hi
i stupidly gave someone remote acess to my computer thinking they were from
gmail
luckily i changed my password before they could ransomware me but can someone check if everything is okay please
Posted 11 September 2017 - 09:13 AM
hi
i stupidly gave someone remote acess to my computer thinking they were from
gmail
luckily i changed my password before they could ransomware me but can someone check if everything is okay please
Posted 11 September 2017 - 12:42 PM
Welcome to BC....
Were you able to see what files they accessed? For instance, passwords stored in the browsers.
How much time did the criminals have access?
Did they ask for a CC number or other method of payment and did you give that info?
Did the criminal install a security program to scan the commuter and is it still on the computer? The program is likely
a junky one that is known to report a lot false info.
They usually leave a program used to access the computer. I would suggest removing that.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
Posted 11 September 2017 - 05:12 PM
they went into my email and got the 6 digit google rreset code for maybe 5minutes. didnt think no more until they mentioned £99 for a gmail
they said my account was comprimised and would have to pay to secure the account so making out they were helping me
they took off my 2 layer on my phone gmail and recovery email but as i told them i would call them back when i realised what was
happenig they didnt change my password so managed to change my password and recovery email. I realised it was a scam and bought more time byu saying would call them in 2 hours when i got the money, i never called back
no idea if they put anything on but i did allow this and got remote https://broker.gotoassist.com/joinFlow/sessionRate.tmpl?_sid=5703793%3AC902F2475ED872EEC162A164353D1C90&Action=rgoto&Portal=alivenetsolution&_sf=6
i need the email address to access my cell phone but is it safe now i have changed the password? this was from india
Posted 11 September 2017 - 05:43 PM
If they called you then it is not likely they can charge your phone account. If there was any chance of them getting any banking passwords, shopping website passwords or
PayPal passwords...then I would suggest you change those passwords.
Other than that...I think you are good to go based on what you report as to the extent of their access.
If you saw one of the criminal's popups and clicked on that then you may have adware or malware. Is that what happened or did you get a "cold call" from the criminals?
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
Posted 11 September 2017 - 06:36 PM
no my phone company told me contact google customer and i googled it and it wasnt a real site they pretended to be google.
my anti virus link warned me when went onto check later but when clicked on it originally it didnt warn me
is there any way i can just run a check for anything on my pc please?
Posted 11 September 2017 - 07:17 PM
Did you call a premium phone number? I am very aware of all the criminals' counterfeit sites. It would be great if the Search providers such as
Google would identify and block them. Always go to the home page of businesses and then look for links to assistance. NEVER do a search such as
HELP WITH GMAIL or NEED HELP WITH WORD, etc.
You can use the programs below to clean, remove adware and remove malware. Though I doubt the criminals installed any, it would be a good idea
to use them if you haven't done so recently.
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
Malwarebytes - Clean Mode
If you are unable to run a scan using MBAM:
Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/
Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
Posted 12 September 2017 - 03:29 AM
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 9/12/17
Scan Time: 9:03 AM
Log File:
Administrator: Yes
-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2782
License: Free
-System Information-
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: DELL-530\Chris
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 254441
Threats Detected: 1
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 25 min, 38 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 1
PUP.Optional.InstallCore, C:\$RECYCLE.BIN\S-1-5-21-3299710142-3868310564-1978959094-1001\$R4XYB83.EXE, No Action By User, [2], [387958],1.0.2782
Physical Sector: 0
(No malicious items detected)
(end)
Posted 12 September 2017 - 03:37 AM
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows Vista Home Premium x86
Ran by Chris (Administrator) on 12/09/2017 at 9:33:17.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 18
Failed to delete: C:\Windows\System32\wscm32.dll (File)
Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8L4N56F0 (Temporary Internet Files Folder)
Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTLMQDOB (Temporary Internet Files Folder)
Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OIB641AB (Temporary Internet Files Folder)
Failed to delete: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPM66AH2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8L4N56F0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETXO6QBG (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXV9G0ZL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LTLMQDOB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OIB641AB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RW4F76BZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WDVRCXRN (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Chris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZPM66AH2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ETXO6QBG (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EXV9G0ZL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RW4F76BZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WDVRCXRN (Temporary Internet Files Folder)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12/09/2017 at 9:37:03.89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Posted 12 September 2017 - 06:11 AM
Missing AdwCleaner scan log.
