Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Urgent firefox update please help


  • Please log in to reply
42 replies to this topic

#1 zooter

zooter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 03:29 PM

I think Ive been infected with something.

heres a screenshot of what popped uphttps://content.screencast.com/users/solweb/folders/Jing/media/19dcdb1a-b2d5-4afb-954e-a31aa5b44e07/2017-04-29_1325.png

Ive run Malwarebytes and TDSSKiller but those didnt find anything

 

Ive noticed everytime I open firefox, it seems to download something or do something weird


Edited by zooter, 29 April 2017 - 03:44 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 PM

Posted 29 April 2017 - 04:07 PM

You are doing the right thing not falling for that.

 

See if the programs below can fix it.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 04:34 PM

Ok I ran the ccleaner and the adwcleaner

 

the adwcleaner found 19 threats

here is the contents of the log file

 

# AdwCleaner v5.032 - Logfile created 31/01/2016 at 10:36:17
# Updated 31/01/2016 by Xplode
# Database : 2016-01-31.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : MandM - Z
# Running from : C:\Users\MandM\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : CouponPrinterService
Service Found : YahooAUService

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\Coupons
Folder Found : C:\Program Files (x86)\DriverToolkit
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Folder Found : C:\Users\MandM\AppData\Local\DriverToolkit
Folder Found : C:\Users\MandM\AppData\Local\YSearchUtil
Folder Found : C:\Users\MandM\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Found : C:\Users\MandM\AppData\LocalLow\Yahoo!\Companion
Folder Found : C:\Users\MandM\Desktop\Coupons
Folder Found : C:\Users\MandM\Documents\Coupons
Folder Found : C:\windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Files ] *****

File Found : C:\Users\MandM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ippkomaaonokjnfjoikaemidanojkfmm_0.localstorage

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Found : HKCU\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKCU\Software\Yahoo\YFriendsBar
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\Yahoo\Companion
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\firstsearch
Key Found : HKLM\SOFTWARE\Yahoo\Companion
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : HKU\S-1-5-21-3993427723-2147256850-2466095620-1000\Software\Conduit
Key Found : HKU\S-1-5-21-3993427723-2147256850-2466095620-1000\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-3993427723-2147256850-2466095620-1000\Software\Yahoo\YFriendsBar
Key Found : HKU\S-1-5-21-3993427723-2147256850-2466095620-1000\Software\AppDataLow\Software\Freecause
Key Found : HKU\S-1-5-21-3993427723-2147256850-2466095620-1000\Software\AppDataLow\Software\Yahoo\Companion

***** [ Web browsers ] *****

[C:\Users\MandM\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=2BA737AA-3871-40A1-B6F9-75520B02C5CF&apn_ptnrs=TV&apn_sauid=AF80FD28-1FA0-4333-B71A-4B00572AE6FE&apn_dtid=OSJ000YYUS&q={searchTerms}
[C:\Users\MandM\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : aaaaojmikegpiepcfdkkjaplodkpfmlo
[C:\Users\MandM\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : jbolfgndggfhhpbnkgnpjkfhinclbigj
[C:\Users\MandM\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : niapdbllcanepiiimjjndipklodoedlc

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4137 bytes] ##########

 

doing the JRT next



#4 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 04:40 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.3 (04.10.2017)
Operating System: Windows 7 Home Premium x64
Ran by MandM (Administrator) on Sat 04/29/2017 at 14:35:43.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 43

