Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton not installed, but warnings appear


  • Please log in to reply
11 replies to this topic

#1 Benny563

Benny563

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 02 December 2017 - 09:49 AM

I am using Windows 10 and ESET NOD32 anti-virus and starting a few days ago every time I open steam or other secured sites, this message appears: https://gyazo.com/6b7dc93478299ef75d3885cbb8271633 .I don't have Norton and I have never had it installed. When I press "view detailed report" it says that the site is "OK" and that there are 0 threats. I was not able to find any threat with my antivirus and I couldn't find anything useful online(maybe I didn't search deep enough). I don't even know if it's a virus... After pressing "visit the site", the site opens and the message doesn't appear for a period of time.

I would like to find out what it is and, if it's a threat how can I get rid of it. I can provide other information if neccesary.



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,260 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:46 PM

Posted 02 December 2017 - 12:04 PM

Look at the extensions in your browsers. You may see Norton Safe Search which is actually Ask...which most would consider

a search redirect and adware.

 

Could be your ISP is using Norton. Use the programs below to clean, remove adware and remove malware. The last info asked for

may give the source of the Norton.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Malwarebytes - Clean Mode

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update its database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

If you are unable to run a scan using MBAM:

Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/

 

 

Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


Edited by buddy215, 02 December 2017 - 12:07 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Benny563

Benny563
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 02 December 2017 - 12:54 PM

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 12/2/17
Scan Time: 7:24 PM
Log File: a7244d46-d785-11e7-9151-448a5bcaa239.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3395
License: Trial
 
-System Information-
OS: Windows 10 (Build 15063.726)
CPU: x64
File System: NTFS
User: ACER\User
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 323635
Threats Detected: 26
Threats Quarantined: 26
Time Elapsed: 7 min, 0 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 3
PUP.Optional.Privoxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3CEEC038-627B-4C1B-B12E-B170656AA0AD}, Quarantined, [316], [260736],1.0.3395
PUP.Optional.Privoxy, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [316], [-1],0.0.0
PUP.Optional.SteamClient, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SteamClient, Quarantined, [11546], [185514],1.0.3395
 
Registry Value: 4
PUP.Optional.Privoxy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3CEEC038-627B-4C1B-B12E-B170656AA0AD}|PATH, Quarantined, [316], [260736],1.0.3395
PUP.Optional.Privoxy, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [316], [-1],0.0.0
PUP.Optional.Privoxy, HKU\S-1-5-21-2485786295-3925055710-434320391-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [316], [-1],0.0.0
PUP.Optional.Privoxy, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [316], [-1],0.0.0
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 4
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\017A192007B747169A9E56A9AD6E4065, Quarantined, [470], [173202],1.0.3395
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\42104E62495F42DDAC7D4BF64A6A065C, Quarantined, [470], [173202],1.0.3395
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\82D32D203E674ED79D6315F13706CB60, Quarantined, [470], [173202],1.0.3395
PUP.Optional.OpenCandy, C:\USERS\USER\APPDATA\ROAMING\OPENCANDY, Quarantined, [470], [173202],1.0.3395
 
