Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Filestore72.info Browser Hijack Concern


  • Please log in to reply
7 replies to this topic

#1 Bto125

Bto125

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 18 July 2017 - 10:15 AM

Hello,

 

I recently came about this problem after searching for a forum I regularly visit. I googled searched this forum and clicked on the link to access this website and was redirected to another website - Filestore72.info.

 

At first I found this to be extremely odd considering I have visited this website for many years and this being the first occassion this has ever happened.

 

I attempted to leave this website by closing the tab on my firefox browser but I believe I may of accidently clicked on something on the website which triggered a popup to appear. From what I remember I believe the popup was still loading (since it was still a blank white screen popup). In response I instantly closed the popup window. Filestore72.info reappeared once again after visiting the forum again the next day.

 

This immedialetly grabbed my attention and I google searched filestore72.info. The google search unveiled results with many concerning words such as virus/trojans/spyware/malware etc and this has me very worried.

 

My computer is windows 8.1 and I scanned with malwarebyte and Norton Internet security,the results for both came back with 0 threats.

 

I'm not computer savvy at all and I'm unsure whether or not I am infection free. Any help or advice for my concern would be much appreaciated,

 

Bto125

 

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:26 AM

Posted 18 July 2017 - 01:57 PM

Hello Bto, what is your browser?

Do these next.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Bto125

Bto125
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 18 July 2017 - 06:25 PM

Hi boopme,

 

I use Firefox as my web browser.

 

Minitoolbox results log

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by xxxxxx (administrator) on 18-07-2017 at 20:35:21
Running from "C:\Users\xxxxxx\Downloads"
Microsoft Windows 8.1  (X64)
Model: 20238 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    100sexlinks.com
127.0.0.1    10sek.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    1-2005-search.com
127.0.0.1    123fporn.info
127.0.0.1    www.123fporn.info
127.0.0.1    123haustiereundmehr.com
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com

There are 15462 entries.

========================= IP Configuration: ================================

Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Lenovo-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 40-F0-2F-40-AE-94
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 12-F0-2F-40-7B-72
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : 40-F0-2F-40-7B-72
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d93:96f9:ff77:2662%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.10(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 18 July 2017 15:08:00
   Lease Expires . . . . . . . . . . : 19 July 2017 20:24:25
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 71364655
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-2A-D3-33-20-1A-06-3A-DD-3B
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : SWDL.WDS
   Description . . . . . . . . . . . : Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 20-1A-06-3A-DD-3B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  2a00:1450:4009:807::200e
      216.58.212.110


Pinging google.com [216.58.212.110] with 32 bytes of data:
Reply from 216.58.212.110: bytes=32 time=21ms TTL=53
Reply from 216.58.212.110: bytes=32 time=17ms TTL=53

Ping statistics for 216.58.212.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 21ms, Average = 19ms
Server:  routerlogin.net
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:c:a06::2:4008
      2001:4998:58:c02::a9
      206.190.36.45
      98.139.180.149
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=127ms TTL=48
Reply from 98.138.253.109: bytes=32 time=119ms TTL=48

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 119ms, Maximum = 127ms, Average = 123ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  8...40 f0 2f 40 ae 94 ......Bluetooth Device (Personal Area Network)
  5...12 f0 2f 40 7b 72 ......Microsoft Wi-Fi Direct Virtual Adapter
  4...40 f0 2f 40 7b 72 ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
  3...20 1a 06 3a dd 3b ......Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30)
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.10     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.10    281
     192.168.0.10  255.255.255.255         On-link      192.168.0.10    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.10    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.10    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.10    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  4    281 fe80::/64                On-link
  4    281 fe80::d93:96f9:ff77:2662/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/18/2017 02:07:01 PM) (Source: Microsoft Security Client) (User: )
Description: 0x1ProtectionManagement

Error: (07/18/2017 02:07:01 PM) (Source: Microsoft Security Client) (User: )
Description: 0x1ProtectionManagement

Error: (07/18/2017 02:06:48 PM) (Source: Microsoft Security Client) (User: )
Description: 0x1ProtectionManagement

Error: (07/18/2017 02:06:48 PM) (Source: Microsoft Security Client) (User: )
Description: 0x1ProtectionManagement

Error: (07/17/2017 10:18:48 PM) (Source: Application Hang) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ba4

Start Time: 01d2ff41331cf25c

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: 83816a18-6b35-11e7-874b-40f02f40ae94

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.


System errors:
=============
Error: (07/18/2017 03:09:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: 6918E89D.TheChessLv.100.

Error: (07/18/2017 12:13:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: 6918E89D.TheChessLv.100.

Error: (07/17/2017 09:08:36 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: 6918E89D.TheChessLv.100.

Error: (07/17/2017 07:13:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: 6918E89D.TheChessLv.100.

