Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My friend downloaded a cracked program onto my computer


  • Please log in to reply
11 replies to this topic

#1 acedia_wulf

acedia_wulf

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 AM

Posted 21 February 2015 - 07:18 PM

Hi Bleeping Computer, 

 

A cracked program was installed onto my computer. I scanned my computer with malwarebytes and got rid of it, but I saw the program listed in the startup tab in the task manager menu. 

 

I disabled it, ran malwarebytes again and the anti-virus said my computer was clean. I still see the cracked program listed and am not sure if my computer is actually clean. 

 

Can you please help me determine if my computer is actually free of malware?

 

Thanks for your time



BC AdBot (Login to Remove)

 


#2 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:10:18 AM

Posted 21 February 2015 - 07:22 PM

Can you find the program to uninstall from "Programs and Features" or "Add or Remove Programs"?



#3 acedia_wulf

acedia_wulf
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 AM

Posted 21 February 2015 - 08:01 PM

Hi Phantom010, 

 

No I cannot 



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,095 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 AM

Posted 21 February 2015 - 09:13 PM

Please download AutoRuns and save it to your Desktop.
  • Create a new folder on your hard drive called AutoRuns (C:\AutoRuns) and extract (unzip) the file there.
  • Open the folder and double-click on autoruns.exe to launch it.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Please be patient as it scans and populates the entries.
  • When finished scanning, it will say Ready at the bottom and list all entries under the Everything tab.
  • In the top menu, click File > Find... and type the file name of the startup you want to remove, then click Find Next.
  • Alternatively, you can scroll through the list and look for any entry related to the file you need to remove.
  • If found, right-click on the entry and choose delete.
  • Exit Autoruns and reboot your computer when done.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:10:18 AM

Posted 21 February 2015 - 09:15 PM

What's it called?



#6 acedia_wulf

acedia_wulf
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 AM

Posted 22 February 2015 - 06:57 AM

Hi quietman7, 

 

I deleted the entries, autoruns stated they could not find the file source so maybe that's an indication that the virus was removed?

they are no longer listed in the task manager's start up menu.

 

 

-Phantom010, 

 

he downloaded the program called Adobeuniversalcrackv2.1.1

 

 

Thanks!



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,095 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 AM

Posted 22 February 2015 - 07:28 AM

Malwarebytes removed the physical file but left the startup registry entry (orphaned remnant) which is why it still showed in Task Manager's start up list. Autoruns is a good tool for removing those orphaned startup entries so they will no longer show
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 acedia_wulf

acedia_wulf
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 AM

Posted 22 February 2015 - 03:56 PM

Hi quietman7,

 

So I can be certain that my computer's  is no longer compromised? 

 

I ran a sysinfo check and it says my antivirus Windows defender is disabled even though I have it enabled



#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,095 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 AM

Posted 22 February 2015 - 04:07 PM

What operating system are you using?

 

Windows Defender in Windows 7 is an anti-spyware tool intended to supplement your anti-virus program. Windows Defender on Windows 8 integrates a more robust version of Windows Defender (and uses that name) for its anti-virus and anti-malware protection. Although it uses the same name, it is not the same as Defender in previous operating systems. Windows Defender 8 provides the same level of protection against malware as Microsoft Security Essentials (MSE) on older operation systems and uses the same daily virus definition updates.

Since Windows 8 Defender includes anti-virus protection, it may be disabled by the installation of a third-party anti-virus program. If a trial anti-virus came preinstalled on your computer or you installed one, it most likely turned Windows 8 Defender off (disabled) to avoid conflicts. Windows 8 Defender will remain disabled until that anti-virus software has been completely uninstalled and then Windows 8 Defender needs to be activated if you choose to use it. When uninstalling the third-party anti-virus you may receive a message indicated your system has no protection...click here to turn on Windows Defender. If not, you will need to manually turn it on.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 Phantom010

Phantom010

  • Members
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cyberspace
  • Local time:10:18 AM

Posted 22 February 2015 - 07:38 PM

Hi quietman7,

 

So I can be certain that my computer's  is no longer compromised? 

 

I ran a sysinfo check and it says my antivirus Windows defender is disabled even though I have it enabled

 

The crack may be gone, but who knows what may have been installed on your computer in the process. People just don't share costly software out of the goodness of their heart...



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,095 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 AM

Posted 22 February 2015 - 07:43 PM

You're absolutely correct and the OP is in good hands with you if he wants to perform some checks.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 acedia_wulf

acedia_wulf
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:07:18 AM

Posted 23 February 2015 - 11:39 PM

Hi Quiteman7, 

 

When I open windows defender, it says it is active. I also ran the scan and it says there are no threats 

 

 

yes Phantom010, he installed the crack without my knowledge. I just wanted the trial version. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users