Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suddenly I am hearing sounds through my headphones


  • Please log in to reply
19 replies to this topic

#1 NeedHelpy

NeedHelpy

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 11:02 AM

Hello,
My problem is that suddenly without downloading anything I hear sounds through my headphones at different.Sounds like an kid was coughing, laughing and doing different things. At one occasion even askimg himself if he is recording this whole thing.
I Immediately boot into safe mode and deeply scanned pc with malwarebytes, but it didnt detect anything, same thing with Windowz Defender.
I wont be using my pc untill I resolve this issue, as I am afraid I have been RATted or infected.
I dont want to do a clean install of windows and delete everything, only doing that as last resort.
Regards.
N

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • BC Advisor
  • 12,908 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:27 PM

Posted 07 March 2018 - 11:20 AM

Welcome to BC....

Suggest you unplug the headphone and disable camera and built in mike if there are any until this is resolved.

 

Use the programs below to clean and remove adware and malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of Google Chrome and Avast.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by buddy215, 07 March 2018 - 11:20 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#3 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 11:28 AM

Welcome to BC....
Suggest you unplug the headphone and disable camera and built in mike if there are any until this is resolved.
 
Use the programs below to clean and remove adware and malware.
 
Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the
Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of Google Chrome and Avast.
After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.
CCleaner - PC Optimization and Cleaning - Free Download
 
Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 
Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Thank you so much for such a quick response. I have to go online to get this things done right? Or can i do them in safe mode?

#4 buddy215

buddy215

  • BC Advisor
  • 12,908 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:27 PM

Posted 07 March 2018 - 11:43 AM

I think you would be okay as far as spying being possible if you disable/ unplug your mikes and cameras. But you can use Safe Mode with Networking

to download and run the programs. But I would suggest doing it in regular mode.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#5 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 11:49 AM

Aha ok, then I will now do as you said and get back once I am done

#6 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 04:51 PM

I should post results as file or just copy paste it here?

#7 buddy215

buddy215

  • BC Advisor
  • 12,908 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:27 PM

Posted 07 March 2018 - 04:54 PM

copy and paste...AdwCleaner and Eset logs per instructions.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#8 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 08:03 PM

