Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malwarebytes detected all these :/


  • Please log in to reply
30 replies to this topic

#1 puravida999

puravida999

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 03:31 PM

Hi again, I scanned my pc today because today avast free edition 2015 detected a complement in google Chrome that was not safe so I performed a full scan with avast and nothing was found.
Then I run malwarebytes free edition and it came with results:
tNKpr9A.png
What are those? malwarebytes said no malwares were found but then why is those results? I still have malwarebytes openned, what should I do? my search engine magically changed from google to bing :P 

 

I'm using windows 8.1 btw , thanks for answer!


Edited by puravida999, 28 May 2015 - 03:37 PM.
Moved to more appropriate forum. ~ OB


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 03:41 PM

Hi there,

Those are not malware, but rather Potentially Unwanted Programs (PUPs). They are programs that do things people do not want, but does not qualify as malware (hence the name).

These links might be informative to you...

Encountering the Wild PUP - Malwarebytes Unpacked

How downloading one program can give you six (!) PUPs - Emsisoft Blog

Mind the PUP: Top download portals to avoid - Emsisoft Blog

62% of the Top 50 Download.com applications bundle toolbars and other PUPs - Emsisoft Blog

Has The Antivirus Industry Gone Mad?! - Emsisoft Blog.

Next, next, next - MediaCenter Panda Security

That said, you might have remnants of these on your system. Please run these to confirm that we have gotten them all.

AdwCleaner - Scan & Clean

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
===

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Regards,
Alex

#3 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 03:44 PM

Hi there,

Those are not malware, but rather Potentially Unwanted Programs (PUPs). They are programs that do things people do not want, but does not qualify as malware (hence the name).

These links might be informative to you...

Encountering the Wild PUP - Malwarebytes Unpacked

How downloading one program can give you six (!) PUPs - Emsisoft Blog

Mind the PUP: Top download portals to avoid - Emsisoft Blog

62% of the Top 50 Download.com applications bundle toolbars and other PUPs - Emsisoft Blog

Has The Antivirus Industry Gone Mad?! - Emsisoft Blog.

Next, next, next - MediaCenter Panda Security

That said, you might have remnants of these on your system. Please run these to confirm that we have gotten them all.

AdwCleaner - Scan & Clean

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished... click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
===

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Regards,
Alex

 

thanks for the fast answer, I have a Little concern, yesterday before going to sleep I did a full scan with malwarebytes and everything was clean, when I woke up and openned google Chrome I found a warning and then run malwarebytes again and find these PUPs, how could they get into my pc if I haven't done anything since the last scan? o.O

 

pd. I am doing what you told me, will post once is finished


Edited by puravida999, 28 May 2015 - 03:44 PM.


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 03:45 PM

PUPs these days commonly employ multiple techniques to achieve persistance, so it is not unusual for multiple scans to turn up remnants. And also the MBAM database could have been updated and they flagged more of the remains.

#5 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 03:48 PM

PUPs these days commonly employ multiple techniques to achieve persistance, so it is not unusual for multiple scans to turn up remnants. And also the MBAM database could have been updated and they flagged more of the remains.

Ok, I downloaded those 2 programs, they run fine for Windows 8.1?

and what I do with the open malwarebytes? click remove selected?


Edited by puravida999, 28 May 2015 - 03:48 PM.


#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 03:53 PM

They are tested on Windows 8.1, should be fine to run.

And yes, you can remove those items :)

#7 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 04:42 PM

They are tested on Windows 8.1, should be fine to run.

And yes, you can remove those items :)

Ok here you have (no personal information is displayed right?)

 

While scanning with adwcleaner it found nothing, however I completed the scan and in C:\AdwCleaner folder I found 2 text documents, one of them is named "AdwCleaner[R0]" and has the following:

 

 

# AdwCleaner v4.205 - Logfile created 28/05/2015 at 14:14:44
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1 Connected  (x64)
# Username : Logitech - STEELSERIES
# Running from : C:\Users\Logitech\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Logitech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk
File Found : C:\Users\Logitech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
Folder Found : C:\ProgramData\pokki
Folder Found : C:\Users\Logitech\AppData\Local\pokki

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_2e9d53cc2b402b6e65aa9551308ca17a19c4721a
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_34e8f5c0c9e5744bf2cdb514283762dd0524776b
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_893e2a8f4b240ed6d7def79e56791067c96f41be
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Key Found : HKCU\Software\Pokki
Key Found : [x64] HKCU\Software\Pokki
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v43.0.2357.81

[C:\Users\Logitech\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Logitech\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Logitech\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.homepage-web.com/?src=omnibox&partner=toshibaupd&q={searchTerms}

*************************

AdwCleaner[R0].txt - [2681 bytes] - [28/05/2015 14:14:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2740 bytes] ##########

 

the other file in that folder is called "AdwCleaner[S0]" and inside says:

 

# AdwCleaner v4.205 - Logfile created 28/05/2015 at 14:26:05
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1 Connected  (x64)
# Username : Logitech - STEELSERIES
# Running from : C:\Users\Logitech\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\pokki
Folder Deleted : C:\Users\Logitech\AppData\Local\pokki
File Deleted : C:\Users\Logitech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Empire.lnk
File Deleted : C:\Users\Logitech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_149b46d4a102c0304583931ceaa3f0bf19785ee3
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_2e9d53cc2b402b6e65aa9551308ca17a19c4721a
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_34e8f5c0c9e5744bf2cdb514283762dd0524776b
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_893e2a8f4b240ed6d7def79e56791067c96f41be
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_cfada041afdc4a11092a096cac66ab6a0945d92b
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v43.0.2357.81

[C:\Users\Logitech\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Logitech\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Logitech\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.homepage-web.com/?src=omnibox&partner=toshibaupd&q={searchTerms}

*************************

AdwCleaner[R0].txt - [2823 bytes] - [28/05/2015 14:14:44]
AdwCleaner[S0].txt - [2664 bytes] - [28/05/2015 14:26:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2723  bytes] ##########

 

-----------------------------------------------------------------

 

 

For Junkware removal tool I got this in the text document:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.3 (05.28.2015:2)
OS: Windows 8.1 Connected x64
Ran by Logitech on 28/05/2015 at 14:31:40.93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Chrome

[C:\Users\Logitech\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Logitech\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Logitech\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Logitech\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/05/2015 at 14:35:48.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#8 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 04:44 PM

That should do it.

