Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I'm infected with Malware; Russian NSFW popups on all browsers. Help!


  • Please log in to reply
9 replies to this topic

#1 skartissue

skartissue

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 19 February 2017 - 05:09 PM

Tried installing some software, turns out it was fake and it started installing a bunch of unwanted programs. I deleted them but I get popups on all browsers and on most webpages that I visit I get a corner advertisement of NSFW porn sites, some ads are in Russian. What steps can I take to remove it? I ran malwarebytes in safemode but the problem persists. I'm using Windows 8.1 and I experience popups on chrome and firefox. Thank you, in advance.


Edited by skartissue, 19 February 2017 - 05:12 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:43 AM

Posted 19 February 2017 - 05:14 PM

Give the programs below a shot at the removing the crapola.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 skartissue

skartissue
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 20 February 2017 - 09:59 AM

The scan took about 8 hours, but it's finally done. Unfortunately, the popups still persist. Here are the results. 

 

adwcleaner scan

 

# AdwCleaner v6.043 - Logfile created 19/02/2017 at 14:31:32
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-13.1 [Server]
# Operating System : Windows 8.1 Pro  (X86)
# Username : Roberto Medina - GATEWAY-PC
# Running from : C:\Users\Roberto Medina\Downloads\AdwCleaner.exe
# Mode: Scan
 
 
 
***** [ Services ] *****
 
No malicious services found.
 
 
***** [ Folders ] *****
 
Folder Found:  C:\Users\Roberto Medina\AppData\Local\WikiThemes
Folder Found:  C:\Users\Roberto Medina\AppData\LocalLow\.acestream
Folder Found:  C:\_acestream_cache_
Folder Found:  C:\Users\Public\Documents\Guid
Folder Found:  C:\Users\Public\Documents\Downloaded Installers
Folder Found:  C:\Windows\system32\sstmp
 
 
***** [ Files ] *****
 
File Found:  C:\Users\Roberto Medina\AppData\Local\uninstallro.exe
File Found:  C:\Users\Roberto Medina\Desktop\Google Search.lnk
File Found:  C:\TOSTACK
File Found:  C:\Users\Roberto Medina\AppData\Roaming\Installer.dat
File Found:  C:\Users\Roberto Medina\AppData\Roaming\Main.dat
File Found:  C:\Users\Roberto Medina\AppData\Roaming\Mozilla\Firefox\Profiles\j1rcn1bz.default\invalidprefs.js
File Found:  C:\Users\Roberto Medina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nhgknfkfipiflalfpihaicjijikenfoj_0.localstorage
 
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
 
***** [ WMI ] *****
 
No malicious keys found.
 
 
***** [ Shortcuts ] *****
 
No infected shortcut found.
 
 
***** [ Scheduled Tasks ] *****
 
No malicious task found.
 
 
***** [ Registry ] *****
 
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowService
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\Classes\AceStream.CDAudio
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\Classes\AceStream.DVDMovie
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\Classes\AceStream.file
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\Classes\AceStream.OPENFolder
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\Classes\AceStream.SVCDMovie
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\Classes\AceStream.VCDMovie
Key Found:  HKCU\Software\Classes\AceStream.CDAudio
Key Found:  HKCU\Software\Classes\AceStream.DVDMovie
Key Found:  HKCU\Software\Classes\AceStream.file
Key Found:  HKCU\Software\Classes\AceStream.OPENFolder
Key Found:  HKCU\Software\Classes\AceStream.SVCDMovie
Key Found:  HKCU\Software\Classes\AceStream.VCDMovie
Key Found:  HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
Key Found:  HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
Key Found:  HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Key Found:  HKU\S-1-5-21-3626504756-622700009-1524617888-1002\Software\AppDataLow\Software\WikiThemes
Key Found:  HKCU\Software\AppDataLow\Software\WikiThemes
Key Found:  HKLM\SOFTWARE\DtsEncodeTools
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Key Found:  HKLM\SOFTWARE\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
Key Found:  HKLM\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
Data Found:  HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWvsniqknnm6GRBDvHungwKYll34KvYKqe
Key Found:  HKCU\Software\Classes\Applications\ace_player.exe
Key Found:  HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Key Found:  HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Key Found:  HKCU\Software\Classes\MIME\Database\Content Type\application/x-acestream-plugin
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Key Found:  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Key Found:  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Key Found:  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Key Found:  HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Key Found:  HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Key Found:  HKCU\SOFTWARE\Classes\MIME\Database\Content Type\application/x-acestream-plugin
Value Found:  HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found:  HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
Value Found:  HKCU\Software\Mozilla\Firefox\Extensions [acewebextension_unlisted@acestream.org]
 