Rerun MBAM and be sure to allow it to remove that one threat that it found.
Due to what JRT found...do this:
Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET
Post the three lists mentioned below using CCleaner.
Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.
At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next
post. Please do that.
Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you
will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
Posted 13 September 2017 - 06:32 AM
C:\$RECYCLE.BIN\S-1-5-21-3299710142-3868310564-1978959094-1001\$R34FF7I.exe Win32/InstallCore.AVJ potentially unwanted application cleaned by deleting
C:\$RECYCLE.BIN\S-1-5-21-3299710142-3868310564-1978959094-1001\$RA922MV.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\$RECYCLE.BIN\S-1-5-21-3299710142-3868310564-1978959094-1001\$RMH0ELX.exe Win32/InstallCore.AVJ potentially unwanted application cleaned by deleting
C:\$RECYCLE.BIN\S-1-5-21-3299710142-3868310564-1978959094-1001\$RXTRX47.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Chris\Downloads\ccsetup512pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Chris\Downloads\ccsetup513.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Chris\Downloads\ccsetup534.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Chris\Downloads\PhotoScapeSetup_V3.7.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Users\Chris\Downloads\spsetup130.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
# AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 11 13:43:19 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 09-08-2017.1
# Running on Windows Vista Home Premium (X86)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1087 B] - [2017/3/10 0:38:32]
C:/AdwCleaner/AdwCleaner[C2].txt - [1828 B] - [2017/6/9 22:21:40]
C:/AdwCleaner/AdwCleaner[C3].txt - [2228 B] - [2017/6/21 12:55:43]
C:/AdwCleaner/AdwCleaner[C4].txt - [3675 B] - [2017/7/12 23:55:46]
C:/AdwCleaner/AdwCleaner[S0].txt - [1188 B] - [2017/3/9 21:41:39]
C:/AdwCleaner/AdwCleaner[S10].txt - [2055 B] - [2017/6/11 23:12:30]
C:/AdwCleaner/AdwCleaner[S11].txt - [2128 B] - [2017/6/14 21:20:8]
C:/AdwCleaner/AdwCleaner[S12].txt - [2203 B] - [2017/6/16 13:34:24]
C:/AdwCleaner/AdwCleaner[S13].txt - [2353 B] - [2017/6/20 21:28:10]
C:/AdwCleaner/AdwCleaner[S14].txt - [3153 B] - [2017/7/12 23:55:13]
C:/AdwCleaner/AdwCleaner[S15].txt - [2248 B] - [2017/8/1 14:56:43]
C:/AdwCleaner/AdwCleaner[S16].txt - [2316 B] - [2017/8/10 17:18:43]
C:/AdwCleaner/AdwCleaner[S17].txt - [2385 B] - [2017/8/13 21:58:49]
C:/AdwCleaner/AdwCleaner[S18].txt - [2454 B] - [2017/9/10 20:24:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [1312 B] - [2017/3/15 15:59:11]
C:/AdwCleaner/AdwCleaner[S2].txt - [1385 B] - [2017/3/15 18:31:24]
C:/AdwCleaner/AdwCleaner[S3].txt - [1458 B] - [2017/3/23 19:24:37]
C:/AdwCleaner/AdwCleaner[S4].txt - [1539 B] - [2017/4/4 16:29:48]
C:/AdwCleaner/AdwCleaner[S5].txt - [1612 B] - [2017/4/11 21:48:5]
C:/AdwCleaner/AdwCleaner[S6].txt - [1679 B] - [2017/4/13 0:22:9]
C:/AdwCleaner/AdwCleaner[S7].txt - [1751 B] - [2017/4/30 22:0:36]
C:/AdwCleaner/AdwCleaner[S8].txt - [1831 B] - [2017/5/23 16:20:48]
C:/AdwCleaner/AdwCleaner[S9].txt - [1953 B] - [2017/6/9 22:20:0]
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task SafeZone scheduled Autoupdate 1499187360 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
No HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
Yes HKCU:Run ehTray.exe Microsoft Corporation C:\Windows\ehome\ehTray.exe