File: 15
PUP.Optional.SteamClient, C:\WINDOWS\SYSTEM32\TASKS\STEAMCLIENT, Quarantined, [11546], [185512],1.0.3395
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\017A192007B747169A9E56A9AD6E4065\PCTU-EN-15-day-1006060.exe, Quarantined, [470], [173202],1.0.3395
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\42104E62495F42DDAC7D4BF64A6A065C\Opera_NI_stable.exe, Quarantined, [470], [173202],1.0.3395
PUP.Optional.OpenCandy, C:\Users\User\AppData\Roaming\OpenCandy\82D32D203E674ED79D6315F13706CB60\PCTU-EN-15-day-1006060.exe, Quarantined, [470], [173202],1.0.3395
PUP.Optional.OpenCandy, C:\USERS\USER\APPDATA\ROAMING\POWERISO\UPGRADE\POWERISO6.EXE, Quarantined, [470], [297667],1.0.3395
HackTool.CheatEngine, C:\USERS\USER\DOWNLOADS\ASSASSINS CREED SYNDICATE V1.12 TRAINER +7 MRANTIFUN.ZIP, Quarantined, [1032], [7940],1.0.3395
HackTool.CheatEngine, C:\USERS\USER\DOWNLOADS\ASSASSINS CREED SYNDICATE V1.12 TRAINER +6 MRANTIFUN.ZIP, Quarantined, [1032], [7940],1.0.3395
CheatTool.CETTrainer, C:\USERS\USER\DOWNLOADS\CUPHEAD V10.1.2017 TRAINER +3 MRANTIFUN.ZIP, Quarantined, [7608], [116813],1.0.3395
HackTool.CheatEngine, C:\USERS\USER\DOWNLOADS\DYING LIGHT V1.6.0 TRAINER +17 MRANTIFUN.ZIP, Quarantined, [1032], [7940],1.0.3395
HackTool.CheatEngine, C:\USERS\USER\DOWNLOADS\CALL OF DUTY BLACK OPS 3 V1.00 TRAINER +3 MRANTIFUN.ZIP, Quarantined, [1032], [7940],1.0.3395
CheatTool.CETTrainer, C:\USERS\USER\DOWNLOADS\DYING LIGHT V1.10.0 TRAINER +19 MRANTIFUN (1).ZIP, Quarantined, [7608], [116813],1.0.3395
CheatTool.CETTrainer, C:\USERS\USER\DOWNLOADS\DYING LIGHT V1.10.0 TRAINER +19 MRANTIFUN.ZIP, Quarantined, [7608], [116813],1.0.3395
CheatTool.CETTrainer, C:\USERS\USER\DOWNLOADS\THE EVIL WITHIN 2 V1.00 TRAINER +11 B MRANTIFUN.ZIP, Quarantined, [7608], [116813],1.0.3395
HackTool.CheatEngine, C:\USERS\USER\DOWNLOADS\PAPERS PLEASE V1.1.65 TRAINER +1 MRANTIFUN.ZIP, Quarantined, [1032], [7940],1.0.3395
HackTool.CheatEngine, C:\USERS\USER\DOWNLOADS\SURGEON SIMULATOR ANNIVERSARY EDITION TRAINER +2  MRANTIFUN.ZIP, Quarantined, [1032], [7940],1.0.3395
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
 
 
 
ADW
 
 
 
# AdwCleaner 7.0.5.0 - Logfile created on Sat Dec 02 17:44:41 2017
# Updated on 2017/29/11 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
Plugin deleted: MSN Homepage & Bing Search Engine - 
 
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [1498 B] - [2017/12/2 17:43:51]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
 
 
Windows Startups:
 
 
Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No HKCU:Run GalaxyClient GOG.com D:\Games\GWENT\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
Yes HKCU:Run Gyazo Nota Inc. C:\Program Files (x86)\Gyazo\GyStation.exe
No HKCU:Run Messenger (Yahoo!) Yahoo! Inc. "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
Yes HKCU:Run OfficeSyncProcess Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
Yes HKCU:Run uTorrent BitTorrent Inc. "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run egui ESET "C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe" /launch /hide
No HKLM:Run LogMeIn Hamachi Ui LogMeIn Inc. "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
Yes HKLM:Run PWRISOVM.EXE Power Software Ltd C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
Yes HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
No HKLM:Run SunJavaUpdateSched Oracle Corporation "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes Startup Common SteelSeries Engine 3.lnk SteelSeries ApS C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
Yes Startup User Auto Activate Office 2010 VL.lnk C:\Windows\actofvl\aaovl.exe
 
 
 
Scheduled Startups:
 
 
 
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-roscarares14@yahoo.com Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task ALU Acer Incorporated C:\Program Files (x86)\Acer\Live Updater\updater.exe -auto
Yes Task ALUAgent Acer Incorporated C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task CTF Host "C:\Users\User\AppData\Roaming\Microsoft\Ctfhost\ctfhost.exe" xorvius.
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineUA1d08f24725ff56f Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineUA1d0bfc3c902f781 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GyazoUpdateTaskMachine Nota Inc. "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task GyazoUpdateTaskMachineDaily Nota Inc. "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task klcp_update "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=90
Yes Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Yes Task NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
Yes Task NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
Yes Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Yes Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Yes Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
Yes Task OneDrive Standalone Update Task-S-1-5-21-2485786295-3925055710-434320391-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
No Task Optimize Start Menu Cache Files-S-1-5-21-2485786295-3925055710-434320391-1001
Yes Task Red Giant Link "C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe" --silent
Yes Task {A750CD23-3587-41E4-812D-ADE4E2949DC5} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" -c uplay://uninstall/274
 
 
 