 
***** [ Web browsers ] *****
 
No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\Roberto Medina\AppData\Local\Google\Chrome\User Data\Default\Web data] - aol.com
Chrome pref Found:  [C:\Users\Roberto Medina\AppData\Local\Google\Chrome\User Data\Default\Web data] - ask.com
Chrome pref Found:  [C:\Users\Roberto Medina\AppData\Local\Google\Chrome\User Data\Default\Web data] - feed.sonic-search.com
Chrome pref Found:  [C:\Users\Roberto Medina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - jlcgehabolcakkjhgmgpkagpolbjlhfa
 
*************************
 
C:\AdwCleaner\AdwCleaner[S0].txt - [6772 Bytes] - [19/02/2017 14:31:32]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6845 Bytes] ##########
 
 
 
 
 
 
 
JRT.txt
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 Pro x86 
Ran by Roberto Medina (Administrator) on Sun 02/19/2017 at 14:39:28.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 2 
 
Failed to delete: C:\ai_recyclebin (Folder) 
Successfully deleted: C:\Users\Roberto Medina\AppData\Local\crashrpt (Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/19/2017 at 14:41:28.77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
ESET scan
 
G:\jacheck1\JAcheck.dll a variant of Win32/BotSpeedometer trojan cleaned by deleting
G:\jacheck1\JAcheck.exe a variant of Win32/BotSpeedometer trojan cleaned by deleting
G:\Users\Robbie\AppData\Local\temp\jacheck.rar a variant of Win32/BotSpeedometer trojan deleted
G:\Users\Robbie\Desktop\FFSetup3.0.1.zip a variant of Win32/Hao123.A potentially unwanted application deleted
 
 
 


#4 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:43 AM

Posted 20 February 2017 - 10:30 AM

Rerun AdwCleaner and be sure to check Clean when scan finishes. Post the new log.

 

Please download Zemana AntiMalware and install it

  • Run the application
  • Click "Next" and then Scan
  • When the scan has finished click Next to remove any threats.
  • Click the bars in the top right corner to display the logs, double click your log
  • copy and paste the log into your reply

Edited by buddy215, 20 February 2017 - 10:31 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 skartissue

skartissue
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 20 February 2017 - 12:46 PM

Just to be clear, I did click "clean" after the initial AdwCleaner scan I did yesterday, here are the results of the second scan I did just now, once again I clicked clean as well afterwards

.I'm happy to report that the popups are gone now, after I ran Zemana Antimalware and removed the threats found. Any other steps I should take for further cleaning? Everything seems back to normal.  :bananas:

 

2nd AdwCleaner scan

 

# AdwCleaner v6.043 - Logfile created 20/02/2017 at 09:05:02
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-13.1 [Local]
# Operating System : Windows 8.1 Pro  (X86)
# Username : Roberto Medina - GATEWAY-PC
# Running from : C:\Users\Roberto Medina\Downloads\AdwCleaner.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
 
 
***** [ Files ] *****
 
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
 
 
***** [ Web browsers ] *****
 
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [7249 Bytes] - [19/02/2017 14:33:03]
C:\AdwCleaner\AdwCleaner[C2].txt - [838 Bytes] - [20/02/2017 09:05:02]
C:\AdwCleaner\AdwCleaner[S0].txt - [6924 Bytes] - [19/02/2017 14:31:32]
C:\AdwCleaner\AdwCleaner[S1].txt - [1303 Bytes] - [20/02/2017 09:04:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1056 Bytes] ##########
 
 
 
 
 
Zemana Antimalware scan
 
Zemana AntiMalware 2.72.2.101 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2017/2/20
Operating System       : Windows 8.1 32-bit
Processor              : 2X AMD Athlon™ 64 X2 Dual Core Processor 3800+
BIOS Mode              : Legacy
CUID                   : 12AE01228C1BA7A60AF7F0
Scan Type              : System Scan
Duration               : 27m 4s
Scanned Objects        : 149226
Detected Objects       : 6
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Firefox Search
Status             : Scanned
Object             : Search Module - http://www-searching.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Search
 
Firefox Search
Status             : Scanned
Object             : Search Module - http://api.searchpredict.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Search
 
Hosts File
Status             : Scanned
Object             : %systemroot%\system32\drivers\etc\hosts
MD5                : 1499856AF6C996D2500273A9B0B86ADD
Publisher          : -
Size               : 8453
Version            : -
Detection          : Hosts Hijack
Cleaning Action    : Repair
Related Objects    :
                Hosts file - 92.53.119.169 - google.com
                File - %systemroot%\system32\drivers\etc\hosts
 
