Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?


  • Please log in to reply
10 replies to this topic

#1 jamdiel

jamdiel

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 02 September 2016 - 06:20 PM

Hello,

 

I hope I'm posting this in the right place, but I was just wondering what I could do to check if my laptop was infected. I read online that booting into safemode, and running a malwarebytes scan, a roguekiller scan, and adwcleaner would possibly do the trick. Would this be sufficient to see if I have any malware/rootkits/etc on my device? 

 

Any help is much appreciated. 



BC AdBot (Login to Remove)

 


#2 YaMoonSun

YaMoonSun

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:57 PM

Posted 02 September 2016 - 06:24 PM

Safemode (With Networking) and Malwarebytes custom scan is generally suffecient enough for me in most cases. Then removal of bloat-ware from the start-up using msconfig. Careful when using it though. You can do some serious damage if you disable microsoft services, so it's best to hide those.



#3 jamdiel

jamdiel
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 02 September 2016 - 06:43 PM

Thank you very much for your reply.

Is it necessary to run safemode with networking, or will safemode alone suffice? I will be doing this all in few hours from now, because it's 2:42 am here and I'd rather do this when I'm not so tired 😂

#4 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:57 PM

Posted 02 September 2016 - 06:53 PM

jamdiel...Welcome to BC..

 

Are you experiencing any symptoms of adware or malware such as excessive ads, search redirects or excessive use of computer resources?

 

You can use the programs below to clean and to find and remove both adware and malware. No need to boot into safe mode unless you are unable

to download and run the programs.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

Edited by buddy215, 02 September 2016 - 06:53 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 jamdiel

jamdiel
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 03 September 2016 - 03:34 AM

Thank you ever so much for your kind reply and welcome.

 

While not necessarily experiencing any of the symptoms you listed, I'm definitely not very cautious with the way I use my laptop, so I have been feeling quite paranoid.

 

I will get to work on downloading, installing, and running your recommended scans, and getting back to you with the logs.

 

Thanks again.


Edited by jamdiel, 03 September 2016 - 03:36 AM.


#6 jamdiel

jamdiel
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 03 September 2016 - 01:28 PM

Hello again.

 

So I have the results from most scans, except from ESET (which I seemingly ran twice), and I guess that must be because no threats were found? Also, when I turned avira free antivirus off before running JRT, Windows Defender turned on, and found a few "threats," which I think were false positives: Win32/Bagsu!rfn and Win32/Obfuscator.XZ.

 

The Malwarebytes log: 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 03/09/2016
Scan Time: 11:43 AM
Logfile: malwarebytes log.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.09.03.03
Rootkit Database: v2016.08.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 10
CPU: x64
File System: NTFS
User: wel come
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 492054
Time Elapsed: 2 hr, 14 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Adwcleaner produced 2 logs I think?
 
# AdwCleaner v6.010 - Logfile created 03/09/2016 at 14:41:32
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-09-03.1 [Server]
# Operating System : Windows 10 Home Single Language  (X64)
# Username : wel come - MSI
# Running from : C:\Users\wel come\Desktop\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
Folder Found:  C:\Program Files (x86)\Cain
 
 
***** [ Files ] *****
 
No malicious files found.
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\cain
Key Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\cain
Key Found:  HKCU\Software\cain
Data Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=ar
Data Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?so
Data Found:  HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?sour
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxps://safesearch.avira.com/#web/result?source=art&q=
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - sunset.en.softonic.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - cain-abel.en.softonic.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - hijackthis.en.softonic.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - backup-extractor-for-iphone-ipad-ipod-touch.en.softonic.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - wondershare-data-recovery-for-iphone.en.softonic.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - wifi-hotspot-scanner.en.softonic.com
Chrome pref Found:  [C:\Users\wel come\AppData\Local\Google\Chrome\User Data\Default\Web data] - slender.en.softonic.com
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [4591 Bytes] - [03/09/2016 14:41:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4664 Bytes] ##########
 
 
The second log:
 
# AdwCleaner v6.010 - Logfile created 03/09/2016 at 14:42:21
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-09-03.1 [Server]
# Operating System : Windows 10 Home Single Language  (X64)
# Username : wel come - MSI
# Running from : C:\Users\wel come\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
[-] Folder deleted: C:\Program Files (x86)\Cain
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key deleted: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\cain
[-] Key deleted: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\cain
[#] Key deleted on reboot: HKCU\Software\cain
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data restored: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data restored: HKU\S-1-5-21-3108945306-1869587830-1743389824-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
 
 
***** [ Web browsers ] *****
 
[-] [aol.com] [Search Provider] Deleted: aol.com
[-] [ask.com] [Search Provider] Deleted: ask.com
[-] [sunset.en.softonic.com] [Search Provider] Deleted: sunset.en.softonic.com
[-] [cain-abel.en.softonic.com] [Search Provider] Deleted: cain-abel.en.softonic.com
[-] [hijackthis.en.softonic.com] [Search Provider] Deleted: hijackthis.en.softonic.com
[-] [backup-extractor-for-iphone-ipad-ipod-touch.en.softonic.com] [Search Provider] Deleted: backup-extractor-for-iphone-ipad-ipod-touch.en.softonic.com
[-] [wondershare-data-recovery-for-iphone.en.softonic.com] [Search Provider] Deleted: wondershare-data-recovery-for-iphone.en.softonic.com
[-] [wifi-hotspot-scanner.en.softonic.com] [Search Provider] Deleted: wifi-hotspot-scanner.en.softonic.com
[-] [slender.en.softonic.com] [Search Provider] Deleted: slender.en.softonic.com
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [3559 Bytes] - [03/09/2016 14:42:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [4759 Bytes] - [03/09/2016 14:41:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3705 Bytes] ##########
 

