Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible trojan.fakems next step?


  • Please log in to reply
13 replies to this topic

#1 pasha19

pasha19

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 01 February 2018 - 03:19 PM

I looked at the self help removal guide and the task I could not find the task to be terminated in task manager.

 

I also am getting a message about a bitdefender.dmp being created in my temp folder.

 

I also have a DPTF folder in temp that cannot be deleted.

it contains the following files

esif_assist_64.exe and two dlls

 

rkill.exe and iexplore.exe both attempt to stop esif_assist_64.exe but it seems to restart immediately.

 

Spyhunter claims to find the Trojan.fakems

 

Malwarebytes only finds spyhumter as a pup.

 

Any suggestions for a next step?

 

The computer is a windows 10 laptop, Asus F555U.  (sorry I left that out)


Edited by pasha19, 01 February 2018 - 03:53 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 01 February 2018 - 06:10 PM

My suggestion to you is to allow Malwarebytes remove whatever it finds.

 

Use the programs below to clean, remove malware and remove adware after allowing Malwarebytes to remove what it found.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of Google Chrome and Avast.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 pasha19

pasha19
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 02 February 2018 - 08:33 AM

Spyhunter uninstalled

 

MalwareBytes run - quarantined appdata./roaming/enigma.../sh_installer.exe

                             - requested reboot

                             - bitdefender.dmp file message occurred after restart

 

running malwarebytes again with rootkit scanning on -  scan clean

 

ccleaner - files only cleaned

 

adwcleaner complete - requested reboot as indicated

                                  - bitdefender.dmp file message  occurred after restart

 

the following text appeared after restart

 

# AdwCleaner 7.0.7.0 - Logfile created on Fri Feb 02 14:11:11 2018
# Updated on 2018/18/01 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [1027 B] - [2018/2/2 14:7:16]
 
 
Starting ESET online scanner --  I enabled everything you said and disabled detection of suspicious applications (on by default)
                                               - starting scan
 
One Item Cleaned.
 
D:\Downloads\ccsetup539.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
 
 
D:\Downloads\ccsetup539.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
 

Edited by pasha19, 02 February 2018 - 12:32 PM.


#4 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 02 February 2018 - 10:43 AM

If you didn't use the default settings in CCleaner....you need to do that for a thorough cleaning.

CCleaner - Reset to defaults settings

 

As to the file folder in temp...it is a legit Intel file. See info at Intel® Dynamic Platform and Thermal Framework (DPTF) for Chromium OS | 01.org

 

When you post back with the Eset scan results...please tell me what problems exist as to excessive ads, browser redirects, sloooow computer, etc.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 pasha19

pasha19
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 02 February 2018 - 12:32 PM

ccleaner cleared 13 temporary internet files and 15 log files with the default setting.  Will rerun both of the above checks.

 

Browser redirects are intermittent so I am not sure.  Computer never has been slow.  Excessive ads wascleared about a week ago.  The bidefender.dmp file at reboot as noted is still an issue.

 

rerun of ADwCleaner

 

# AdwCleaner 7.0.7.0 - Logfile created on Fri Feb 02 17:35:10 2018
# Updated on 2018/18/01 by Malwarebytes 
# Database: 02-02-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
No malicious folders found.
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
No malicious registry entries found.
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries.
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [1195 B] - [2018/2/2 14:11:11]
C:/AdwCleaner/AdwCleaner[S0].txt - [1027 B] - [2018/2/2 14:7:16]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
 
re-runing eset

Edited by pasha19, 02 February 2018 - 12:43 PM.


#6 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 02 February 2018 - 12:55 PM

If you have Spybot S&D installed then uninstall it. That could be the source of the bitdefender.dmp file.

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 pasha19

pasha19
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 02 February 2018 - 02:17 PM

got a browser redirect for "fake" removal of virus by MS when first reading this message.

 

uninstalled Spybot S&D got a bunch of bitdefender.dmp errors before reboot.

