Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popup advertisement in every tab I open, many anti-virus/malware found nothing!


  • This topic is locked This topic is locked
16 replies to this topic

#1 gauchotche

gauchotche

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 19 May 2016 - 12:42 PM

Starting sometime ago I started suffering from the 25% CPU usage linked to windows update. This thing simple makes you go crazy.... it's SO annoying.

 

Now (last few days) my computer started displaying some sort of (malware) popup in every browser window I open or refresh, showing advertise, where I have to click the X, then it opens another window (which I think Adblock plus closes). Looking at firefox inspect tool I've found that this crap is RUSSIAN related... I've done a test with iexplorer and it happens there also... so it's a system infection. I've always been using Avast, I've run malware antimalware, i've run kasperspy, i've run ADW cleaner, and nothing find the damn virus or malware... I don't know what to do!!!


Edited by gauchotche, 19 May 2016 - 01:25 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 19 May 2016 - 01:39 PM

Give these programs a shot at it.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

After posting those two logs...do this:

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 19 May 2016 - 02:55 PM

File System: 16

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Fernando\AppData\Local\sublight (Folder)
Successfully deleted: C:\Users\Fernando\AppData\Roaming\couchpotato (Folder)
Successfully deleted: C:\Users\Fernando\AppData\Roaming\getrighttogo (Folder)
Successfully deleted: C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\user.js (File)
Successfully deleted: C:\Users\Fernando\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Fernando (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Fernando\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANGF2SIU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Fernando\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQ0UH133 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Fernando\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9QFPSDO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Fernando\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOTCG9BI (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ANGF2SIU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQ0UH133 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K9QFPSDO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOTCG9BI (Temporary Internet Files Folder)

Deleted the following from C:\Users\Fernando\AppData\Roaming\Mozilla\Firefox\Profiles\o6pqf03y.default\prefs.js
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\save-page-button\,\print-butto



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
 

 

 

Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    AutoKMS        C:\Windows\AutoKMS\AutoKMS.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "D:\PROGRAMAS\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    Core Temp Autostart Fernando    Artur Liberman    "D:\PROGRAMAS\CoreTemp\Core Temp.exe"
Yes    Task    DropboxUpdateTaskMachineCore    Dropbox, Inc.    C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes    Task    DropboxUpdateTaskMachineUA    Dropbox, Inc.    C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
No    Task    eM Client Database Backup    eM Client, s.r.o.    C:\Program Files (x86)\eM Client\DbBackup.exe -backup -databasedir "D:\PROGRAMAS\eM Client" -backupdir "C:\Users\Fernando\Documents\eM Client" -preserve 1  -instanceString "eM_Client_C__Users_Fernando_AppData_Roaming_eM_Client_" -silence
Yes    Task    FacebookUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000Core        C:\Users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
Yes    Task    FacebookUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000UA        C:\Users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000Core    Google Inc.    C:\Users\Fernando\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000UA    Google Inc.    C:\Users\Fernando\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
No    Task    Lock Screen    Microsoft Corporation    rundll32.exe user32.dll, LockWorkStation
Yes    Task    Motorola Device Manager Engine    Motorola Mobility Inc.    "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -r
Yes    Task    Motorola Device Manager Initial Update    Motorola Mobility Inc.    "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -d -silent
Yes    Task    Motorola Device Manager Update    Motorola Mobility Inc.    "C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe" -d -silent
Yes    Task    Reimage Reminder    Reimage ltd.    "C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe"
Yes    Task    SafeZone scheduled Autoupdate 1458766542    Avast Software    C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

 

 

