AM

Alright here are the results from SecurityCheck (note that my AV,MBAM and FW are still disabled from before while scanning with ESET Online) : 
 Results of screen317's Security Check version 0.99.77 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
Microsoft Security Essentials  
  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Adobe Flash Player 10 Flash Player out of Date!
 Google Chrome 31.0.1650.57 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````



Im going to run TFC and let you know when im done with it aswell :)

Ok, turns out TFC was pretty damn fast and did not require/ask me for a reboot. should i reboot manually anyway or is that cool?


Edited by Aris Lee, 15 December 2013 - 02:31 AM.


#14 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,786 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 PM

Posted 15 December 2013 - 03:08 AM

Please Update FlashPlayer from HERE

 

BE SURE to UNTICK the optional mcafee bundled crapware

 

You are good to go Aris.....TFC will merely do it job..(Yes....manual reboot is always cool )....it does not produce a log. It also is a keeper, along with MBAM (malwarebytes)

 

 

If you decide to keep MBAM, (paid version), be sure to set up the scheduler to run a quick scan once a week and follow it with TFC.

You can also schedule daily updates with the paid version.

 

Eset Online scanner is good for a once a month cleanout. (It gives you the option to uninstall it and clear any quarantined files at the end of the scan)

 

 

 

 

Regards,

 

 

 


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

 

Microsoft gives you Windows, Linux gives you the whole house...

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

#15 Aris Lee

Aris Lee
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greece
  • Local time:05:29 AM

Posted 15 December 2013 - 03:25 AM

Yeah i thought that TFC might come in handy later on again. At the moment i will have to stick with the free version of MBAM since i have other priorities, other than that is any of the other tools i had to use handy to keep? if so which ones ? if not, could you recommend me a couple of tools to keep my computer clean and up to speed ? that'd be awesome :) In any case i did a manual reboot already just to be sure btw. 

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users