Error: (07/17/2017 06:58:48 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error:
%%1069 = The service did not start due to a logon failure.


Error: (07/17/2017 06:58:48 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069 = The service did not start due to a logon failure.


Error: (07/17/2017 06:58:48 PM) (Source: Service Control Manager) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50 = The request is not supported.


To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/17/2017 06:58:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069 = The service did not start due to a logon failure.


Error: (07/17/2017 06:58:47 PM) (Source: Service Control Manager) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50 = The request is not supported.


To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (07/17/2017 06:58:38 PM) (Source: DCOM) (User: LENOVO-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


Microsoft Office Sessions:
=========================
Error: (07/18/2017 02:07:01 PM) (Source: Microsoft Security Client)(User: )
Description: 0x1ProtectionManagement

Error: (07/18/2017 02:07:01 PM) (Source: Microsoft Security Client)(User: )
Description: 0x1ProtectionManagement

Error: (07/18/2017 02:06:48 PM) (Source: Microsoft Security Client)(User: )
Description: 0x1ProtectionManagement

Error: (07/18/2017 02:06:48 PM) (Source: Microsoft Security Client)(User: )
Description: 0x1ProtectionManagement

Error: (07/17/2017 10:18:48 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20911ba401d2ff41331cf25c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe83816a18-6b35-11e7-874b-40f02f40ae94microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dllC:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll2

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide)(User: )
Description: C:\windows\System32\sdnclean64.exeC:\windows\System32\sdnclean64.exe2

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dllC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll2

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dllC:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll2

Error: (07/17/2017 07:23:25 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dllC:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll2


CodeIntegrity Errors:
===================================
  Date: 2015-10-13 20:16:44.248
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-10-13 20:13:04.686
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-10-13 18:36:29.013
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.3.53 - Conexant)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-202 203 206 Series Printer Uninstall (HKLM\...\EPSON XP-202 203 206 Series) (Version:  - SEIKO EPSON Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.25.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
MATLAB R2015b (HKLM\...\Matlab R2015b) (Version: 8.6 - MathWorks)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 54.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-GB)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Nitro Pro 8 (HKLM\...\{6E7DFD3E-2E89-4F35-B4F2-D3301A4AD190}) (Version: 8.5.6.5 - Nitro)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.9.4.8 - Symantec Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
SoftwareWatcher bundle (HKLM-x32\...\SoftwareWatcher bundle) (Version: 2.0.0.3 - SoftwareWatcher)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.17 - Lenovo)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Hidden
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

========================= Memory info: ===================================

Percentage of memory in use: 20%
Total physical RAM: 8104.27 MB
Available physical RAM: 6410.1 MB
Total Virtual: 16296.27 MB
Available Virtual: 14643.82 MB

========================= Partitions: =====================================

1 Drive c: (Windows8_OS) (Fixed) (Total:892.38 GB) (Free:837.33 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.62 GB) NTFS

========================= Users: ========================================

User accounts for \\LENOVO-PC

Administrator            Guest                    xxxxxx                   


**** End of log ****
 

Adwcleaner results log

 

# AdwCleaner 7.0.0.0 - Logfile created on Tue Jul 18 19:47:58 2017
# Updated on 2017/17/07 by Malwarebytes
# Database: 07-18-2017.1
# Running on Windows 8.1 (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00A6FAF1-072E-44CF-8957-5838F569A31D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC87A650-207D-4392-A6A1-82ADBC56FA64}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{224530A0-C9CB-4AEE-9C0F-54AC1B533211}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8C875948-9C60-4381-9248-0DF180542D53}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1E58A84-95B3-4630-B8C2-D06B77B7A0FC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C900B400-CDFE-11D3-976A-00E02913A9E0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F9765480-72D1-11D4-A75A-004F49045A87}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E99D4D0C-EB54-46AF-B62A-3AA1F31D53E5}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1B0E7716-898E-48CC-9690-4E338E8DE1D3}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{594BE7B2-23B0-4FAE-A2B9-0C21CC1417CE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [3658 B] - [2017/4/2 18:37:41]
C:/AdwCleaner/AdwCleaner[C2].txt - [1916 B] - [2017/4/2 18:47:14]
C:/AdwCleaner/AdwCleaner[C3].txt - [2479 B] - [2017/4/3 14:32:14]
C:/AdwCleaner/AdwCleaner[C4].txt - [2625 B] - [2017/7/17 17:58:21]
C:/AdwCleaner/AdwCleaner[S0].txt - [5529 B] - [2014/5/16 20:7:41]
C:/AdwCleaner/AdwCleaner[S1].txt - [2150 B] - [2014/11/10 19:53:27]
C:/AdwCleaner/AdwCleaner[S2].txt - [1281 B] - [2014/11/22 11:48:19]
C:/AdwCleaner/AdwCleaner[S3].txt - [1350 B] - [2015/1/3 23:2:2]
C:/AdwCleaner/AdwCleaner[S4].txt - [3584 B] - [2017/4/2 18:36:36]
C:/AdwCleaner/AdwCleaner[S5].txt - [2035 B] - [2017/4/2 18:47:4]
C:/AdwCleaner/AdwCleaner[S6].txt - [2181 B] - [2017/4/2 18:51:33]
C:/AdwCleaner/AdwCleaner[S7].txt - [2164 B] - [2017/4/2 19:39:5]
C:/AdwCleaner/AdwCleaner[S8].txt - [2573 B] - [2017/4/3 14:31:31]
C:/AdwCleaner/AdwCleaner[S9].txt - [2719 B] - [2017/7/17 17:57:52]