Eset log:
C:\Users\Tilen\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe a variant of Win32/FusionCore.C potentially unwanted application cleaned by deleting
C:\Users\Tilen\AppData\Roaming\uTorrent\updates\3.4.2_38758.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Users\Tilen\AppData\Roaming\uTorrent\updates\3.4.2_38913.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application cleaned by deleting
D:\AUTODESK.MAYA.V2013.WIN64-ISO\maya2013_x64.rar a variant of Win32/Keygen.HA potentially unsafe application deleted
D:\Cheat Engine 6.7\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
D:\Downloadi sz neta\ccsetup540pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
D:\Program Files (x86)\Age of Empires II HD\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application cleaned by deleting
D:\Windows.old\Program Files\Comodo\Dragon\extensions\ask_toolbar.crx Win32/Bundled.Toolbar.Ask.P potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application,Win32/Bundled.Toolbar.Ask.Q potentially unsafe application deleted
D:\Windows.old\Program Files\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\PokerTracker 4\Data\Bin\iPokerCommunicator.pt4 a variant of Win32/Packed.Themida suspicious application cleaned by deleting
D:\Windows.old\Program Files\PokerTracker 4\Data\Bin\PartyCommunicator.pt4 a variant of Win32/Packed.Themida suspicious application cleaned by deleting
D:\Windows.old\Program Files\PokerTracker 4\Data\Bin\StarsCommunicator.pt4 a variant of Win32/Packed.Themida suspicious application cleaned by deleting
D:\Windows.old\Program Files\PokerTracker 4\Data\Bin\TiltCommunicator.pt4 a variant of Win32/Packed.Themida suspicious application cleaned by deleting
D:\Windows.old\Program Files\Positive Finds\Extensions\{f57f3b24-cabd-4998-9e47-8842f793f6de}.xpi JS/BrowseFox.A potentially unwanted application deleted
D:\Windows.old\Program Files\SearchProtect\Main\bin\SPtool.dll_1391020843186 a variant of Win32/Conduit.SearchProtect.I potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\Main\bin\SPtool.dll_1391020843303 a variant of Win32/Conduit.SearchProtect.I potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\Main\bin\SPtool.dll_1391450085321 a variant of Win32/Conduit.SearchProtect.I potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\settings.html Win32/Conduit.SearchProtect.AQ potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\bubble\bubble.html Win32/Conduit.SearchProtect.AW potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\bubble\bubble.js JS/Conduit.SearchProtect.E potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\libs\main.js JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\libs\SPDialogAPI.js JS/Conduit.SearchProtect.I potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\protection\protection.html Win32/Conduit.SearchProtect.AZ potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\protection\protection.js JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.html Win32/Conduit.SearchProtect.AZ potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\protectionDS\protectionDS.js JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\settings\settings.html Win32/Conduit.SearchProtect.AR potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\settings\settings.js JS/Conduit.SearchProtect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.html Win32/Conduit.SearchProtect.AN potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\SearchProtect\UI\dialogs\uninstall\uninstall.js JS/Conduit.SearchProtect.D potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\uTorrentControl_v6\hk64tbuTor.dll Win64/Toolbar.Conduit.B potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\uTorrentControl_v6\hktbuTor.dll Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\uTorrentControl_v6\ldrtbuTor.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\uTorrentControl_v6\prxtbuTor.dll Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\uTorrentControl_v6\tbuTor.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\uTorrentControl_v6\uTorrentControl_v6ToolbarHelper.exe Win32/Toolbar.Conduit.V potentially unwanted application cleaned by deleting
D:\Windows.old\Program Files\Wondershare\Dr.Fone for Android\Root\getroot a variant of Android/Exploit.Lotoor.GW trojan cleaned by deleting
D:\Windows.old\Program Files\Wondershare\Dr.Fone for Android\Root\rootf.apk Android/Exploit.Lotoor.EF trojan deleted
D:\Windows.old\Program Files\Wondershare\Dr.Fone for Android\Root\sr\getroot a variant of Android/Exploit.Lotoor.GX trojan cleaned by deleting
D:\Windows.old\ProgramData\Conduit\IE\CT3289075\UninstallerUI.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting
D:\Windows.old\ProgramData\Conduit\Multi\CT3289075\UninstallerUI.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\ePnCSE.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\VpGqeMBTK.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\XVT6ic7i.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\e4VFndCe6J.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.1.dll Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_3.0.0.11.dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\Community Alerts\Aler0.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\Community Alerts\Alert.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\CT3289075\uTorrentControl_v6AutoUpdateHelper.exe a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Conduit\CT3289075\uTorrentControl_v6ToolbarHelper.exe a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\ePnCSE.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\VpGqeMBTK.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\XVT6ic7i.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\e4VFndCe6J.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\ePnCSE.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\VpGqeMBTK.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\XVT6ic7i.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\e4VFndCe6J.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\09G49K1M\TBUpdaterLogic[1].dll Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ROJ5K8SN\TBUpdaterLogic[1].dll Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ROJ5K8SN\TBUpdaterLogic[2].dll a variant of Win32/Conduit.SearchProtect.N potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.37.zip multiple threats,a variant of Win32/Adware.Mobogenie.A application,a variant of Android/Mobserv.A potentially unwanted application,Win32/NextLive.A potentially unwanted application deleted