 

ccleaner -

 

Windows startup

 

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"
Yes HKLM:Run SecurityHealth Microsoft Corporation %ProgramFiles%\Windows Defender\MSASCuiL.exe
Yes Startup Common Secunia PSI Tray.lnk Secunia C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
 
Startup Scheduled Tasks
 
Yes Task Adobe Flash Player PPAPI Notifier Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe -check pepperplugin
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task ASUS Live Update1 C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -critical
Yes Task ASUS Live Update2 C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -check
No Task ASUS USB Charger Plus ASUSTek Computer Inc. "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
Yes Task ATK Package 36D18D69AFC3 ASUSTek Computer Inc. "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" -CancelShutdown
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task SafeZone scheduled Autoupdate 1493410195 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task SafeZone scheduled Autoupdate 1500946370 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task Update Checker C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
 
Install
 
3D Builder Microsoft Corporation 12/12/2017 15.1.3342.0
7-Zip 16.04 (x64) Igor Pavlov 10/31/2017 4.75 MB 16.04
Adobe Acrobat Reader DC Adobe Systems Incorporated 12/2/2017 487 MB 18.009.20050
Adobe Flash Player 28 NPAPI Adobe Systems Incorporated 1/13/2018 19.8 MB 28.0.0.137
Adobe Flash Player 28 PPAPI Adobe Systems Incorporated 1/13/2018 19.7 MB 28.0.0.137
Alarms & Clock Microsoft Corporation 12/15/2017 10.1712.3352.0
App Installer Microsoft Corporation 11/14/2017 1.0.12894.0
Apple Application Support (32-bit) Apple Inc. 1/27/2018 131 MB 6.3
Apple Application Support (64-bit) Apple Inc. 1/27/2018 146 MB 6.3
Apple Mobile Device Support Apple Inc. 1/27/2018 27.7 MB 11.0.5.14
Apple Software Update Apple Inc. 1/27/2018 4.03 MB 2.5.0.1
ASUS Live Update ASUS 4/28/2017 11.7 MB 3.4.3
ASUS USB Charger Plus ASUS 4/28/2017 9.80 MB 4.1.8
ATK Package ASUS 4/28/2017 18.0 MB 1.0.0050
AudioWizard ICEpower a/s 4/28/2017 19.0 MB 1.0.0.93
Avast Free Antivirus AVAST Software 12/27/2017 1.09 GB 17.9.2322
Bonjour Apple Inc. 1/27/2018 2.01 MB 3.1.0.1
Calculator Microsoft Corporation 12/15/2017 10.1712.3351.0
Camera Microsoft Corporation 1/19/2018 2017.1117.10.0
CCleaner Piriform 1/29/2018 5.39
Get Help Microsoft Corporation 1/20/2018 10.1706.3471.0
Groove Music Microsoft Corporation 2/2/2018 10.18011.12711.0
HEVC Video Extension Microsoft Corporation 1/9/2018 1.0.10084.0
Intel® Dynamic Platform and Thermal Framework Intel Corporation 10/31/2017 13.2 MB 8.1.10603.192
Intel® Management Engine Components Intel Corporation 4/28/2017 11.0.0.1162
Intel® Processor Graphics Intel Corporation 1/29/2018 21.20.16.4550
Intel® Serial IO Intel Corporation 4/28/2017 30.100.1519.7
Intel® Security Assist Intel Corporation 4/28/2017 2.36 MB 1.0.0.532
iTunes Apple Inc. 1/27/2018 388 MB 12.7.3.46
Mail and Calendar Microsoft Corporation 1/26/2018 17.8827.21595.0
Malwarebytes version 3.3.1.2183 Malwarebytes 2/2/2018 185 MB 3.3.1.2183
Maps Microsoft Corporation 10/19/2017 5.1708.2764.0
Messaging Microsoft Corporation 11/28/2017 3.34.25004.0
Microsoft Pay Microsoft Corporation 1/24/2018 2.1.18011.0