########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt ##########

 

Junkware removal tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 x64
Ran by xxxxxx (Administrator) on 18/07/2017 at 21:01:53.16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 0

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/07/2017 at 21:04:22.01
End of JRT log

 

Eset online scanner report

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings.html.vir Win32/Conduit.SearchProtect.AQ potentially unwanted application

    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html.vir    Win32/Conduit.SearchProtect.AW potentially unwanted application

    
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js.vir    Win32/Conduit.SearchProtect.BB potentially unwanted application  

 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js.vir  

 Win32/Conduit.SearchProtect.AY potentially unwanted application  

 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html.vir    Win32/Conduit.SearchProtect.AZ potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js.vir    Win32/Conduit.SearchProtect.BB potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html.vir    Win32/Conduit.SearchProtect.AZ potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js.vir    Win32/Conduit.SearchProtect.BB potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html.vir    Win32/Conduit.SearchProtect.AR potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js.vir    

Win32/Conduit.SearchProtect.BB potentially unwanted application  

 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html.vir    Win32/Conduit.SearchProtect.AN potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js.vir    Win32/Conduit.SearchProtect.BA potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Users\xxxxxx\AppData\Roaming\Browser Extensions\saamazon_1.7.xpi.vir  

 multiple threats,JS/Adware.Spigot.D application,JS/Adware.Spigot.A application  

 
C:\AdwCleaner\Quarantine\C\Users\xxxxxx\AppData\Roaming\Browser Extensions\startpage_2.3.xpi.vir    

JS/Adware.Spigot.I application    

C:\AdwCleaner\Quarantine\C\Users\xxxxxxAppData\Roaming\BrowserExtensions\BEHelper.exe.vir    

a variant of Win32/Toolbar.Widgi.L potentially unwanted application    

C:\AdwCleaner\Quarantine\C\Users\xxxxxxAppData\Roaming\BrowserExtensions\saamazon.xpi.vir    

JS/Adware.Spigot.D application    

C:\AdwCleaner\Quarantine\C\Users\xxxxxx\AppData\Roaming\BrowserExtensions\startpage.xpi.vir  

 JS/Adware.Spigot.I application    

C:\AdwCleaner\Quarantine\C\Users\xxxxxx\AppData\Roaming\BrowserExtensions\Uninstall.exe.vir    

Win32/Toolbar.Widgi.X potentially unwanted application,a variant of Win32/Toolbar.Widgi.N potentially unwanted application

    
C:\AdwCleaner\Quarantine\C\Users\xxxxxx\AppData\Roaming\Search Protection\Uninstall.exe.vir    

a variant of Win32/Toolbar.Widgi.J potentially unwanted application    

C:\Users\xxxxxx\Downloads\ccsetup528pro.exe  

 Win32/Bundled.Toolbar.Google.D potentially unsafe application    
 

 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:26 AM

Posted 19 July 2017 - 11:17 AM

Looks like we got Conduit out. How is it?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Bto125

Bto125
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 19 July 2017 - 12:01 PM

Hi boopme,

 

I haven't came about the filestore72.info browser hijack since yesterday as I haven't visited the forum so I would say my computer is running fine at the moment. Also could you explain in some detail what this conduit is ?


Edited by Bto125, 19 July 2017 - 12:10 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:26 AM

Posted 19 July 2017 - 12:15 PM

Conduit
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Bto125

Bto125
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:11:26 AM

Posted 19 July 2017 - 12:23 PM

Hi boopme,

 

I appreciate the link to the conduit article, It was very informative. Are there anymore steps I should take to ensure my computer is infection free?



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:26 AM

Posted 19 July 2017 - 01:59 PM

well we can take a deep look. Start a new topic, Am I clean.. Go here start at step 6. It's not much to do.


Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..


EDit Also read this

https://www.bleepingcomputer.com/forums/t/287710/how-malware-spreads-how-your-system-gets-infected/

Edited by boopme, 19 July 2017 - 02:02 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users