Failed to delete: C:\Program Files (x86)\GUT6345.tmp (File)
Successfully deleted: C:\ProgramData\esellerate (Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{3903FCBD-A73D-4163-B7B5-F0DCCCBDF1FE} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{3F1DC715-EE89-4B9E-AA79-B68D45F2B9BC} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{4E28452A-525D-43E8-802F-9EC024301585} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{5599E784-98DD-40D9-AD6E-13E3C24B499C} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{5DD7E21B-D186-4889-91DA-893576CB9D02} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{95C22D36-C919-4E6F-96FE-AFC6CD921A1C} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{988B08A9-F2D7-4D41-B29C-92A3D14E8377} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{C7A09379-E5CA-43D0-A755-E1FEFBE7E83B} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{C944C3CE-677B-48FA-BAEB-6FD34A069300} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{EED65BC5-0386-45CA-A3BB-571734BAC102} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{F70806EC-5FD9-48CD-99C4-A75799EE476C} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{F8192250-DAD2-49CB-AFA3-E21CE0018974} (Empty Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\{F93CCA07-1BCF-4F2C-8AA4-E45710836A58} (Empty Folder)
Successfully deleted: C:\windows\couponprinter.ocx (File)
Successfully deleted: C:\windows\system32\Tasks\PCDEventLauncherTask (Task)
Successfully deleted: C:\windows\system32\Tasks\PCDoctorBackgroundMonitorTask-Retry (Task)
Successfully deleted: C:\windows\system32\Tasks\PCDoctorBackgroundMonitorTask (Task)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0T586DMI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\158B1BJN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20JZ9HNC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PDH66QK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FBE09R1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIETEUNI (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FK2XMCHU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQMLNCJY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FRSU5YKN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MBHJSX1F (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJZC28VB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\MandM\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXDZJ400 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0T586DMI (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\158B1BJN (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20JZ9HNC (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PDH66QK (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FBE09R1 (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BIETEUNI (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FK2XMCHU (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQMLNCJY (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FRSU5YKN (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MBHJSX1F (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NJZC28VB (Temporary Internet Files Folder)
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WXDZJ400 (Temporary Internet Files Folder)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_7FB0D04CDD9B7EB11BE01B4134E9E136 (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 04/29/2017 at 14:39:30.55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 buddy215

buddy215

  • Moderator
  • 13,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 PM

Posted 29 April 2017 - 04:52 PM

May not of got rid of the Firefox popup but definitely got rid of some other crapola/ adware.

 

After running the Eset Scan and rebooting the computer....let me know if the Firefox popup is still occurring.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 04:58 PM

Ran the ESET but no log was created



#7 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 05:01 PM

Ran the ESET but no log was created

scratch that, running it again, threats found



#8 buddy215

buddy215

  • Moderator
  • 13,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 PM

Posted 29 April 2017 - 05:25 PM

Lot of junk removed from Google Chrome but nothing directly from Firefox. Is the popup still appearing in Firefox?

 

EDIT: Okay...just saw you are rerunning Eset...I thought that was a bit too fast. Eset usually takes more than hour.


Edited by buddy215, 29 April 2017 - 05:26 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 05:30 PM

Right, I thought it shoulve been longer. Not sure what it did the first time



#10 buddy215

buddy215

  • Moderator
  • 13,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 PM

Posted 29 April 2017 - 07:33 PM

I've looked around some and it is possible that popup can be blocked by an ad blocker such as Adblock Plus.

Adblock Plus :: Add-ons for Firefox   Adblock Plus - Chrome Web Store

Once you have installed it click on the ABP icon at the top of the Browser and choose Filter Preferences. Then UNcheck the box

next to Allow some non-intrusive advertisements.

 

Block the ad/ tracking third party cookies from installing. Once they are blocked....run CCleaner again to remove the existing ones.

How to disable third-party cookies in all major web browsers

 

  • Please download Security Check by glax24 and save the file to the Desktop
  • Run the tool by accepting all the Security prompts
  • when complete the tool will produce a log file C:\SecurityCheck\SecurityCheck.txt and also copy the contents to the Clipboard
  • Simply Paste the log to your reply

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 08:19 PM

Hi thanks

I did the blocking of the third party cookies and UNcheck the box

next to Allow some non-intrusive advertisements.

 

I will re-rerun the ccleaner after the ESET is done and do the security check after that


Edited by zooter, 29 April 2017 - 08:30 PM.


#12 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 10:59 PM

here is the results from the ESET

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Coupons\uninstall.exe.vir    a variant of Win32/Adware.Coupons.AA application    cleaned by deleting
C:\CAPITALIQ\Training\02 Software\essetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted
C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll    a variant of Win32/Adware.Coupons.AA application    cleaned by deleting
C:\Program Files (x86)\Safari\Plugins\npMozCouponPrinter.dll    a variant of Win32/Adware.Coupons.AA application    cleaned by deleting
C:\Users\MandM\AppData\Local\Google\Chrome\Application\Plugins\npMozCouponPrinter.dll    a variant of Win32/Adware.Coupons.AA application    cleaned by deleting
C:\Users\MandM\Documents\essetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted
C:\Users\MandM\Downloads\couponprinter.exe    a variant of Win32/Adware.Coupons.AA application    cleaned by deleting
 