Yes    HKCU:Run    Google Update    Google Inc.    "C:\Users\Fernando\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Yes    HKCU:Run    TouchpadBlocker.exe    KARPOLAN    "D:\PROGRAMAS\Touchpad Blocker\TouchpadBlocker.exe" -startup
Yes    HKLM:Run    Acronis Scheduler2 Service    Acronis    "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
Yes    HKLM:Run    AcronisTibMounterMonitor    Acronis International GmbH    C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
Yes    HKLM:Run    AvastUI.exe    AVAST Software    "D:\PROGRAMAS\avast\AvastUI.exe" /nogui
Yes    HKLM:Run    Bonus.SSR.FR11    ABBYY.    "D:\PROGRAMAS\ABBYY Fine Reader\Bonus.ScreenshotReader.exe" /autorun
Yes    HKLM:Run    Dropbox    Dropbox, Inc.    "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
Yes    HKLM:Run    EEventManager    SEIKO EPSON CORPORATION    "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
Yes    HKLM:Run    HP Software Update    Hewlett-Packard    D:\PROGRAMAS\HP\HP Software Update\HPWuSchd2.exe
Yes    HKLM:Run    ISBMgr.exe    Sony Corporation    "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
Yes    HKLM:Run    StartCCC    Advanced Micro Devices, Inc.    "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
Yes    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes    HKLM:Run    TrueImageMonitor.exe    Acronis International GmbH    C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
Yes    HKLM:Run    VAIO Boot Manager    Sony Corporation    "C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe"
Yes    HKLM:Run    vmware-tray.exe    VMware, Inc.    "D:\PROGRAMAS\VMWare\Workstation\vmware-tray.exe"
 


Edited by gauchotche, 19 May 2016 - 03:32 PM.


#4 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 19 May 2016 - 06:51 PM

The list of installed programs is missing. Please post it.

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 19 May 2016 - 07:02 PM

I've checked it and I don't see any suspect there.



#6 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 19 May 2016 - 07:06 PM

QUOTE....I've checked it and I don't see any suspect there.

It's not just suspect programs....it gives me more info and better suggestions for you. Please post the list.

 

 

Disable these Scheduled Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    Task    AutoKMS        C:\Windows\AutoKMS\AutoKMS.exe

Yes    Task    DropboxUpdateTaskMachineCore    Dropbox, Inc.    C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
Yes    Task    DropboxUpdateTaskMachineUA    Dropbox, Inc.    C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

Yes    Task    FacebookUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000Core        C:\Users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
Yes    Task    FacebookUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000UA        C:\Users\Fernando\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskMachineCore    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskMachineUA    Google Inc.    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000Core    Google Inc.    C:\Users\Fernando\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes    Task    GoogleUpdateTaskUserS-1-5-21-3576105890-103167945-1411994898-1000UA    Google Inc.    C:\Users\Fernando\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

 

Delete these Scheduled Tasks: Use CCleaner by clicking on each item and Choosing Delete on the right.

Yes    Task    Reimage Reminder    Reimage ltd.    "C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe"
Yes    Task    SafeZone scheduled Autoupdate 1458766542    Avast Software    C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)

 

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    HKCU:Run    Google Update    Google Inc.    "C:\Users\Fernando\AppData\Local\Google\Update\GoogleUpdate.exe" /c

Yes    HKLM:Run    Bonus.SSR.FR11    ABBYY.    "D:\PROGRAMAS\ABBYY Fine Reader\Bonus.ScreenshotReader.exe" /autorun
Yes    HKLM:Run    Dropbox    Dropbox, Inc.    "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
Yes    HKLM:Run    EEventManager    SEIKO EPSON CORPORATION    "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 20 May 2016 - 06:25 AM

it appears that the 25% cpu usage of windows update is fixed, following the directions from another topic. BUT the virus problem persists and I'm going crazy. I have done all you asked and it is still there. What else could you do? and thanks for your help so far.

 

running reimage repair it says avastui.exe has a "TR/Apagar.T"

 

That's avast software, could it be infected? is there a trojan "apagar.T" ???

 

ESET online found lie 20 infected files but none seems to be autostarting and it removed all of them, but the problem persists.


Edited by gauchotche, 20 May 2016 - 06:34 AM.


#8 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 20 May 2016 - 06:49 AM

You should uninstall Reimage....it's junkware. Had you of posted the list of installed programs I would

of suggested that sooner. More the reason to post that list.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 20 May 2016 - 07:06 AM

You should uninstall Reimage....it's junkware. Had you of posted the list of installed programs I would

of suggested that sooner. More the reason to post that list.