Yes HKCU:Run Kaspersky Software Updater AO Kaspersky Lab "C:\Program Files\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe" ksu autorun
Yes HKCU:Run KSS AO Kaspersky Lab "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
Yes HKCU:Run uTorrent BitTorrent Inc. C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
No HKCU:Run WMPNSCFG Microsoft Corporation C:\Program Files\Windows Media Player\WMPNSCFG.exe
No HKLM:Run Adobe ARM "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
Yes HKLM:Run DelaypluginInstall Wondershare software CO., LIMITED C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
Yes HKLM:Run Malwarebytes TrayApp Malwarebytes C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
Yes HKLM:Run RtHDVCpl Realtek Semiconductor RtHDVCpl.exe
Yes HKLM:Run Wondershare Helper Compact.exe C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
No HKLM:Run ZAM "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
No Startup Common HDDHealth.lnk PANTERASoft C:\PROGRA~1\HDDHEA~1\HDDHEA~1.EXE
7-Zip 17.00 beta Igor Pavlov 02/07/2017 3.71 MB 17.00 beta
Adobe Flash Player 27 ActiveX Adobe Systems Incorporated 12/09/2017 27.0.0.130
Adobe Flash Player 27 NPAPI Adobe Systems Incorporated 12/09/2017 27.0.0.130
Adobe Shockwave Player 12.2 Adobe Systems, Inc. 09/11/2015 38.2 MB 12.2.9.199
Apple Software Update Apple Inc. 27/10/2016 2.39 MB 2.1.4.131
AudibleManager Audible, Inc. 20/02/2017 13.8 MB 3484544.-2.2005037430.2005036444
Avast Internet Security AVAST Software 07/09/2017 1.29 GB 17.6.2310
CCleaner Piriform 13/09/2017 9.36 MB 5.34
Compatibility Pack for the 2007 Office system Microsoft Corporation 13/09/2017 206 MB 12.0.6612.1000
ConvertXtoDVD 4.0.9.322 27/12/2011 57.4 MB 4.0.9.322
CryptoPrevent Foolish IT LLC 02/07/2017 45.7 MB 8.0.4.2
EasyBCD 1.7 NeoSmart Technologies 22/12/2013 1.60 MB 1.7
ffdshow [rev 2180] [2008-10-04] 23/10/2008 11.1 MB 1.0
FlashPeak Slimjet FlashPeak Inc. 20/06/2017 162 MB 10.0.13.0
Google Chrome Google Inc. 20/06/2017 318 MB 49.0.2623.112
HDD Health v4.2 24/03/2014 5.32 MB
InPlay IPTV Cobain ltd 25/11/2015 11.2 MB 4.0.0
Intel® Graphics Media Accelerator Driver Intel Corporation 22/12/2013
K-Lite Codec Pack 7.0.0 (Standard) 14/03/2013 34.6 MB 7.0.0
Kaspersky Security Scan Kaspersky Lab 12/09/2017 119 MB 16.0.0.1344
Kaspersky Software Updater Kaspersky Lab 12/09/2017 102 MB 2.0.0.623
Leawo Video Converter version 5.1.0.0 18/03/2012
Malwarebytes version 3.1.2.1733 Malwarebytes 18/06/2017 104 MB 3.1.2.1733
Microsoft .NET Framework 4.5.2 Microsoft Corporation 28/08/2015 255 MB 4.5.51209
Microsoft Office Excel Viewer 2003 Microsoft Corporation 14/06/2017 132 MB 11.0.8173.0
Microsoft Office Word Viewer 2003 Microsoft Corporation 13/09/2017 126 MB 11.0.8173.0
Microsoft Silverlight Microsoft Corporation 21/04/2017 221 MB 5.1.50906.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18/03/2012 294 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 18/08/2013
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 03/02/2011 590 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 25/12/2011 594 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 09/04/2013 14.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 10/08/2016 452 KB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 07/09/2017 456 KB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 07/09/2017 808 KB 14.0.24215.1
Mozilla Firefox 52.3.0 ESR (x86 en-GB) Mozilla 13/08/2017 90.8 MB 52.3.0