AutoPico.exe
Status             : Scanned
Object             : %userprofile%\downloads\usb_backup\kmspico 10.0.2 final + portable\kmspico portable\autopico.exe
MD5                : 24D7F4FA51EB0614A70B9B03AA1F7E16
Publisher          : @ByELDI
Size               : 966288
Version            : 13.0.0.5
Detection          : PUA:Win32/HackTool.IdleKMS 
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\usb_backup\kmspico 10.0.2 final + portable\kmspico portable\autopico.exe
 
KMSpico_setup.exe
Status             : Scanned
Object             : %userprofile%\downloads\usb_backup\kmspico 10.0.2 final + portable\kmspico install\kmspico_setup.exe
MD5                : AD2D39C57A43C5DE42F3C630F1EA1A76
Publisher          : @ByELDI
Size               : 2951048
Version            : 10.0.2.0
Detection          : PUA:Win32/HackTool.IdleKMS 
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\usb_backup\kmspico 10.0.2 final + portable\kmspico install\kmspico_setup.exe
 
SlimCleaner-setup.exe
Status             : Scanned
Object             : %userprofile%\downloads\slimcleaner-setup.exe
MD5                : 80C6023214D7B9B9F51C17BC9404FB97
Publisher          : Slimware Utilities, Inc.
Size               : 801088
Version            : 1.3.0.0
Detection          : Scareware:Win32/FakeOptimizer!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\slimcleaner-setup.exe
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 6
Reported as safe      : 0
Failed                : 0
 


#6 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:43 AM

Posted 20 February 2017 - 01:00 PM

Last scan...

  • Please download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 skartissue

skartissue
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 20 February 2017 - 01:18 PM

Here it is:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 20.02.2017 10:15:13
Path starting: C:\Users\Roberto Medina\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Roberto Medina
VersionXML: 3.93is-18.02.2017
___________________________________________________________________________
 
Windows 8.1(6.3.9600) (x86) Professional Lang: English(0409)
Installation date OS: 03.08.2015 03:43:43
LicenseStatus: Windows®, Professional edition Unlicensed
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [288.1 Gb] Used: [271.8 Gb] Free: [16.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18538
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2017-02-19 22:47:24
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
Account guest is enabled. Not require a password.
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
Disabled the public profile of Windows Firewall
Disabled the standard profile for Windows Firewall
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
HitmanPro 3.7 v.3.7.15.281
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.72.101
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 15.05 beta
Microsoft Silverlight v.5.1.50901.0
--------------------------------- [ P2P ] ---------------------------------
qBittorrent 3.3.7 v.3.3.7 Warning! P2P-client.
µTorrent v.3.4.9.43085 Warning! P2P-client.
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 121 v.8.0.1210.13
Java SE Development Kit 8 Update 101 v.8.0.1010.13 Warning! Download Update
Uninstall old version and install new one (jdk-8u121-windows-i586.exe).
------------------------------- [ Browser ] -------------------------------
Google Chrome v.56.0.2924.87
Mozilla Firefox 48.0.2 (x86 en-US) v.48.0.2 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files\Google\Chrome\Application\chrome.exe v.56.0.2924.87
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\Program Files\Windows Defender\MsMpEng.exe v.4.8.207.0
C:\Program Files\Windows Defender\MpCmdRun.exe v.4.8.207.0
C:\Program Files\Windows Defender\NisSrv.exe v.4.8.207.0
Windows Defender Service (WinDefend) - The service is running
Windows Defender Network Inspection Service (WdNisSvc) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files\Zemana AntiMalware\ZAM.exe v.2.72.0.101
----------------------------- [ End of Log ] ------------------------------


#8 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:43 AM

Posted 20 February 2017 - 01:35 PM

You can uninstall Eset and Zemana.

 

To uninstall AdwCleaner...open and click on Uninstall

To uninstall Junkware Removal Tool...right click on it and choose delete

 

Those two P2P programs should not be used to download free stuff. More than half of those free downloads will contain malware.

 

Update or uninstall Firefox...your choice

 

Happy surfin'.....


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 skartissue

skartissue
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:43 PM

Posted 20 February 2017 - 01:38 PM

Awesome, thanks again! You're doing the work of the gods. Rock on!  :warrior:  :bananas:  :bounce:



#10 buddy215

buddy215

  • Moderator
  • 13,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:43 AM

Posted 22 February 2017 - 06:01 AM

You're welcome...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users