Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[HELP] My browser opens spam sites itself


  • Please log in to reply
18 replies to this topic

#1 suhadiyono94

suhadiyono94

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 25 December 2016 - 09:55 AM

Okay, because I open some shady sites, looks like I got some virus (or malware?) in my computer (Windows 7 64-bit with Avast antivirus).

 

In a few minutes, my browser (Chrome) will open a certain site: takeofftv.su/awesomem, and then continuously open other spam sites like dating sites etc.

 

I tried reset my browser, cleaning with Ccleaner, reinstall the browser, still no good.

 

So for the time being I use Block Site extension in chrome to redirect the first link to google.com. It's not much but at least it stopped the continuous spam site opening.

 

I find this site and I try the Adw Cleaner as instructed (I put the log below the lines) and still no good.

 

Any kinds of suggestions will be appreciated, thanks!

 

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

# AdwCleaner v6.041 - Logfile created 25/12/2016 at 21:17:23
# Updated on 16/12/2016 by Malwarebytes
# Database : 2016-12-23.1 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Bintang - BINTANG-PC
# Running from : C:\Users\Bintang\Desktop\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\Users\Bintang\AppData\Local\Mail.Ru
[-] Folder deleted: C:\ProgramData\Mail.Ru
[-] Folder deleted: C:\ProgramData\lavasoft\web companion
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Mail.Ru
[#] Folder deleted on reboot: C:\ProgramData\Application Data\lavasoft\web companion
[-] Folder deleted: C:\Program Files (x86)\Mail.Ru
 
 
***** [ Files ] *****
 
[-] File deleted: C:\Users\Bintang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
[!] Shortcut not deleted: C:\Users\Bintang\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKU\S-1-5-21-3275571968-981144410-259169743-1000\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-3275571968-981144410-259169743-1000\Software\Mail.Ru
[-] Key deleted: HKU\S-1-5-21-3275571968-981144410-259169743-1000\Software\AppDataLow\Software\Mail.Ru
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\Mail.Ru
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Key deleted: HKLM\SOFTWARE\Mail.Ru
[-] Key deleted: HKLM\SOFTWARE\Lavasoft\Web Companion
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\Mail.Ru
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Key deleted: HKU\S-1-5-21-3275571968-981144410-259169743-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-468
[-] Key deleted: HKU\S-1-5-21-3275571968-981144410-259169743-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-468
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-468
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-468
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\ojlcebdkbpjdpiligkdbbkdkfjmchbfd
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\ccfifbojenkenpkmnbnndeadpfdiffof
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Bintang\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxps://id.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_gmmedply_16_05&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Did%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtByDtDyDyCyD0CtAtCyCyEtCyBtC0AtN0D0Tzu0StCyEzytBtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StBzz0CyCyDzy0CtDtGtB0DyCyEtG0B0FzytAtGyCtAyBzztGzzzyyDzytAtB0F0DtCyC0CtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Bzy0C0E0B0C0DtAtGzzyByDyEtGyEyD0AyEtGzz0CzzzztGyEtD0EyCyCtB0DtCzyyBtBtB2QtN0A0LzuyE%26cr%3D1482514649%26a%3Dwncy_gmmedply_16_05%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
[-] [C:\Users\Bintang\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://mail.ru/cnt/10445?gp=818410
[-] [C:\Users\Bintang\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: ccfifbojenkenpkmnbnndeadpfdiffof
[-] [C:\Users\Bintang\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: oelpkepjlgmehajehfeicfbjdiobdkfj
[-] [C:\Users\Bintang\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: ojlcebdkbpjdpiligkdbbkdkfjmchbfd
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [4544 Bytes] - [25/12/2016 21:17:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [4362 Bytes] - [25/12/2016 20:54:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4690 Bytes] ##########
 


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:10 AM

Posted 25 December 2016 - 12:09 PM

Welcome to BC...(where in the world are you? )

 

Use the programs below to remove malware and remove adware.

 

  • download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 25 December 2016 - 01:03 PM

Thanks! appreciate the suggestions.
I'm from Indonesia btw.
Should I post three logs one at a time or all of them after I do them all?

#4 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:10 AM

Posted 25 December 2016 - 02:05 PM

Whichever is the easiest for you...


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 26 December 2016 - 07:31 AM

I'm using Malwarebytes, how's this?