Microsoft Sticky Notes Microsoft Corporation 12/14/2017 2.0.5.0
Microsoft Store Microsoft Corporation 2/2/2018 11801.1001.4.0
Microsoft System CLR Types for SQL Server 2017 CTP2.1 Microsoft Corporation 12/5/2017 5.25 MB 14.0.600.250
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 4/28/2017 1.45 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 7/15/2017 647 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 7/15/2017 876 KB 9.0.30729.6161
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 12/20/2017 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 12/20/2017 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 Microsoft Corporation 12/5/2017 20.1 MB 14.12.25810.0
Microsoft Visual Studio Installer Microsoft Corporation 12/5/2017 1.14.160.1208
Mixed Reality Viewer Microsoft Corporation 1/6/2018 2.1801.4012.0
Movies & TV Microsoft Corporation 12/22/2017 10.17112.13411.0
Mozilla Firefox 57.0.4 (x64 en-US) Mozilla 1/16/2018 140 MB 57.0.4
Mozilla Firefox 58.0.1 (x64 en-US) Mozilla 1/30/2018 144 MB 58.0.1
Mozilla Maintenance Service Mozilla 10/31/2017 485 KB 55.0.2
Notepad++ (64-bit x64) Notepad++ Team 12/10/2017 4.65 MB 7.5.3
OneNote Microsoft Corporation 1/31/2018 17.9001.21281.0
OpenOffice 4.1.4 Apache Software Foundation 10/31/2017 338 MB 4.14.9788
Paint 3D Microsoft Corporation 1/30/2018 4.1801.19027.0
People Microsoft Corporation 12/22/2017 10.3.3472.0
Photos Microsoft Corporation 12/14/2017 2017.39101.16720.0
Print 3D Microsoft Corporation 1/13/2018 2.0.3621.0
REALTEK Bluetooth Filter Driver REALTEK Semiconductor Corp. 4/28/2017 134 MB 1.3.886.030716
Realtek Card Reader Realtek Semiconductor Corp. 10/31/2017 14.6 MB 10.0.14393.31233
Realtek Ethernet Controller Driver Realtek 4/28/2017 3.64 MB 10.3.723.2015
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 10/31/2017 43.2 MB 6.0.1.7620
Realtek PCI-E Wireless LAN Driver REALTEK Semiconductor Corp. 12/18/2017 Drv_3.00.0018
Secunia PSI (3.0.0.11005) Secunia 10/31/2017 7.93 MB 3.0.0.11005
SQL Anywhere 16 SAP AG 5/24/2017 140 MB 16.0.2043
SQL Anywhere 16 Documentation, English, HTML Help SAP AG 5/24/2017 47.7 MB 16.0.1324
SQL Anywhere 16 Documentation, English, PDF SAP AG 5/24/2017 128 MB 16.0.1324
Store Experience Host Microsoft Corporation 2/2/2018 11801.1801.19001.0
Tips Microsoft Corporation 1/19/2018 6.7.3462.0
TortoiseSVN 1.9.7.27907 (64 bit) TortoiseSVN 12/7/2017 42.9 MB 1.9.27907
Vim 8.0 (self-installing) 1/27/2018
Visual Studio Community 2017 Microsoft Corporation 12/5/2017 15.5.27130.2010
Voice Recorder Microsoft Corporation 12/14/2017 10.1712.3351.0
Weather Microsoft Corporation 12/15/2017 4.22.3254.0
Windows SDK AddOn Microsoft Corporation 12/3/2017 152 KB 10.1.0.0
Windows Software Development Kit - Windows 10.0.16299.15 Microsoft Corporation 12/5/2017 2.14 GB 10.1.16299.15
WinFlash ASUSTeK COMPUTER INC. 4/28/2017 5.47 MB 3.2.2
Xbox Microsoft Corporation 12/15/2017 36.36.12003.0
Xbox Game bar Microsoft Corporation 12/13/2017 1.24.5001.0
Xbox Game Speech Window Microsoft Corporation 12/15/2017 1.21.13002.0
Xbox Identity Provider Microsoft Corporation 10/31/2017 12.30.5001.0
Xbox Live Microsoft Corporation 12/14/2017 1.11.29001.0
 
 
NOTE:  The version of Notepad++ I am running was compiled by me it was up to date as of a week ago.  The signed application logic is commented to allow me to compile the app and run it.