Just in case... run this to eliminate any leftovers.

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex

#9 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 04:49 PM

Ok, I'm downloading that.

 

But what are the results? adw cleaner showed 2 reports, please what program was causing that detection in malwarebytes?  :scratchhead:


Edited by puravida999, 28 May 2015 - 04:49 PM.


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 05:01 PM

I don't know how Malwarebytes names things, so I cannot answer that. My apologies.

As for the 2 AdwCleaner reports, one is Scan and one is Cleaning (you can read the headers).

#11 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 05:48 PM

I don't know how Malwarebytes names things, so I cannot answer that. My apologies.

As for the 2 AdwCleaner reports, one is Scan and one is Cleaning (you can read the headers).

Ok, I have the report but was given in Spanish, how I attach?


Edited by puravida999, 28 May 2015 - 05:48 PM.


#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 05:50 PM

Hi there,

Please follow these instructions to retrieve the scan log for EEK.
  • Launch Emsisoft Emergency Kit.
  • Click Logs, then Scan Logs.
  • Click the entry of the scan you just performed (should be Full Scan), then click View Details. The report will open in Notepad.
  • Copy the contents of the Notepad file into your reply.
You do not need to worry about translation, I can understand the basics of the log :)

Regards,
Alex

#13 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 05:59 PM

Ok, I don't know what logs is because the program came in spanish but when I first got the report text I copied and pasted in a new text document.

This is the report in spanish

 

 

Emsisoft Emergency Kit - Versión 9.0
Última actualización: 28/05/2015 03:03:51 p.m.
Cuenta de usuario: Steelseries\Logitech

Configuraciones del análisis:

Tipo de análisis: Completo
Objetos: Rootkits, Memoria, Trazas, C:\

Detectar PUPs: Activado
Análisis de archivos: Activado
Análisis ADS: Activado
Filtrar las extensiones de archivo: Desactivado
Caché avanzada: Activado
Acceso directo al disco: Desactivado

Inicio del análisis: 28/05/2015 03:04:55 p.m.
Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR  detectado: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS  detectado: Setting.DisableRegistryTools (A)

Analizados 221134
Encontrados 2

Fin del análisis: 28/05/2015 03:41:32 p.m.
Duración del análisis: 0:36:37

Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS En cuarentena Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR En cuarentena Setting.DisableTaskMgr (A)

En cuarentena 2

 

and this is my translation if it helps

 

 

Emsisoft Emergency Kit - Version 9.0
Last Update: 28/05/2015 03:03:51 p.m.
User account: Steelseries\Logitech

Analisis settings:

Type of analisis: Full scan
Objets: Rootkits, Memory, Traces, C:\

Detect PUPs: Activated
Analisis of files: Activated
Análisis ADS: Activated
Filter the extensions of files: Desactivated
Caché advanced: Activated
Direct access to disk: Desactivated

Start analisis: 28/05/2015 03:04:55 p.m.
Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR  detectado: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS  detectado: Setting.DisableRegistryTools (A)

Analized 221134
Found 2

End of análisis: 28/05/2015 03:41:32 p.m.
Duration of analisis: 0:36:37

Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS En cuarentena Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-3162588038-2595411586-1708548344-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR En cuarentena Setting.DisableTaskMgr (A)

In Quarantine 2



#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:07:38 PM

Posted 28 May 2015 - 06:05 PM

There isn't much... that should be clean.

Please run this to clean things up.

Download DelFix from here and save it to your Desktop.
  • Close all running programs and start DelFix.
  • Make sure all available options are checked.
  • Click Run.
  • DelFix will remove the most of the tools used during the cleaning process.
Keep your non-Microsoft applications updated as well
Microsoft isn't the only company whose products can contain security vulnerabilities, to check for other vulnerable programs running on your PC that are in need of an update, you can use the Secunia Personal Software Inspector - I suggest that you run it at least once a month.

Malwarebytes Anti-Exploit
Malwarebytes Anti-Exploit (MBAE) is a very useful utility in keeping your computer safe on the Internet. It uses innovative technologies to block exploits - peepholes in software that cybercriminals can use to get their malware into your system, thus stopping their advance before they can drop their payload. What's more, it's a "fire and forget" solution - just install MBAE and it will automatically do its job.
Malwarebytes Anti-Exploit Free offers protection for your browsers - upgrading to Premium allows you to create customized shields for other applications.

Safe computing practices

Best Practices for Safe Computing - Prevention of Malware Infection
How Malware Spreads - How did I get infected
About those Toolbars and Add-ons - Potentially Unwanted Programs (PUPs)

If you have any questions left, feel free to ask me here.

Regards,
Alex

Edited by Alexstrasza, 28 May 2015 - 06:05 PM.


#15 puravida999

puravida999
  • Topic Starter

  • Members
  • 61 posts
  • OFFLINE
  •  
  • Local time:11:38 AM

Posted 28 May 2015 - 06:11 PM

disable antivirus too?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users