 
3D Builder Microsoft Corporation 28.10.2017 15.0.2911.0
Acer Explorer Acer Incorporated 01.10.2016 2.0.3007.0
Adobe Acrobat Reader DC Adobe Systems Incorporated 30.11.2017 375 MB 18.009.20050
Adobe After Effects CC 2014 Adobe Systems Incorporated 08.07.2017 4,04 GB 13.0.0
Adobe AIR Adobe Systems Incorporated 08.07.2017 22,5 MB 16.0.0.273
Adobe Flash Player 27 NPAPI Adobe Systems Incorporated 14.11.2017 5,71 MB 27.0.0.187
Adobe Help Manager Adobe Systems Incorporated 08.07.2017 1,75 MB 4.0.244
Adobe Photoshop CC 2014 Adobe Systems Incorporated 08.07.2017 2,59 GB 15.0
Adobe Widget Browser Adobe Systems Incorporated. 08.07.2017 1,06 MB 2.0 Build 348
Alarms & Clock Microsoft Corporation 06.10.2017 10.1709.2621.0
App connector Microsoft Corporation 01.10.2016 1.3.3.0
App Installer Microsoft Corporation 14.11.2017 1.0.12894.0
Battle.net Blizzard Entertainment 25.11.2017 717 MB
Calculator Microsoft Corporation 10.10.2017 10.1709.2703.0
Camera Microsoft Corporation 17.10.2017 2017.921.10.0
Castle Crashers The Behemoth 07.10.2017 197 MB
CCleaner Piriform 02.12.2017 5.37
CDBurnerXP CDBurnerXP 18.02.2015 20,7 MB 4.5.4.5306
CINEMA 4D 15.008 MAXON Computer GmbH 01.09.2015 5,32 GB 15.008
CodeBlocks The Code::Blocks Team 08.07.2017 16.01
Counter-Strike 1.6 08.07.2017 472 MB 1.6
Cuphead GOG.com 30.09.2017 4,00 MB 20170929
Curse Curse 13.02.2017 432 MB 6.0.0.0
Democracy 3 GOG.com 07.06.2017 537 MB 2.9.0.15
Democracy 3 - Clones and Drones GOG.com 07.06.2017 11,7 MB 2.9.0.15
Democracy 3 - Extremism GOG.com 07.06.2017 9,10 MB 2.9.0.15
Democracy 3 - Social Engineering GOG.com 07.06.2017 8,09 MB 2.9.0.15
Discord Discord Inc. 16.09.2017 50,8 MB 0.0.298
Epic Games Launcher Epic Games, Inc. 29.08.2017 158 MB 1.1.122.0
ESET NOD32 Antivirus ESET, spol. s r.o. 02.12.2017 130 MB 10.1.235.0
Far Cry 3 Ubisoft 25.02.2015 1.04
Feedback Hub Microsoft Corporation 19.10.2017 1.1708.2831.0
GOG Galaxy GOG.com 04.03.2017 608 MB
Google Chrome Google, Inc. 18.02.2015 64,1 MB 62.0.3202.94
Grand Theft Auto V Rockstar North 29.08.2017 71,7 GB
Groove Music Microsoft Corporation 17.11.2017 10.17085.22311.0
Gwent (0.8.72.1) GOG.com 30.03.2017 3,99 MB 0.1.1.318
Gyazo 3.3.4 Nota Inc. 13.11.2017 20,8 MB
Hearthstone Blizzard Entertainment 01.12.2017 12,9 GB
Hearthstone Deck Tracker HearthSim 08.11.2017 24,8 MB 1.5.5
Heroes of the Storm Blizzard Entertainment 01.12.2017 25,8 GB
Hi-Rez Studios Authenticate and Update Service Hi-Rez Studios 25.02.2017 87,3 MB 3.0.0.0
HiPatch Hi-Rez Studios 16.08.2016 10,3 GB 5.0.3.9
Identity Card Acer Incorporated 18.02.2015 4,76 MB 2.00.8101
Intel® Control Center Intel Corporation 18.02.2015 1.2.1.1011
Intel® Management Engine Components Intel Corporation 21.10.2014 9.5.15.1730
Java 8 Update 121 (64-bit) Oracle Corporation 12.02.2017 216 MB 8.0.1210.13
K-Lite Codec Pack 10.9.5 Full 18.02.2015 116 MB 10.9.5
Keep Talking and Nobody Explodes Steel Crate Games 31.10.2015 948 MB 1.0
Live Updater Acer Incorporated 18.02.2015 8,40 MB 2.00.8100
LogMeIn Hamachi LogMeIn, Inc. 15.07.2017 7,15 MB 2.2.0.579
Mail and Calendar Microsoft Corporation 18.11.2017 17.8700.40675.0