How could I attach a file here?



#10 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 20 May 2016 - 08:42 AM

 

You should uninstall Reimage....it's junkware. Had you of posted the list of installed programs I would

of suggested that sooner. More the reason to post that list.

How could I attach a file here?

 

I would preffer to attach the txt file not its contents, is that possible?



#11 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 20 May 2016 - 09:32 AM

Attachments not allowed in this forum. Why aren't you posting the list the same way you posted the

list of Startups and Tasks? Couldn't be any easier.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 20 May 2016 - 10:58 AM

ABBYY FineReader 11 Corporate Edition    ABBYY    12/02/2014    735 MB    11.0.460
ABC Windows Live Mail Backup        07/11/2013        
Acronis True Image 2016    Acronis    28/09/2015    589 MB    19.0.5634
Acronis Disk Director 12    Acronis    28/09/2015    292 MB    12.0.3223
Active@ Partition Manager 3.5    LSoft Technologies Inc    09/12/2014    27,0 MB    3.5
Adobe Acrobat Reader DC    Adobe Systems Incorporated    15/05/2016    304 MB    15.016.20039
Adobe Flash Player 21 ActiveX    Adobe Systems Incorporated    12/05/2016    5,15 MB    21.0.0.242
Adobe Flash Player 21 NPAPI    Adobe Systems Incorporated    12/05/2016    5,71 MB    21.0.0.242
Alps Pointing-device for VAIO    ALPS ELECTRIC CO., LTD.    07/11/2013        
Amazon Kindle    Amazon    17/10/2015        
ATI Catalyst Install Manager    ATI Technologies, Inc.    04/02/2015    22,4 MB    3.0.829.0
Audacity 2.0.6    Audacity Team    23/02/2015    47,2 MB    2.0.6
Avast Free Antivirus    AVAST Software    07/05/2016        11.2.2262
Bonjour    Apple Inc.    29/04/2016    2,00 MB    3.0.0.10
Boost Libraries for C++Builder XE2    Embarcadero    07/11/2013        9.0
Bulk Rename Utility 2.7.1.3    TGRMN Software    24/02/2015        
Bullzip PDF Printer 9.8.0.1599    Bullzip    04/11/2013    11,2 MB    9.8.0.1599
BurnAware Free 7.7    Burnaware    25/12/2014    34,8 MB    
Cain & Abel 4.9.56        12/09/2015        
calibre    Kovid Goyal    12/01/2015    167 MB    2.16.0
CCleaner    Piriform    19/05/2016        5.17
Cheetah Sync    JRT Studio    19/11/2013    1,01 MB    1.5.1
CMS        11/11/2013        
CodeSite Express 5.0    Raize Software, Inc.    07/11/2013        5.0
Compatibility Pack for the 2007 Office system    Microsoft Corporation    19/05/2016    405 MB    12.0.6612.1000
Core Temp 1.0 RC8    Alcpu    11/03/2016    2,00 MB    1.0
DAEMON Tools Lite    Disc Soft Ltd    07/11/2013        4.48.1.0347
Debugging Tools for Windows (x64)    Microsoft Corporation    28/04/2016    35,9 MB    6.11.1.404
Desinstalar impressora EPSON K300 Series    SEIKO EPSON Corporation    30/01/2015        
Dropbox    Dropbox, Inc.    17/05/2016        4.3.25
Dropbox Folder Sync addon    Sowrabh & Satyadeep    17/03/2014    2,12 MB    2.7
Duplicate Cleaner Pro 3.2.6    DigitalVolcano Software Ltd    11/03/2015    13,8 MB    3.2.6
eM Client    eM Client Inc.    12/12/2014    56,2 MB    6.0.21040.0
Embarcadero Delphi and C++Builder XE2 Help System    Embarcadero    07/11/2013        9.0
Embarcadero RAD Studio XE2    Embarcadero Technologies    07/11/2013        9.0
Epson Event Manager    SEIKO EPSON CORPORATION    30/10/2013    40,5 MB    2.40.0008
EPSON K100 Series Printer Uninstall    SEIKO EPSON Corporation    23/11/2013        
EPSON Scan    Seiko Epson Corporation    07/11/2013        
EpsonNet Print    SEIKO EPSON CORPORATION    30/10/2013        2.4j
EpsonNet Setup 3.3    SEIKO EPSON CORPORATION    30/01/2015        3.3b
EPUB File Reader        05/06/2014    3,78 MB    
ESET Online Scanner v3        19/05/2016        
FastStone Image Viewer 4.8    FastStone Soft    14/11/2013        4.8
FinalBuilder 7.0.0.1499 Embarcadero Edition        06/11/2013    105 MB    7.0.0.1499
GIMP 2.8.14    The GIMP Team    24/12/2014    268 MB    2.8.14
GoldWave v6.10    GoldWave Inc.    23/02/2015    48,8 MB    6.10
Google Chrome    Google Inc.    06/11/2013        50.0.2661.102
Google Talk Plugin    Google    16/12/2015    15,1 MB    5.41.3.0
HandBrake 0.9.9.1        25/01/2014        0.9.9.1