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 12/26/16
Scan Time: 5:47 PM
Logfile: malwarebytes_report.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.5.1299
Components Version: 1.0.43
Update Package Version: 1.0.735
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Bintang-PC\Bintang
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 344672
Time Elapsed: 4 min, 1 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 1
RiskWare.CoinMiner, C:\USERS\BINTANG\APPDATA\ROAMING\MACROMEDIA\REALTEK HD\RTHDCPL.EXE, Quarantined, [10215], [114692],1.0.735
 
Module: 1
RiskWare.CoinMiner, C:\USERS\BINTANG\APPDATA\ROAMING\MACROMEDIA\REALTEK HD\RTHDCPL.EXE, Quarantined, [10215], [114692],1.0.735
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 1
RiskWare.CoinMiner, C:\USERS\BINTANG\APPDATA\ROAMING\MACROMEDIA\REALTEK HD\RTHDCPL.EXE, Quarantined, [10215], [114692],1.0.735
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)


#6 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:10 AM

Posted 26 December 2016 - 07:55 AM

What MBAM found and removed is often the result of having uTorrent on the computer. If you have uTorrent installed...uninstall it.

 

Two scans to go....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 26 December 2016 - 08:41 AM

Okay, let me try it.

 

So if I uninstall utorrent, the problem solved?

Sorry, I don't see any connection with the problem. Can you elaborate?



#8 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:10 AM

Posted 26 December 2016 - 08:53 AM

That will solve only one problem and future problems. Using uTorrent and similar p2ps to download free, pirated, stolen software, movies and music is high risk.

More than half of all such downloads will contain malware. That is proven.

 

Please continue with the other two scans and post their results.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 26 December 2016 - 08:59 AM

Okay here's the second scan, third one coming up

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Ultimate x64 
Ran by Bintang (Administrator) on Mon 12/26/2016 at 20:44:26.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 17 
 
Successfully deleted: C:\Users\Bintang\AppData\Roaming\dll-files.com (Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5W0ZSDZ0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TPUCNS4F (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRO0E6IC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Bintang\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1XB8961 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5W0ZSDZ0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TPUCNS4F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VRO0E6IC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z1XB8961 (Temporary Internet Files Folder) 
 
 
 
Registry: 2 
 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/26/2016 at 20:47:36.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#10 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 26 December 2016 - 09:00 PM

Okay, I've done the third scan, there are 2 threats founded and cleaned but no log comes out. I'm gonna try it again.



#11 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 27 December 2016 - 01:46 AM

Okay still same outcome.

No log comes out. no 'List Threat' button anywhere. Just the 'Finish' button. 

This time no threat found.

 

How's that?



#12 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:10 AM

Posted 27 December 2016 - 05:27 AM

Last scan....

 

  • download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 27 December 2016 - 06:08 AM

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 27.12.2016 18:06:15
Path starting: C:\Users\Bintang\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Bintang
VersionXML: 3.67is-25.12.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: English(0409)
Installation date OS: 01.02.2016 06:17:19
LicenseStatus: Windows® 7, Ultimate edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [186.2 Gb] Used: [77.7 Gb] Free: [108.5 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 8.0.7601.17514 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control disabled
The elevation prompt for administrators disabled
^It is recommended to enable: Win+R typing UserAccountControlSettings and Enter^
Notify before download
Date install updates: 2016-12-25 10:15:25
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x64 v.14.0.4734.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
Malwarebytes (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Malwarebytes (disabled and up to date)
Windows Defender (disabled and out of date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.12.3.2280
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 4.11 (64-bit) v.4.11.0 Warning! Download Update
Picasa 3 v.3.9.141.259 Warning! This software is no longer supported.
VLC media player v.2.2.3 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 101 v.8.0.1010.13 Warning! Download Update
Uninstall old version and install new one (jre-8u112-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.3.1.0.4880 Warning! Download Update
Adobe Flash Player 24 NPAPI v.24.0.0.186
Adobe Reader X (10.1.2) v.10.1.2 Warning! This software is no longer supported. Please uninstall it and use Adobe Reader XI or Adobe Acrobat Reader DC.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.55.0.2883.87
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.55.0.2883.87
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.12.3.3154.0
C:\Program Files\AVAST Software\Avast\avastui.exe v.12.3.3154.23
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.1.0.388
Windows Defender (WinDefend) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player v.5.3.5f1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------


#14 buddy215

buddy215

  • Moderator
  • 13,096 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:10:10 AM

Posted 27 December 2016 - 06:24 AM

If you only use Adobe Reader to read pdf files I suggest you uninstall it. Install a more secure and free pdf reader such as Free PDF Reader - Sumatra PDF

You probably don't need Adobe Air...uninstall.

 

Most users don't need Java. If you don't need it....uninstall it. If you do need it be sure to uninstall the old version and install the latest.

 

Attention: Unity Web Player v.5.3.5f1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.

 

After doing the above and rebooting...is the computer performing up to par?


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 suhadiyono94

suhadiyono94
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:10 PM

Posted 27 December 2016 - 09:04 AM

I just uninstalled your suggested programs and the performance is fine as always. But the spam site still opens itself, how's that?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users