Malwarebytes version 3.3.1.2183 Malwarebytes 02.12.2017 181 MB 3.3.1.2183
Maps Microsoft Corporation 18.10.2017 5.1708.2764.0
Messaging Microsoft Corporation 29.11.2017 3.34.25004.0
Microsoft Games for Windows - LIVE Redistributable Microsoft Corporation 03.06.2015 27,6 MB 2.0.672.0
Microsoft Office Professional Plus 2010 Microsoft Corporation 08.07.2017 46,2 MB 14.0.6029.1000
Microsoft OneDrive Microsoft Corporation 08.11.2017 100 MB 17.3.7076.1026
Microsoft Silverlight Microsoft Corporation 18.02.2015 101 MB 5.1.30514.0
Microsoft Solitaire Collection Microsoft Studios 23.11.2017 3.18.11201.0
Microsoft Sticky Notes Microsoft Corporation 08.04.2017 1.8.0.0
Microsoft Store Microsoft Corporation 10.11.2017 11710.1001.27.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 18.02.2015 9,69 MB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 20.12.2015 12,0 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 23.02.2015 23,6 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 06.03.2015 22,8 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 25.02.2015 9,43 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 06.03.2015 8,78 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 18.10.2017 27,7 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 18.10.2017 22,2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 18.10.2017 20,5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 08.07.2017 17,3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 08.07.2017 20,5 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 08.07.2017 20,5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Corporation 08.07.2017 17,1 MB 12.0.21005.1
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 08.07.2017 17,1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 Microsoft Corporation 08.07.2017 23,5 MB 14.0.24212.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Corporation 08.07.2017 19,5 MB 14.0.24215.1
Microsoft Wi-Fi Microsoft Corporation 01.10.2016 1.1604.4.0
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 08.10.2016 18,9 MB 4.0.30901.0
Minecraft1.6.2 08.07.2017
mini-KMS Auto Activation Tool 1.13 08.07.2017
Mixed Reality Viewer Microsoft Corporation 28.09.2017 2.1709.8012.0
Money Microsoft Corporation 30.08.2017 4.21.2212.0
Movies & TV Microsoft Corporation 01.12.2017 10.17102.13911.0
Mozilla Firefox 35.0.1 (x86 en-US) Mozilla 08.07.2017 82,9 MB 35.0.1
Mozilla Maintenance Service Mozilla 08.07.2017 214 KB 35.0.1
MSN Food & Drink Microsoft Corporation 01.10.2016 3.0.4.336
MSN Health & Fitness Microsoft Corporation 01.10.2016 3.0.4.336
MSN Travel Microsoft Corporation 01.10.2016 3.0.4.336
My Office Microsoft Corporation 22.11.2017 17.8809.7600.0
News Microsoft Corporation 30.08.2017 4.21.2212.0
Nokia Connectivity Cable Driver 08.07.2017 7.1.32.69
NVIDIA 3D Vision Controller Driver 369.04 NVIDIA Corporation 30.11.2017 9,16 MB 369.04
NVIDIA 3D Vision Driver 388.43 NVIDIA Corporation 30.11.2017 33,0 MB 388.43
NVIDIA GeForce Experience 3.11.0.73 NVIDIA Corporation 30.11.2017 2,77 MB 3.11.0.73
NVIDIA Graphics Driver 388.43 NVIDIA Corporation 30.11.2017 745 MB 388.43