HP Customer Participation Program 14.0    HP    07/05/2015        14.0
HP Imaging Device Functions 14.0    HP    07/05/2015        14.0
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5    HP    07/05/2015        14.0
HP Smart Web Printing 4.60    HP    07/05/2015        4.60
HP Solution Center 14.0    HP    07/05/2015        14.0
HP Update    Hewlett-Packard    07/05/2015    4,04 MB    5.005.002.002
HP USB Disk Storage Format Tool        23/01/2014        
ImgBurn    LIGHTNING UK!    07/11/2013        2.5.8.0
inSSIDer Office    MetaGeek, LLC    08/05/2014    10,3 MB    3.1.1.6
Intel® Display Audio Driver    Intel Corporation    04/02/2015        6.14.00.3086
Intel® Management Engine Components    Intel Corporation    22/02/2014        7.0.0.1144
IObit Uninstaller    IObit    24/05/2015        4.3.0.122
Java 8 Update 91    Oracle Corporation    22/04/2016    89,2 MB    8.0.910.14
JDownloader 2    AppWork GmbH    18/10/2014        2.0
K-Lite Codec Pack 10.1.3 Standard        02/11/2013    75,9 MB    10.1.3
KLS Mail Backup 3.0.0.2    KirySoft    15/12/2014    19,9 MB    
Legendas 3.5    LegendasBrasil.org    28/04/2016    4,97 MB    3.5
LG United Mobile Drivers    LG Electronics    28/05/2014    6,70 MB    3.8.1
Link Shell Extension    Hermann Schinagl    26/11/2013    14,6 MB    3.7.5.1
M-Reader version 1.0.0.0        05/06/2014    22,3 MB    1.0.0.0
Microsoft .NET Framework 4.6.1    Microsoft Corporation    29/04/2016    38,8 MB    4.6.01055
Microsoft Document Explorer 2008    Microsoft Corporation    07/11/2013        
Microsoft Office 2003 Proofing Tools    Microsoft Corporation    06/11/2013    54,4 MB    11.0.8173.0
Microsoft Office File Validation Add-In    Microsoft Corporation    14/05/2014    10,9 MB    14.0.5130.5003
Microsoft Office Professional Edition 2003    Microsoft Corporation    22/12/2014    516 MB    11.0.8173.0
Microsoft OneDrive    Microsoft Corporation    19/05/2015    35,8 MB    17.3.5860.0512
Microsoft Silverlight    Microsoft Corporation    29/04/2016    199 MB    5.1.41212.0
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    04/06/2014    300 KB    8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    26/11/2013    572 KB    8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022    Microsoft Corporation    09/08/2015    1,43 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    30/04/2016    246 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148    Microsoft Corporation    04/11/2013    782 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    04/11/2013    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022    Microsoft Corporation    09/08/2015    1,41 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    15/12/2014    239 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    04/11/2013    590 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    04/11/2013    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    13/01/2015    5,90 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    13/01/2015    13,7 MB    10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030    Microsoft Corporation    10/03/2015    20,5 MB    11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030    Microsoft Corporation    10/03/2015    17,3 MB    11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005    Microsoft Corporation    13/06/2015    17,1 MB    12.0.21005.1
Microsoft Visual J# 2.0 Redistributable Package    Microsoft Corporation    07/11/2013        
Microsoft Windows SDK for Windows 7 (7.0)    Microsoft Corporation    28/04/2016        7.0.7600.16385.40715
Motorola Device Manager    Motorola Mobility    16/03/2015        2.4.5
Motorola Mobile Drivers Installation 6.3.0    Motorola Mobility LLC    04/06/2014    5,10 MB    6.3.0
MozBackup 1.5.1    Pavel Cvrcek    07/11/2013        
Mozilla Firefox 46.0.1 (x86 en-US)    Mozilla    06/05/2016    92,0 MB    46.0.1
Mozilla Maintenance Service    Mozilla    06/05/2016    333 KB    46.0.1.5966
Mozilla Thunderbird 45.1.0 (x86 en-US)    Mozilla    12/05/2016    7,36 GB    45.1.0
MP3 Skype recorder    Alexander Nikiforov    17/12/2014    12,3 MB    4.6.1.0
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    28/05/2014    1,27 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    28/05/2014    1,33 MB    4.20.9876.0