Edited by pasha19, 02 February 2018 - 02:19 PM.


#8 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 02 February 2018 - 03:39 PM

Disable these Windows Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run CCleaner Monitoring Piriform Ltd "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files\iTunes\iTunesHelper.exe"

Yes Startup Common Secunia PSI Tray.lnk Secunia C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
 
Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.
Yes Task ASUS Live Update1 C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -critical
Yes Task ASUS Live Update2 C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -check
Yes Task SafeZone scheduled Autoupdate 1493410195 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task SafeZone scheduled Autoupdate 1500946370 Avast Software C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
Yes Task Update Checker C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
 
Uninstall these programs:
You have two Firefox browsers...unusual...Uninstall Mozilla Firefox 57.0.4 (x64 en-US) Mozilla 1/16/2018 140 MB 57.0.4
 
I was expecting to see bit defender. Was Bit Defender ever installed on this computer?
 
How to uninstall and remove the Avast SafeZone browser

The removing process is actually very simple if you know where to find the appropriate option. While the browser does not have a separate uninstall program, it can be removed by using the Avast antivirus' setup program instead.

To uninstall and remove the Avast SafeZone browser, do the following.

  1. Open Control Panel.
  2. Go to the following path:
    Control Panel -> Programs and Features -> Uninstall a Program
  3. Find the line for Avast Free Antivirus 2016 and click the Change button above the list.
  4. The configuration window for Avast Antivirus will appear. Untick the browser option as shown below and you are done. avast-setup-remove-safezone-component-60

You will be prompted to restart your PC. Once this is done, the SafeZone browser will be removed completely.

 
 
Was this computer purchased new in 2017 with Windows 10 installed?
 
 
 

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#9 pasha19

pasha19
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 02 February 2018 - 04:07 PM

ccleaner windows and scheduled tasks were disabled successfully

 

older firefox was removed -- that bothered me too.  The current one still opens.

 

I will remove avast safe browser as soon as I finish this update I am using avast safe browser now.

 

bitdefender may have been installed as I tried several av's one at a time to determine if any of them could find something others did not.

 

yes I believe this computer was bought in 2017 with Windows 10 already installed.

 

However, it temporarily was dual booted with Windows 7 that was later determined to be no longer needed and Windows 10 was reinstalled as the ONLY OS.

bitdefender may have been installed as I tried several av's one at a time to determine if any of them could find something others did not.

 


#10 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 02 February 2018 - 04:19 PM

Bit Defender has a tool for completing the uninstall. See info at How to uninstall Bitdefender 2016

I suggest using it.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 pasha19

pasha19
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 02 February 2018 - 06:04 PM

I ran the bitdefender removal you suggested.



#12 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 02 February 2018 - 06:59 PM

Hopefully that along with uninstalling Spybot has gotten rid of the bit defender notice.

 

If you don't have an ad blocker installed in your browsers I suggest you install Adblock Plus.
 
Block Third Party cookies from installing. Those are the ad and tracking cookies. Once blocked...run CCleaner to remove the existing ones.
 
After rebooting....let me know if that bit defender message reappears.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 pasha19

pasha19
  • Topic Starter

  • Members
  • 202 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Michigan
  • Local time:08:25 PM

Posted 02 February 2018 - 09:37 PM

added ad-block plus;

 

Third party cookies were already disabled.

 

reboot yielded no bitdefender.dmp message.

 

unless something else happens I believe you solved it.



#14 buddy215

buddy215

  • Moderator
  • 13,409 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:06:25 PM

Posted 03 February 2018 - 06:20 AM

Good...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users