NVIDIA HD Audio Driver 1.3.35.1 NVIDIA Corporation 30.11.2017 8,14 MB 1.3.35.1
NVIDIA Miracast Virtual Audio 355.60 NVIDIA Corporation 13.08.2015 5,79 MB 355.60
NVIDIA PhysX System Software 9.17.0524 NVIDIA Corporation 21.09.2017 407 MB 9.17.0524
OneNote Microsoft Corporation 18.11.2017 17.8730.20741.0
Open Broadcaster Software 08.07.2017
OpenAL 08.07.2017
Origin Electronic Arts, Inc. 08.07.2017 322 MB 9.12.2.60376
Overwatch Blizzard Entertainment 01.12.2017 23,3 GB
Paid Wi-Fi & Cellular Microsoft Corporation 19.09.2017 2.1709.2484.0
Paint 3D Microsoft Corporation 11.11.2017 3.1710.30027.0
People Microsoft Corporation 01.11.2017 10.2.2791.0
Phone Microsoft Corporation 29.11.2017 3.34.12002.0
Phone Companion Microsoft Corporation 01.10.2016 10.1609.2561.0
Photos Microsoft Corporation 14.11.2017 2017.39091.16340.0
PowerISO Power Software Ltd 08.07.2017 5,91 MB 5.6
PunkBuster Services Even Balance, Inc. 08.07.2017 0.993
qBittorrent 3.1.11 The qBittorrent project 08.07.2017 45,3 MB 3.1.11
Race The Sun Flippfly LLC 08.07.2017 167 MB
Reader Microsoft Corporation 01.12.2017 6.4.9926.18874
Realtek Card Reader Realtek Semiconductor Corp. 18.02.2015 46,2 MB 6.3.3.34
Realtek Ethernet Controller Driver Realtek 18.02.2015 28,3 MB 8.18.621.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 10.07.2017 40,7 MB 6.0.1.7535
Rockstar Games Social Club Rockstar Games 08.07.2017 1.2.1.9
Skype Skype 30.11.2017 12.9.604.0
Skype™ 7.40 Skype Technologies S.A. 24.11.2017 172 MB 7.40.104
South Park The Fractured But Whole version 1.0 CODEPUNKS 18.10.2017 2,86 MB 1.0
Sports Microsoft Corporation 30.08.2017 4.21.2212.0
Steam Valve Corporation 08.07.2017 2.10.91.91
SteelSeries Engine 3.7.4 SteelSeries ApS 08.07.2017 3.7.4
Store Experience Host Microsoft Corporation 10.11.2017 11710.1710.30001.0
Sway Microsoft Corporation 08.11.2017 18.1711.50601.0
TeamViewer 12 TeamViewer 01.12.2017 89,1 MB 12.0.81460
The Evil Within 2 15.10.2017 2,97 MB
Tips Microsoft Corporation 31.10.2017 5.12.2691.0
Uplay Ubisoft 08.07.2017 202 MB 25.0
VLC media player VideoLAN 08.07.2017 115 MB 2.2.1
Voice Recorder Microsoft Corporation 10.10.2017 10.1709.2703.0
Vulkan Run Time Libraries 1.0.11.1 LunarG, Inc. 08.07.2017 1,66 MB 1.0.11.1
Vulkan Run Time Libraries 1.0.3.0 LunarG, Inc. 08.07.2017 1,66 MB 1.0.3.0
Wallet Microsoft Corporation 08.07.2017 1.0.16328.0
Weather Microsoft Corporation 31.08.2017 4.21.2212.0
Winamp Nullsoft, Inc 08.07.2017 5.666 
Windows 10 Update and Privacy Settings Microsoft Corporation 29.06.2017 2,10 MB 1.0.14.0
Windows 10 Upgrade Assistant Microsoft Corporation 08.07.2017 5,00 MB 1.4.9200.17362
Windows Reading List Microsoft Corporation 01.10.2016 6.3.9654.21234
Windows Scan Microsoft Corporation 01.10.2016 6.3.9654.17133
WinRAR 5.21 (64-bit) win.rar GmbH 08.07.2017 4,93 MB 5.21.0
Xbox Microsoft Corporation 14.11.2017 34.35.13001.0
Xbox Game bar Microsoft Corporation 08.11.2017 1.22.30001.0
Xbox Game Speech Window Microsoft Corporation 08.07.2017 1.14.2002.0
Xbox Identity Provider Microsoft Corporation 12.07.2017 11.29.23003.0
Yahoo! Messenger Yahoo! Inc. 08.07.2017
µTorrent BitTorrent Inc. 30.11.2017 3.5.0.44294
 