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\aapt.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\CrashReport.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\CrashRpt.dll a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\devcon_x64.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\devcon_x86.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DriverInstall_x64.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DriverInstall_x86.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\lsusb.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\mgadb.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MgAssist.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\mgusb.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk a variant of Android/Mobserv.A potentially unwanted application deleted
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\OutlookOperatorC.exe a variant of Win32/Adware.Mobogenie.A application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\7932BDE.tmp Win32/MyPCBackup.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\awh1E0C.tmp multiple threats,a variant of Win32/AdWare.BetterSurf.C application,Win32/AdWare.BetterSurf.G application,a variant of Win32/Amonetize.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\mempodroid Android/Exploit.MempoDroid.A trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\nsf9AC6.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\nsi7C4F.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\nsm79FC.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\nst98B1.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\Runner.exe a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\set-app.exe multiple threats,a variant of Win32/AdWare.BetterSurf.C application,Win32/Adware.BetterSurf.J application,a variant of Win32/Amonetize.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\setapp.exe multiple threats,a variant of Win32/AdWare.BetterSurf.C application,Win32/AdWare.BetterSurf.G application,a variant of Win32/Amonetize.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\Setup-a.exe multiple threats,a variant of Win32/AdWare.BetterSurf.C application,Win32/AdWare.BetterSurf.G application,a variant of Win32/Amonetize.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\Setup2.exe multiple threats,a variant of Win32/AdWare.BetterSurf.C application,Win32/AdWare.BetterSurf.G application,a variant of Win32/Amonetize.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\sp-downloader.exe Win32/Toolbar.Conduit.R potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\SPIdentifier.exe Win32/Conduit.SearchProtect.K potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\tmp262D.tmp a variant of MSIL/Packed.Confuser.K suspicious application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\tmp6EC2.tmp a variant of MSIL/Packed.Confuser.K suspicious application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\tmpB71D.tmp a variant of MSIL/Packed.Confuser.K suspicious application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\tmpDC1E.tmp a variant of MSIL/Packed.Confuser.K suspicious application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\utt2880.tmp.exe Win32/Toolbar.Conduit.S potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\vdj9E18.tmp.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted
D:\Windows.old\Users\Tilen\AppData\Local\Temp\ct3289075\ctbe.exe Win32/Toolbar.Conduit.AF potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\ct3289075\ieLogic.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\ct3289075\statisticsStub.exe a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\ct3289075\stub.exe a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\is-NMP9N.tmp\Offercast2801_ARS_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\uTorrentControl_v6\nsa4795.tbuTo0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Temp\uTorrentControl_v6\nsp4A70.tbuTo2.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\bamiojpndlgnofmoeoljkfdgmmdhoofk\1.0\ePnCSE.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\idabmhbfpohmignncopgoichdjeboaen\3.7\VpGqeMBTK.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\187\XVT6ic7i.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\content.js JS/Chromex.Agent.L trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Local\Torch\User Data\Default\Extensions\okfhhpljfpkcndhhlhconnalepffnklk\2.1\e4VFndCe6J.js JS/Kryptik.ATL trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\FCTB000059925\Toolbar\Toolbar.dll a variant of Win32/Toolbar.Softomate.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\hk64tbuTo0.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\hk64tbuTo2.dll a variant of Win64/Toolbar.Conduit.B potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\hk64tbuTor.dll Win64/Toolbar.Conduit.B potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\hktbuTo0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\hktbuTo2.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\hktbuTor.dll Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\ldrtbuTo0.dll a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\ldrtbuTo2.dll a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\ldrtbuTor.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\prxtbuTo0.dll a variant of Win32/Toolbar.Conduit.AR potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\prxtbuTo2.dll a variant of Win32/ClientConnect.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\tbuTo0.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\tbuTo1.dll a variant of Win32/Toolbar.Conduit.Y potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\tbuTo2.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\tbuTor.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\LocalLow\uTorrentControl_v6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Roaming\MOJA SLIKA1.exe MSIL/Agent.PDS trojan cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Roaming\mgyun\VRoot\AppCool.apk a variant of Android/Spy.Agent.BK trojan deleted