MSXML 4.0 SP3 Parser    Microsoft Corporation    04/06/2014    1,47 MB    4.30.2100.0
MSXML 4.0 SP3 Parser (KB2758694)    Microsoft Corporation    04/06/2014    1,54 MB    4.30.2117.0
Notepad++    Notepad++ Team    10/01/2014        6.5.2
Novaroma    Novaroma    09/04/2016    2,23 MB    0.9.92
Paragon Hard Disk Manager™ 15 Suite    Paragon Software    26/09/2015    343 MB    90.00.0003
PDF Image Extractor Free    PDFArea Software    02/08/2015    6,19 MB    4.0
PDFill PDF Editor with FREE Writer and FREE Tools    PlotSoft LLC    18/12/2013    23,3 MB    11.0
PE Explorer 1.99 R6    Heaventools Software    10/12/2013        1.99.6
Picasa 3    Google, Inc.    21/03/2014        3.9
PicPick    NTeWORKS    09/09/2014        3.4.1.b2
PL-2303 USB-to-Serial    Prolific Technology INC    04/08/2014        1.9.0
Player        06/03/2014        
Popcorn Time    Popcorn Official    12/09/2015    108 MB    
Rave Reports 10.0.0 BE    Nevrona Designs    06/11/2013    40,9 MB    
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    09/11/2013        6.0.1.7071
Realtek PCIE Card Reader    Realtek Semiconductor Corp.    13/02/2014        6.1.7601.92
Registrar Registry Manager 7.70    Resplendence Software Projects Sp.    15/04/2015    11,5 MB    
Reimage Repair    Reimage    19/05/2016        1.8.2.6
River Past Screen Recorder Pro    River Past    09/11/2013        7.7
SAMSUNG USB Driver for Mobile Phones    SAMSUNG Electronics Co., Ltd.    28/05/2014    35,2 MB    1.5.33.0
Serviio        07/11/2013        
Shop for HP Supplies    HP    07/05/2015        14.0
Skype™ 7.13    Skype Technologies S.A.    03/11/2015    75,9 MB    7.13.101
SmartDraw 2010        07/11/2013        
Stellar Phoenix Windows Data Recovery - Professional    Stellar Information Systems Ltd    09/08/2015    21,8 MB    6.0.0.0
Sublight    Sublight Labs    08/10/2015    2,39 MB    5.0
Subtitle Workshop 6.0        14/04/2014        
SUPER © v2013.build.56+Recorder (2013/07/07) version v2013.buil    eRightSoft    09/07/2013    57,3 MB    v2013.build.56+Recorder
Syncovery 6.49e    Super Flexible Software    20/02/2014    78,5 MB    6.49e
System Requirements Lab for Intel    Husdawg, LLC    12/02/2014    1,12 MB    4.5.22.0
TeamViewer 11    TeamViewer    13/05/2016        11.0.59518
The Walking Dead © 3 version 1        22/02/2014    450 MB    1
Total Commander 64-bit (Remove or Repair)    Ghisler Software GmbH    16/03/2015        8.51a
Touchpad Blocker    KARPOLAN    31/03/2015        2.9
TreeSize Free V3.2.1    JAM Software    12/12/2014    5,01 MB    3.2.1
TrueCrypt    TrueCrypt Foundation    25/11/2013        7.1a
UltraFileSearch    Stegisoft    07/11/2013        
uMark 5    Uconomix    16/01/2015        5.4
Unity Web Player    Unity Technologies ApS    01/05/2014    12,0 MB    
Unlocker 1.9.2    Cedrick Collomb    07/11/2013        1.9.2
Vaio Application Uninstaller    Sony Electronics Inc.    13/02/2014        2.0
VAIO Control Center    Sony Corporation    22/02/2014        4.5.0.03040
VAIO Event Service    Sony Corporation    22/02/2014        5.5.0.03040
VCDS Release 12.12.0    Ross-Tech    11/11/2014        12.12.0
Viivo    PKWARE, Inc.    22/07/2015    62,7 MB    3.0.95
VistaBootPRO 3.3    PROnetworks    30/10/2013    2,05 MB    3.3.0
VMware Workstation    VMware, Inc    16/11/2013    3,25 GB    9.0.2
VNC Enterprise Edition E4.6.1    RealVNC Ltd    06/11/2013    4,19 MB    E4.6.1
VSO ConvertXToDVD    VSO Software    23/11/2014    101 MB    5.2.0.13
Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02)    Ross-Tech    11/11/2014        06/16/2010 2.06.02
Windows Live Essentials    Microsoft Corporation    28/12/2014        16.4.3528.0331
Windows Media Player Firefox Plugin    Microsoft Corp    10/11/2013    296 KB    1.0.0.8
WindowsUSBBlocker v2.0    SecurityXploded    26/03/2015        2.0
WinMerge 2.14.0    Thingamahoochie Software    09/08/2015    8,60 MB    2.14.0
WinPcap 4.1.3    CACE Technologies    13/06/2015        4.1.0.2980
WinRAR 5.00 (64-bit)    win.rar GmbH    07/11/2013        5.00.0
WinSCP 5.2.6 beta    Martin Prikryl    16/11/2013    12,6 MB    5.2.6 beta
Zan Image Printer        07/11/2013        
 