#4 buddy215

buddy215

  • Moderator
  • 13,260 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:46 PM

Posted 02 December 2017 - 02:39 PM

Suggest Disabling these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKCU:Run Gyazo Nota Inc. C:\Program Files (x86)\Gyazo\GyStation.exe

Yes HKCU:Run OfficeSyncProcess Microsoft Corporation "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
Yes HKCU:Run OneDrive Microsoft Corporation "C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
Yes HKCU:Run Steam Valve Corporation "C:\Program Files (x86)\Steam\steam.exe" -silent
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run PWRISOVM.EXE Power Software Ltd C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
Yes Startup Common SteelSeries Engine 3.lnk SteelSeries ApS C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

Delete these Startups: Use CCleaner by clicking on each item and choosing Delete on the right.
Yes Startup User Auto Activate Office 2010 VL.lnk C:\Windows\actofvl\aaovl.exe
Yes HKCU:Run uTorrent BitTorrent Inc. "C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-roscarares14@yahoo.com Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task ALU Acer Incorporated C:\Program Files (x86)\Acer\Live Updater\updater.exe -auto
Yes Task ALUAgent Acer Incorporated C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineUA1d08f24725ff56f Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskMachineUA1d0bfc3c902f781 Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GyazoUpdateTaskMachine Nota Inc. "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task GyazoUpdateTaskMachineDaily Nota Inc. "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"
Yes Task klcp_update "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=90
Yes Task NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Yes Task NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
Yes Task NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes Task NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes Task NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Yes Task NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Yes Task NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA Corporation C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
Yes Task OneDrive Standalone Update Task-S-1-5-21-2485786295-3925055710-434320391-1001 Microsoft Corporation %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Yes Task Red Giant Link "C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe" --silent
Yes Task {A750CD23-3587-41E4-812D-ADE4E2949DC5} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" -c uplay://uninstall/274
 
Delete these Tasks: Use CCleaner by clicking on each item and choosing Delete on the right.
Yes Task CTF Host "C:\Users\User\AppData\Roaming\Microsoft\Ctfhost\ctfhost.exe" xorvius.
 
Uninstall these programs:
Adobe AIR Adobe Systems Incorporated 08.07.2017 22,5 MB 16.0.0.273
Java 8 Update 121 (64-bit) Oracle Corporation 12.02.2017 216 MB 8.0.1210.13 (Or update...most users don't need Java)
Mozilla Firefox 35.0.1 (x86 en-US) Mozilla 08.07.2017 82,9 MB 35.0.1 (Or update to version 57)
Mozilla Maintenance Service Mozilla 08.07.2017 214 KB 35.0.1
qBittorrent 3.1.11 The qBittorrent project 08.07.2017 45,3 MB 3.1.11
Yahoo! Messenger Yahoo! Inc. 08.07.2017
µTorrent BitTorrent Inc. 30.11.2017 3.5.0.44294
 
 
 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Benny563

Benny563
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 02 December 2017 - 02:49 PM

I finished doing everything. Should I test if I get the same message or is there something more I have to do?



#6 buddy215

buddy215

  • Moderator
  • 13,260 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:46 PM

Posted 02 December 2017 - 03:08 PM

Sure...test it..


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Benny563

Benny563
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 02 December 2017 - 03:22 PM

Unfortunately, I get the same message. What do you think is happening and what should I do next?

Anyway, even if we can't solve it, I thank you for all your help !



#8 buddy215

buddy215

  • Moderator
  • 13,260 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:46 PM

Posted 02 December 2017 - 03:27 PM

Who is your ISP? Did you check the add-ons in the browsers? Is Facebook involved in any way?


Edited by buddy215, 02 December 2017 - 03:28 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 Benny563

Benny563
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 02 December 2017 - 03:31 PM

My ISP is RCS-RDS and there is nothing in my browser add-ons.(Only AddBlock which I occassionally use).

I don't think Facebook is involved, I barely use it and when I do I use it for conversations with my family. Maybe I didn't understand the question.


Edited by Benny563, 02 December 2017 - 03:37 PM.


#10 buddy215

buddy215

  • Moderator
  • 13,260 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:46 PM

Posted 02 December 2017 - 03:36 PM

If you want to remove Norton Connect Safe.....Remove Norton ConnectSafe settings

 

Norton ConnectSafe

QUOTE A BIT: No Software to Install

Norton ConnectSafe is a cloud-based service and does not require any software or hardware installation. Norton ConnectSafe is free for non-commercial use.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 Benny563

Benny563
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:46 PM

Posted 03 December 2017 - 12:04 PM

Though it still disturbs me and is starting to get annoying, I chose not to remove Norton Connect Safe.

Two more things: Should I keep the infected files in quarantine or delete them? And should I keep both Malwarebytes and ESET NOD32?

Thanks for the support !


Edited by Benny563, 03 December 2017 - 12:10 PM.


#12 buddy215

buddy215

  • Moderator
  • 13,260 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:46 PM

Posted 03 December 2017 - 12:50 PM

You can perrmanently delete them. Easiest way to do that in AdwCleaner is to open AdwCleaner and choose Uninstall. Reinstall AdwCleaner when

adware is suspected.

 

I would definitely keep Malwarebytes. You don't need to purchase it but you would need to update it before scanning with it.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users