D:\Windows.old\Users\Tilen\AppData\Roaming\mgyun\VRoot\CleanMaster.apk a variant of Android/Spy.Agent.GR trojan deleted
D:\Windows.old\Users\Tilen\AppData\Roaming\mgyun\VRoot\com.mgyun.superuser.apk a variant of Android/Spy.Agent.GR trojan deleted
D:\Windows.old\Users\Tilen\AppData\Roaming\Mozilla\Firefox\Profiles\bo67nfco.default\extensions\{f57f3b24-cabd-4998-9e47-8842f793f6de}.xpi JS/BrowseFox.A potentially unwanted application deleted
D:\Windows.old\Users\Tilen\AppData\Roaming\Mozilla\Firefox\Profiles\bo67nfco.default\extensions\amoi@oowsn.edu\content\bg.js JS/Adware.MultiPlug.I application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Roaming\Mozilla\Firefox\Profiles\bo67nfco.default\extensions\dn89df@a-.net\content\bg.js JS/Adware.MultiPlug.I application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Roaming\Mozilla\Firefox\Profiles\bo67nfco.default\extensions\ueou5oirbu@re-.net\content\bg.js JS/Adware.MultiPlug.I application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Roaming\uTorrent\updates\3.3.2_30416.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\AppData\Roaming\Wandoujia2\s3_push_1.apk multiple threats,a variant of Android/Xinyinhe.B potentially unwanted application,a variant of Android/Qysly.A trojan deleted
D:\Windows.old\Users\Tilen\Desktop\ANM\Age of Empires II Gold Edition\saa\Process.exe Win32/PrcView potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\Jajčka\ROOTMaster_1.0.2.apk multiple threats,Android/KingRoot.B potentially unsafe application,a variant of Android/KingRoot.C potentially unsafe application,a variant of Android/DroidRooter.AD potentially unsafe application,a variant of Android/Spy.Agent.BN trojan deleted
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\simple_d3d_nik0815.dll a variant of Win32/GameHack.ADQ potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\Heci\snd-reversingwithlena-tutorials\snd-reversingwithlena-tutorial10.tutorial\files\cconvert.rar a variant of Generik.GHLUGHI trojan deleted
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\Heci\snd-reversingwithlena-tutorials\snd-reversingwithlena-tutorial32.tutorial\files\topo12_fixed.rar a variant of Win32/HackTool.ToPo.AA potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\Heci\snd-reversingwithlena-tutorials\snd-reversingwithlena-tutorial36.tutorial\files\lena151's KeygenMe#1.Solution.exe a variant of Win32/Keygen.AM potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\Heci\snd-reversingwithlena-tutorials\snd-reversingwithlena-tutorial40.tutorial\files\Cleaned&Patched ReverseMe#8 by lena151.exe a variant of Win32/Keygen.BE potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\Heci\snd-reversingwithlena-tutorials\snd-reversingwithlena-tutorial40.tutorial\files\ReverseMe#8 by lena151 keygen.exe a variant of Win32/Keygen.BE potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\Jajčka\vse\Phishers\fb page\post.php HTML/Phishing.Agent.H.Gen trojan cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\levastan\CDPATCHER\СDРаtcher.exe a variant of MSIL/Packed.Confuser.K suspicious application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\levastan\se\GACJS\utorrent-1-.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
D:\Windows.old\Users\Tilen\Desktop\levastan\se\GACJS\Microsoft Office ProPlus 2013 VL x86 EN\LaNanov11.zip a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Desktop\sredina\Fenix Injector 3.2.exe a variant of Win32/DllInject.CZ potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\3.3.5.rar Win32/RiskWare.GameHack.P application deleted
D:\Windows.old\Users\Tilen\Downloads\AegisCrypter5.3.7z a variant of Win32/TrojanDropper.Agent.PYN trojan deleted
D:\Windows.old\Users\Tilen\Downloads\android-netspoof-0.9.apk a variant of Android/HackTool.NetSpoof.A potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\android-recovery.exe multiple threats,a variant of Android/Exploit.Lotoor.CX trojan,a variant of Android/Exploit.Lotoor.GW trojan,Android/Exploit.MempoDroid.A trojan,Android/Exploit.Lotoor.EF trojan,Android/Exploit.Lotoor.EZ trojan,a variant of Android/Exploit.Lotoor.GX trojan cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\AoE2WideSetup.msi Win32/PrcView potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\AoE2WideSetup.zip Win32/PrcView potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\avc-free.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\Beginner hackpack by royalityRemco.rar multiple threats,Win32/HackTool.DoSer.P trojan,MSIL/Flooder.Agent.AM trojan,MSIL/HackTool.Agent.AC trojan,MSIL/Flooder.Agent.AN trojan,MSIL/HackTool.DoSer.AJ trojan,MSIL/HackTool.Agent.DM trojan,RAR/Agent.Y trojan,Win32/Injector.Autoit.AFB trojan,a variant of Win32/Injector.Autoit.AFG trojan,MSIL/HackTool.DoSer.CP trojan,MSIL/HackTool.Flooder.A trojan,a variant of MSIL/HackTool.LOIC.AF potentially unsafe application,a variant of Win32/HackTool.DoSer.J trojan,a variant of Win32/Packed.NoobyProtect.P suspicious application,a variant of Win32/Packed.VMProtect.AAA trojan,a variant of Win32/Packed.Enigma.AAF trojan,Win32/RiskWare.Crypter.CN application,Win32/HackTool.Delf.V potentially unsafe application,Win32/Fynloski.AA trojan,Win32/Delf.AKA trojan,MSIL/HackTool.Agent.BX trojan,a variant of MSIL/Spy.Keylogger.AMU trojan,MSIL/KeyLogger.Neptune.A application deleted