#13 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 29 April 2017 - 11:05 PM

SecurityCheck by glax24 & Severnyj v.1.4.0.49 [15.04.17]
WebSite: www.safezone.cc
DateLog: 29.04.2017 21:02:05
Path starting: C:\Users\MandM\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: MandM
VersionXML: 4.14is-23.04.2017
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 02.05.2012 01:33:34
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [916.8 Gb] Used: [222.6 Gb] Free: [694.2 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18638
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2017-04-12 21:58:40
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.6612.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Microsoft Security Essentials (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Microsoft Security Essentials (disabled and up to date)
Windows Defender (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Microsoft Security Essentials v.4.10.209.0
ESET Online Scanner v3
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Spybot - Search & Destroy v.1.6.2
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50906.0
FileZilla Client 3.7.3 v.3.7.3 Warning! Download Update
Picasa 3 v.3.9 Warning! This software is no longer supported.
WinRAR 4.11 (32-bit) v.4.11.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.28 v.7.28.101 Warning! Download Update
^Optional update.^
-------------------------------- [ Java ] ---------------------------------
JavaFX 2.1.1 v.2.1.1 Warning! This software is no longer supported. Please uninstall it and use Java SE 8 (jre-8u131-windows-i586.exe).
Java 8 Update 101 v.8.0.1010.13 Warning! Download Update
Uninstall old version and install new one (jre-8u131-windows-i586.exe).
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.5.4.42 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime 7 v.7.79.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.3.8.0.1430 Warning! Download Update
Adobe Flash Player 21 ActiveX v.21.0.0.242 Warning! Download Update
Adobe Flash Player 23 NPAPI v.23.0.0.207 Warning! Download Update
Adobe Acrobat Reader DC v.15.023.20053 Warning! Download Update
^Please run Acrobat Reader DC and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.58.0.3029.81
Mozilla Firefox 52.0 (x86 en-US) v.52.0 Warning! Download Update
Safari v.5.34.57.2 Warning! This software is no longer supported.
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.16.4.3528.0331 Warning! This software is no longer supported.
------------------ [ AntivirusFirewallProcessServices ] -------------------
Microsoft Antimalware Service (MsMpSvc) - The service is running
C:\Program Files\Microsoft Security Client\MsMpEng.exe v.4.10.209.0
c:\program files\windows defender\MpCmdRun.exe v.6.1.7600.16385
C:\Program Files\Microsoft Security Client\msseces.exe v.4.10.209.0
Microsoft Network Inspection (NisSrv) - The service is running
C:\Program Files\Microsoft Security Client\NisSrv.exe v.4.10.209.0
Windows Defender (WinDefend) - The service is running
---------------------------- [ UnwantedApps ] -----------------------------
Coupon Printer for Windows v.5.0.1.4 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
WildTangent Games v.1.0.2.5 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
FATE v.2.2.0.95 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Jewel Quest Solitaire 2 v.2.2.0.95 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
Update Installer for WildTangent Games App << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
WildTangent Games App (Dell Games) v.4.0.5.2 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 



#14 buddy215

buddy215

  • Moderator
  • 13,195 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 PM

Posted 30 April 2017 - 03:01 AM

Uninstall these programs: Use Download Revo Uninstaller Freeware

JavaFX 2.1.1 v.2.1.1
Java 8 Update 101 v.8.0.1010.13

QuickTime 7 v.7.79.80.95

Adobe AIR v.3.8.0.1430

Adobe Flash Player 21 ActiveX v.21.0.0.242

Adobe Flash Player 23 NPAPI v.23.0.0.207 (Adobe Flash Player Download)

Safari v.5.34.57.2

Coupon Printer for Windows v.5.0.1.4

WildTangent Games v.1.0.2.5

FATE v.2.2.0.95

Jewel Quest Solitaire 2 v.2.2.0.95

Update Installer for WildTangent Games App

WildTangent Games App (Dell Games) v.4.0.5.2

 

Update Firefox, Adobe Acrobat Reader

 

You can unhide files in Windows 7:

  1. Select the Start button, then select Control Panel > Appearance and Personalization.
  2. Select Folder Options, then select the View tab.
  3. Under Advanced settings, select Show hidden files, folders, and drives, and then select OK.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 zooter

zooter
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:27 PM

Posted 30 April 2017 - 02:00 PM

Ok removed all those programs and updated firefox






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users