#13 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 20 May 2016 - 01:19 PM

Uninstall these programs:

ESET Online Scanner v3        19/05/2016    

HP Customer Participation Program 14.0    HP    07/05/2015        14.0

IObit Uninstaller    IObit    24/05/2015        4.3.0.122

Reimage Repair    Reimage    19/05/2016        1.8.2.6

 

If you have a problem uninstalling the above, use Download Revo Uninstaller Freeware in Advanced Mode.

 

After doing the above and rebooting, tell about any problem that still exists.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 gauchotche

gauchotche
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 20 May 2016 - 01:41 PM

Uninstall these programs:

ESET Online Scanner v3        19/05/2016    

HP Customer Participation Program 14.0    HP    07/05/2015        14.0

IObit Uninstaller    IObit    24/05/2015        4.3.0.122

Reimage Repair    Reimage    19/05/2016        1.8.2.6

 

If you have a problem uninstalling the above, use Download Revo Uninstaller Freeware in Advanced Mode.

 

After doing the above and rebooting, tell about any problem that still exists.

Yes, persists... man I believe I've some sort of new russian stuff very harsh... how can Avast be online all the time and this thing opening popups in all browsers... what next?



#15 buddy215

buddy215

  • Moderator
  • 13,261 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:40 AM

Posted 20 May 2016 - 02:11 PM

Okay...you need to start a new topic.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users