D:\Windows.old\Users\Tilen\Downloads\C++ ESP Aimbot MultiHack Source.zip a variant of Win32/GameHack.BRH potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\C-FUD.rar a variant of Win32/Injector.FIA trojan deleted
D:\Windows.old\Users\Tilen\Downloads\CDPatcher 2.1.1.9.rar a variant of MSIL/Packed.Confuser.K suspicious application deleted
D:\Windows.old\Users\Tilen\Downloads\CheatEngine61.exe Win32/OpenCandy potentially unsafe application,a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\claster111.zip PHP/Alter.A trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Counter-Strike Source v84 UP1 Multi.exe Win32/GameHack.ANE potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\Crime24.rar MSIL/Spy.Agent.BH trojan deleted
D:\Windows.old\Users\Tilen\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\DarkCometRAT531.rar multiple threats,Win32/HackTool.Delf.V potentially unsafe application,Win32/RiskWare.Crypter.CN application,Win32/Fynloski.AA trojan deleted
D:\Windows.old\Users\Tilen\Downloads\DarkCometRAT531.zip multiple threats,Win32/HackTool.Delf.V potentially unsafe application,Win32/RiskWare.Crypter.CN application,Win32/Fynloski.AA trojan deleted
D:\Windows.old\Users\Tilen\Downloads\DC 5.3.rar Win32/Fynloski.AA trojan deleted
D:\Windows.old\Users\Tilen\Downloads\DCRat.rar multiple threats,Win32/Fynloski.AA trojan,Win32/HackTool.Delf.V potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\download pack.rar MSIL/HackTool.Crypter.EL trojan deleted
D:\Windows.old\Users\Tilen\Downloads\drfone-for-android_full1546.exe multiple threats,a variant of Android/Exploit.Lotoor.CX trojan,a variant of Android/Exploit.Lotoor.GW trojan,Android/Exploit.MempoDroid.A trojan,Android/Exploit.Lotoor.EF trojan,Android/Exploit.Lotoor.EZ trojan,a variant of Android/Exploit.Lotoor.GX trojan cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\DrFoneAndroid (1).exe multiple threats,a variant of Android/Exploit.Lotoor.CX trojan,a variant of Android/Exploit.Lotoor.GW trojan,Android/Exploit.MempoDroid.A trojan,Android/Exploit.Lotoor.EF trojan,Android/Exploit.Lotoor.EZ trojan,a variant of Android/Exploit.Lotoor.GX trojan cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\DrFoneAndroid.exe multiple threats,a variant of Android/Exploit.Lotoor.CX trojan,a variant of Android/Exploit.Lotoor.GW trojan,Android/Exploit.MempoDroid.A trojan,Android/Exploit.Lotoor.EF trojan,Android/Exploit.Lotoor.EZ trojan,a variant of Android/Exploit.Lotoor.GX trojan cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\dSploit-1.0.31b.apk Android/HackTool.DSploit.E potentially unsafe application,a variant of Android/HackTool.DSploit.A potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\Extreme-Injector.rar MSIL/HackTool.Inject.A trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Fenix Injector 3.2_mpgh.net.rar a variant of Win32/DllInject.CZ potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\Files Required.zip a variant of Win32/GameHack.AWG potentially unsafe application,a variant of MSIL/DllInject.AE potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\forumbleep.rar multiple threats,a variant of MSIL/PSW.Agent.PIQ trojan,a variant of MSIL/Ubot.D potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\FreeWindowsApplication (1).zip multiple threats,MSIL/TrojanDownloader.Agent.XO trojan,a variant of MSIL/Injector.CKF trojan deleted
D:\Windows.old\Users\Tilen\Downloads\FreeWindowsApplication.zip multiple threats,MSIL/TrojanDownloader.Agent.XO trojan,a variant of MSIL/Injector.CKF trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Grieves Crypter v5.rar Win32/TrojanDropper.Binder.NBH trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Hack-Facebook-April-2014.txt JS/ExtenBro.FBook.DP trojan cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\HawkEye Keylogger Cracked (1).rar a variant of MSIL/Autorun.Spy.Agent.AU worm deleted
D:\Windows.old\Users\Tilen\Downloads\HawkEye Keylogger Cracked.rar a variant of MSIL/Autorun.Spy.Agent.AU worm deleted
D:\Windows.old\Users\Tilen\Downloads\HC-R30-10-cracked.rar a variant of Win32/Packed.NoobyProtect.M suspicious application deleted
D:\Windows.old\Users\Tilen\Downloads\Hex-Rays.IDA.Professional.v6.1.zip Win32/HackTool.IDA.A trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Hotspot shield 2.65 By LeoMC (1).rar Win32/Toolbar.Conduit potentially unwanted application,a variant of Win32/Toolbar.Conduit.AI potentially unwanted application,a variant of Win32/Toolbar.Conduit.B potentially unwanted application,Win32/Toolbar.Conduit.Y potentially unwanted application deleted
D:\Windows.old\Users\Tilen\Downloads\Hotspot shield 2.65 By LeoMC.rar Win32/Toolbar.Conduit potentially unwanted application,a variant of Win32/Toolbar.Conduit.AI potentially unwanted application,a variant of Win32/Toolbar.Conduit.B potentially unwanted application,Win32/Toolbar.Conduit.Y potentially unwanted application deleted
D:\Windows.old\Users\Tilen\Downloads\Infinity Crypter (BETA) - Cracked by Meth.zip multiple threats,a variant of MSIL/Riskware.Crypter.EL application,MSIL/HackTool.Crypter.CL trojan deleted
D:\Windows.old\Users\Tilen\Downloads\JTR.zip Win32/HackTool.John potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\Limitless Logger 6.7.rar a variant of MSIL/Packed.NetSeal.A suspicious application deleted
D:\Windows.old\Users\Tilen\Downloads\MeepoIt_mpgh.net.rar Win32/Packed.Autoit.H suspicious application deleted
D:\Windows.old\Users\Tilen\Downloads\MT65XX-Drivers.rar a variant of Win32/RootGenius.B potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\nik0815_simple_cod4_mpgh.net (1).rar a variant of Win32/GameHack.ADQ potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\nik0815_simple_cod4_mpgh.net.rar a variant of Win32/GameHack.ADQ potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\PandoraRecovery2.1.1Setup.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\PayPalCrack.rar a variant of Win32/Injector.AVPE trojan deleted