Mozilla Maintenance Service Mozilla 13/08/2017 552 KB 52.3.0.6423
MPC-HC 1.7.0 MPC-HC Team 30/07/2014 30.9 MB 1.7.0.7858
MSXML 4.0 SP3 Parser Microsoft Corporation 09/02/2012 1.47 MB 4.30.2100.0
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 12/07/2012 1.53 MB 4.30.2114.0
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 07/01/2013 1.54 MB 4.30.2117.0
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 10/02/2012 1.53 MB 4.30.2107.0
Nero 7 Lite 7.10.1.2 UpdatePack.nl 23/10/2008 60.3 MB 7.10.1.2
PressReader PressReader Inc. 27/04/2016 9.97 MB 5.16.0115.0
Realtek High Definition Audio Driver 22/12/2013
Samsung Story Album Viewer Samsung Electronics Co., Ltd. 08/09/2013 40.6 MB 1.0.0.13054_1
Samsung USB Driver for Mobile Phones Samsung Electronics Co., Ltd. 22/12/2013 34.5 MB 1.5.59.0
Skitch Evernote Corp. 11/06/2016 90.9 MB 2.2.0.4
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 02/06/2014 10.2 MB 14.0.0.1
VLC media player VideoLAN 10/09/2017 124 MB 2.2.6
WinRAR 5.40 beta 1 (32-bit) win.rar GmbH 22/03/2015 4.69 MB 5.40.1
Wondershare Helper Compact 2.5.0 Wondershare 26/08/2016 6.72 MB 2.5.0
Wondershare Video Converter Ultimate(Build 8.8.0.3) Wondershare Software 18/08/2016 188 MB 8.8.0.3
µTorrent BitTorrent Inc. 07/08/2017 7.03 MB 3.5.0.43916
Posted 13 September 2017 - 08:15 AM
Disable these Tasks: Use CCleaner by clicking on each item and selecting Disable on the right.
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task SafeZone scheduled Autoupdate 1499187360 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Suggest Disabling these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
Yes HKCU:Run ehTray.exe Microsoft Corporation C:\Windows\ehome\ehTray.exe
Yes HKCU:Run Kaspersky Software Updater AO Kaspersky Lab "C:\Program Files\Kaspersky Lab\Kaspersky Software Updater\kl_platf.exe" ksu autorun
Yes HKCU:Run KSS AO Kaspersky Lab "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
Yes HKCU:Run uTorrent BitTorrent Inc. C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
Yes HKLM:Run DelaypluginInstall Wondershare software CO., LIMITED C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
Yes HKLM:Run Wondershare Helper Compact.exe C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
Uninstall these programs:
Mozilla Firefox 52.3.0 ESR (x86 en-GB) Mozilla 13/08/2017 90.8 MB 52.3.0 (Or Update...)
Mozilla Maintenance Service Mozilla 13/08/2017 552 KB 52.3.0.6423
Use Download Revo Uninstaller Freeware to uninstall the below programs.
Wondershare Helper Compact 2.5.0 Wondershare 26/08/2016 6.72 MB 2.5.0
Wondershare Video Converter Ultimate(Build 8.8.0.3) Wondershare Software 18/08/2016 188 MB 8.8.0.3
µTorrent BitTorrent Inc. 07/08/2017 7.03 MB 3.5.0.43916
I note that you have recently installed the free Kaspersky scanner....did it find any malware?
Edited by buddy215, 13 September 2017 - 08:18 AM.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
Posted 14 September 2017 - 09:27 AM
i did what u asked was there any malware therre?
kapersky just scanned a few files not all and didnt find anything
Posted 14 September 2017 - 12:29 PM
Just adware and some ad intensive programs/ PUPS.
Looks to me like you are good to go...happy surfin'
Edited by buddy215, 14 September 2017 - 12:37 PM.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
Posted 14 September 2017 - 06:16 PM
You're welcome..
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”― Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”
0 members, 0 guests, 0 anonymous users