 

And finaly, the JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home Single Language x64 
Ran by wel come (Administrator) on 03/09/2016 at 14:49:41.71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 8 
 
Successfully deleted: C:\ProgramData\1442050099.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1442050235.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\1442050450.bdinstall.bin (File) 
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\wel come\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\wel come\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (wel come) (Task)
 
 
 
Registry: 1 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8976B11E-4FA5-47BD-B56F-83265C655265} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03/09/2016 at 14:51:57.66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:57 PM

Posted 03 September 2016 - 02:20 PM

Okay....these items....safesearch.avira.com....may show up in your browsers as extensions. Check that and delete or disable if unable to delete. It's Avira's adware.

 

I see IObit in the logs. Check in your list of installed programs and UNinstall ALL IObit programs.

 

  • Please download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 jamdiel

jamdiel
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 03 September 2016 - 03:41 PM

Yeah I checked and found Avira browser safety extension on chrome (only browser I use). As for IObit, I remember uninstalling a while back, and couldn't find any trace of it now.

 

As for the Security Check log:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.44 [17.08.16]
WebSite: www.safezone.cc
DateLog: 03.09.2016 23:37:46
Path starting: C:\Users\wel come\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: wel come
VersionXML: 3.37is-27.08.2016
___________________________________________________________________________
 
Windows 10(6.3.14393) (x64) CoreSingleLanguage Lang: English(0409)
Installation date OS: 19.08.2016 18:12:02
LicenseStatus: Windows®, CoreSingleLanguage edition The machine is permanently activated.
LicenseStatus: Office 15, OfficeProPlusVL_KMS_Client edition Initial grace period ends :21455 minutes
Boot Mode: Normal
Default Browser: Microsoft Edge (C:\WINDOWS\system32\LaunchWinApp.exe)
SystemDrive: C: FS: [NTFS] Capacity: [558.4 Gb] Used: [394.9 Gb] Free: [163.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.103.14393.0 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Notify of download and installation
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2013 x64 v.15.0.4569.1506
---------------------------- [ Antivirus_WMI ] ----------------------------
Avira Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Avira Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avira Antivirus v.15.0.19.164
ESET Online Scanner v3
Norton Anti-Theft v.1.10.0.9
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.2.2.1 Warning! Download Update
WinRAR 5.21 (64-bit) v.5.21.0 Warning! Download Update
--------------------------------- [ P2P ] ---------------------------------
BitTorrent v.7.9.8.42450 Warning! P2P-client.
µTorrent v.3.4.4.40911 Warning! P2P-client.
Deluge 1.3.13 Warning! P2P-client.
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.3.0.44 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour Service (Bonjour Service) - The service is running
------------------------------- [ Browser ] -------------------------------
Google Chrome v.52.0.2743.116
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.52.0.2743.116
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avira Scheduler (AntiVirSchedulerService) - The service is running
C:\Program Files (x86)\Avira\Antivirus\sched.exe v.15.0.19.163
Avira Real-Time Protection (AntiVirService) - The service is running
C:\Program Files (x86)\Avira\Antivirus\avguard.exe v.15.0.19.163
Avira Mail Protection (AntiVirMailService) - The service has stopped
Avira Web Protection (AntiVirWebService) - The service has stopped
Avira Service Host (Avira.ServiceHost) - The service is running
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe v.1.2.69.16114
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe v.1.2.69.16114
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe v.15.0.19.164
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe v.15.0.19.163
Malwarebytes Anti-Exploit Service (MbaeSvc) - The service is running
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe v.1.8.1.2572
C:\Program Files\Windows Defender\MsMpEng.exe v.4.10.14393.0
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.10.14393.0
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
----------------------------- [ End of Log ] ------------------------------


#9 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:57 PM

Posted 03 September 2016 - 03:55 PM

BitTorrent v.7.9.8.42450 Warning! P2P-client.
µTorrent v.3.4.4.40911 Warning! P2P-client.
Deluge 1.3.13 Warning! P2P-client.
 
I may not need to warn you but I will....Using P2Ps for downloading free stuff like pirated movies, music and programs are a sure way to get
infected by some really nasty stuff...may be illegal, too. Suggest you UNinstall those if that is what they are only used for. Especially uTorrent and Deluge.
 
Other than that...you are good to go.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 jamdiel

jamdiel
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:57 AM

Posted 03 September 2016 - 04:05 PM

Got it, will definitely stay away from that.

 

Thank youu, honestly amazing how professional this forum is.



#11 buddy215

buddy215

  • Moderator
  • 13,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:09:57 PM

Posted 03 September 2016 - 04:30 PM

You're welcome...thanks for the compliment...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users