D:\Windows.old\Users\Tilen\Downloads\PCKeeper Installer.exe a variant of Win32/Adware.PCKeeper.A application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\PEiD-0.95.rar a variant of Generik.MRAZYUF trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Predator 14 - Cracked by Meth (1).zip a variant of MSIL/Autorun.Spy.Agent.AU worm deleted
D:\Windows.old\Users\Tilen\Downloads\Predator 14 - Cracked by Meth.zip a variant of MSIL/Autorun.Spy.Agent.AU worm deleted
D:\Windows.old\Users\Tilen\Downloads\Project Neptune v2.0.rar MSIL/KeyLogger.Neptune.A application deleted
D:\Windows.old\Users\Tilen\Downloads\PT-Install-v4.10.9.exe a variant of Win32/Packed.Themida suspicious application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\radmin35.zip a variant of Win32/RemoteAdmin.RAdmin.AC potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\Rpx 1.3.zip a variant of MSIL/Packed.RPX.K trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Sentry MBA v 1.4.1.rar a variant of MSIL/Injector.AZP trojan deleted
D:\Windows.old\Users\Tilen\Downloads\snd-reversingwithlena-tutorials.rar multiple threats,a variant of Win32/Keygen.BE potentially unsafe application,a variant of Win32/HackTool.Patcher.A potentially unsafe application,a variant of Win32/Keygen.AM potentially unsafe application,a variant of Win32/HackTool.Patcher.N potentially unsafe application,a variant of Generik.BHXOWWI trojan,a variant of Generik.ICKLCTR trojan,a variant of Generik.GELMCJF trojan,a variant of Win32/SoftWareProtector.A potentially unwanted application,a variant of Generik.GHLUGHI trojan,a variant of Win32/HackTool.ToPo.AA potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\SuperOneClick 1.7 with RageAgainstTheCage for L3 (1).rar multiple threats,Android/Exploit.Lotoor.AK trojan,Android/Exploit.RageCage.A trojan deleted
D:\Windows.old\Users\Tilen\Downloads\SuperOneClick 1.7 with RageAgainstTheCage for L3.rar multiple threats,Android/Exploit.Lotoor.AK trojan,Android/Exploit.RageCage.A trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Syslogger.zip MSIL/Spy.Agent.JW trojan deleted
D:\Windows.old\Users\Tilen\Downloads\Unknown DoSer.rar Win32/HackTool.DoSer.A trojan deleted
D:\Windows.old\Users\Tilen\Downloads\zANTI2 (1).apk a variant of Android/Anti.E potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\zANTI2.apk a variant of Android/Anti.E potentially unsafe application deleted
D:\Windows.old\Users\Tilen\Downloads\adobe13.1.3\1°.Keyg@n\disable_activation.cmd BAT/HostsChanger.A potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\Age of Empires II Gold Edition\saa\Process.exe Win32/PrcView potentially unsafe application cleaned by deleting
D:\Windows.old\Users\Tilen\Downloads\Autodesk 3DS Max Design 2013 (2012) [x32x64][MULTi6][WwW.ZoNaTorrent.CoM]\Autodesk 3DS Max Design 2013 (2012) [x32][MULTi6][WwW.ZoNaTorrent.CoM]\maxdes2013_x32.iso a variant of Win32/Keygen.HA potentially unsafe application deleted
D:\Windows.old\Windows\Installer\16a131c0.msi a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted
D:\Windows.old\Windows\Installer\2ecf0499.msi a variant of Win32/RemoteAdmin.RAdmin.AC potentially unsafe application deleted
D:\Windows.old\Windows\Installer\4684fd.msi Win32/PrcView potentially unsafe application deleted
D:\Windows.old\Windows\System32\rserver30\rserver3.exe a variant of Win32/RemoteAdmin.RAdmin.AC potentially unsafe application cleaned by deleting
D:\Windows.old\Windows\Temp\nsb9DF1.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsc5DCF.exe Win32/Conduit.SearchProtect.R potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsf95C.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsf9CEF.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsf9CF0.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsg4195.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nshA0D0.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsi1348.exe Win32/Conduit.SearchProtect.R potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsiAF57.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsj214D.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsj214E.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsjB215.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsk3114.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsl917D.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nslDEAC.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsmA60F.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsn6BB1.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsn8FF4.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nso60A1.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsoFE13.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsp2922.exe Win32/Conduit.SearchProtect.V potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsr9E02.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nsw91CC.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old\Windows\Temp\nszB225.exe Win32/Conduit.SearchProtect.V potentially unwanted application,a variant of Win32/Toolbar.Conduit.AU potentially unwanted application cleaned by deleting
D:\Windows.old.000\Users\tilen\AppData\Local\Temp\OICA515.tmp a variant of Win32/OpenInstall potentially unwanted application cleaned by deleting
D:\Windows.old.000\Users\tilen\Desktop\jt\Crypt-Gen V2.5.rar MSIL/Agent.KX trojan deleted
D:\Windows.old.000\Users\tilen\Downloads\DarkCometRAT531.zip multiple threats,Win32/HackTool.Delf.V potentially unsafe application,Win32/RiskWare.Crypter.CN application,Win32/Fynloski.AA trojan deleted
D:\Windows.old.000\Users\tilen\Downloads\Microsoft Office ProPlus 2013 VL x86 EN\LaNanov11.zip a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application deleted

#9 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 08:05 PM

AWG LOG:

# AdwCleaner 7.0.8.0 - Logfile created on Wed Mar 07 18:49:04 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-03-05.3
# Running on Windows 8.1 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************




########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

Edited by NeedHelpy, 07 March 2018 - 08:06 PM.


#10 buddy215

buddy215

  • BC Advisor
  • 12,908 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:27 PM

Posted 07 March 2018 - 08:28 PM

You should delete the windows.old files. Your previous Windows OS was heavily infected as you can see.

delete the Windows.old folder:

Step 1: Click in Windows' search field, type Cleanup, then click Disk Cleanup.

Step 2: Click the "Clean up system files" button.

Step 3: Wait a bit while Windows scans for files, then scroll down the list until you see "Previous Windows installation(s)."

Step 4: Check the box next to the entry, then make sure there are no other boxes checked (unless you do indeed want to delete those items). Click OK to start the cleanup.

 

You have pirated/ stolen software on the computer as seen in the Eset scan results below. You will continuously infect your

computer by downloading free stuff and illegal stuff using uTorrent and other download sites.

C:\Users\Tilen\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe a variant of Win32/FusionCore.C potentially unwanted application cleaned by deleting
C:\Users\Tilen\AppData\Roaming\uTorrent\updates\3.4.2_38758.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Users\Tilen\AppData\Roaming\uTorrent\updates\3.4.2_38913.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application cleaned by deleting
D:\AUTODESK.MAYA.V2013.WIN64-ISO\maya2013_x64.rar a variant of Win32/Keygen.HA potentially unsafe application deleted
D:\Cheat Engine 6.7\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting
D:\Downloadi sz neta\ccsetup540pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
D:\Program Files (x86)\Age of Empires II HD\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application cleaned by deleting

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”


#11 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 09:24 PM

INSTALLED PROGRAMS:

Adobe AIR Adobe Systems Incorporated 13.6.2015 18.0.0.144 All users
Adobe Community Help Adobe Systems Incorporated 23.5.2015 3.0.0.400 All users
Adobe Flash Player 28 NPAPI Adobe Systems Incorporated 6.2.2018 5,88 MB 28.0.0.161 All users
Adobe Flash Player 28 PPAPI Adobe Systems Incorporated 7.2.2018 4,88 MB 28.0.0.161 All users
Adobe Media Player Adobe Systems Incorporated 23.5.2015 1.8 All users
Alarmi Windows Microsoft Corporation 26.2.2015 6.3.9654.20335 All users
Arduino Arduino LLC 20.2.2018 418 MB 1.8.5 All users
Bralni seznam Windows Microsoft Corporation 18.6.2016 6.3.9654.21234 All users
Bralnik Microsoft Corporation 19.2.2018 6.4.9926.18907 All users
CCleaner Piriform 7.3.2018 5.40 All users
Discord Discord Inc. 9.1.2018 54,3 MB 0.0.300 Tilen
Explorer Suite IV 2.7.2015 9,75 MB All users
Finance MSN Microsoft Corporation 28.4.2016 3.0.4.344 All users
Glasba Microsoft Corporation 14.3.2015 2.6.672.0 All users
Google Chrome Google Inc. 12.4.2015 65.0.3325.146 All users
Hi-Rez Studios Authenticate and Update Service Hi-Rez Studios 6.2.2018 3.0.0.0 All users
HiPatch Hi-Rez Studios 6.3.2018 6.0.1.2 All users
HP AiO Printer Remote Hewlett-Packard Company 1.10.2015 55.1.43.0 All users
HP Customer Participation Program 14.0 HP 25.9.2016 14.0 All users
HP Imaging Device Functions 14.0 HP 25.9.2016 14.0 All users
HP Officejet 4500 G510g-m 14.0 Rel. 6 HP 25.9.2016 14.0 All users
HP Solution Center 14.0 HP 25.9.2016 14.0 All users
HP Support Solutions Framework HP Inc. 16.9.2016 7,35 MB 12.8.47.1 All users
HP Update Hewlett-Packard 25.9.2016 4,04 MB 5.005.002.002 All users
Hrana in pijača MSN Microsoft Corporation 14.7.2015 3.0.4.336 All users
HxD Hex Editor različica 1.7.7.0 Maël Hörz 4.3.2018 1.7.7.0 All users
IDA Pro v6.8 and Hex-Rays Decompiler (ARM,x64,x86) Hex-Rays SA 4.3.2018 208 MB All users
IIS 10.0 Express Microsoft Corporation 21.11.2016 37,2 MB 10.0.1736 All users
IIS Express Application Compatibility Database for x64 21.11.2016 All users
IIS Express Application Compatibility Database for x86 21.11.2016 All users
Intel® Management Engine Components Intel Corporation 26.2.2015 10.0.1.1000 All users
Java 8 Update 151 Oracle Corporation 31.12.2017 99,7 MB 8.0.1510.12 All users
Java 8 Update 151 (64-bit) Oracle Corporation 31.12.2017 114 MB 8.0.1510.12 All users
Java SE Development Kit 8 Update 151 (64-bit) Oracle Corporation 31.12.2017 348 MB 8.0.1510.12 All users
Kalkulator Windows Microsoft Corporation 26.2.2015 6.3.9600.20278 All users
MEGAsync Mega Limited 18.10.2015 All users
Microsoft .NET Framework 4.5 Multi-Targeting Pack Microsoft Corporation 21.11.2016 41,8 MB 4.5.50710 All users
Microsoft .NET Framework 4.5 SDK Microsoft Corporation 31.3.2015 18,5 MB 4.5.50710 All users
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack Microsoft Corporation 18.2.2016 49,3 MB 4.5.50932 All users
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) Microsoft Corporation 18.2.2016 75,2 MB 4.5.50932 All users
Microsoft .NET Framework 4.5.1 SDK Microsoft Corporation 31.3.2015 19,4 MB 4.5.51641 All users
Microsoft .NET Framework 4.6.1 SDK Microsoft Corporation 18.2.2016 20,0 MB 4.6.01055 All users
Microsoft .NET Framework 4.6.1 Targeting Pack Microsoft Corporation 18.2.2016 40,4 MB 4.6.01055 All users
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) Microsoft Corporation 18.2.2016 69,6 MB 4.6.01055 All users
Microsoft ASP.NET MVC 4 Runtime Microsoft Corporation 6.3.2015 2,93 MB 4.0.40804.0 All users
Microsoft Help Viewer 2.1 Microsoft Corporation 21.11.2016 12,1 MB 2.1.21005 All users
Microsoft Help Viewer 2.2 Microsoft Corporation 21.11.2016 12,1 MB 2.2.25420 All users
Microsoft Office Professional Plus 2013 Microsoft Corporation 6.3.2015 15.0.4569.1506 All users
Microsoft OneDrive Microsoft Corporation 10.9.2017 94,8 MB 17.3.6966.0824 Tilen
Microsoft Silverlight Microsoft Corporation 15.6.2017 305 MB 5.1.50907.0 All users
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 11.10.2016 1,92 MB 3.1.0000 All users
Microsoft SQL Server 2012 Command Line Utilities Microsoft Corporation 31.3.2015 876 KB 11.1.3000.0 All users
Microsoft SQL Server 2012 Data-Tier App Framework Microsoft Corporation 31.3.2015 10,1 MB 11.1.2902.0 All users
Microsoft SQL Server 2012 Data-Tier App Framework (x64) Microsoft Corporation 31.3.2015 10,1 MB 11.1.2902.0 All users
Microsoft SQL Server 2012 Express LocalDB Microsoft Corporation 31.3.2015 159 MB 11.1.3000.0 All users
Microsoft SQL Server 2012 Management Objects Microsoft Corporation 31.3.2015 23,8 MB 11.1.3000.0 All users
Microsoft SQL Server 2012 Management Objects (x64) Microsoft Corporation 31.3.2015 16,8 MB 11.1.3000.0 All users
Microsoft SQL Server 2012 Native Client Microsoft Corporation 31.3.2015 7,19 MB 11.1.3000.0 All users
Microsoft SQL Server 2012 T-SQL Language Service Microsoft Corporation 31.3.2015 6,14 MB 11.1.3000.0 All users
Microsoft SQL Server 2012 Transact-SQL ScriptDom Microsoft Corporation 31.3.2015 4,53 MB 11.1.3000.0 All users
Microsoft SQL Server 2014 Express LocalDB Microsoft Corporation 31.10.2015 227 MB 12.0.2000.8 All users
Microsoft SQL Server 2014 Management Objects Microsoft Corporation 31.10.2015 23,1 MB 12.0.2000.8 All users
Microsoft SQL Server 2014 Management Objects (x64) Microsoft Corporation 31.10.2015 15,1 MB 12.0.2000.8 All users
Microsoft SQL Server 2014 T-SQL Language Service Microsoft Corporation 31.10.2015 6,65 MB 12.0.2000.8 All users
Microsoft SQL Server 2014 Transact-SQL ScriptDom Microsoft Corporation 31.10.2015 6,17 MB 12.0.2000.8 All users
Microsoft SQL Server 2016 LocalDB Microsoft Corporation 21.11.2016 231 MB 13.0.1601.5 All users
Microsoft SQL Server 2016 Management Objects Microsoft Corporation 21.11.2016 25,1 MB 13.0.1601.5 All users
Microsoft SQL Server 2016 Management Objects (x64) Microsoft Corporation 21.11.2016 17,0 MB 13.0.1601.5 All users
Microsoft SQL Server 2016 T-SQL Language Service Microsoft Corporation 21.11.2016 7,25 MB 13.0.14500.10 All users
Microsoft SQL Server 2016 T-SQL ScriptDom Microsoft Corporation 21.11.2016 7,35 MB 13.0.1601.5 All users
Microsoft SQL Server Compact 4.0 SP1 x64 ENU Microsoft Corporation 31.3.2015 21,2 MB 4.0.8876.1 All users
Microsoft SQL Server Data Tools - enu (12.0.41012.0) Microsoft Corporation 31.10.2015 29,0 MB 12.0.41012.0 All users
Microsoft SQL Server Data Tools - enu (14.0.60519.0) Microsoft Corporation 21.11.2016 45,0 MB 14.0.60519.0 All users
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) Microsoft Corporation 31.3.2015 2,40 MB 12.0.30919.1 All users
Microsoft SQL Server System CLR Types Microsoft Corporation 21.11.2016 2,53 MB 10.50.1600.1 All users
Microsoft SQL Server System CLR Types (x64) Microsoft Corporation 21.11.2016 3,13 MB 10.50.1600.1 All users
Microsoft System CLR Types for SQL Server 2012 Microsoft Corporation 31.3.2015 1,66 MB 11.1.3366.16 All users
Microsoft System CLR Types for SQL Server 2012 (x64) Microsoft Corporation 31.3.2015 1,53 MB 11.1.3366.16 All users
Microsoft System CLR Types for SQL Server 2014 Microsoft Corporation 18.2.2016 4,85 MB 12.0.2402.29 All users
Microsoft System CLR Types for SQL Server 2016 Microsoft Corporation 21.11.2016 6,54 MB 13.0.1601.5 All users
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 13.6.2015 9,27 MB 8.0.59193 All users
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 30.8.2015 3,10 MB 8.0.61000 All users
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 12.1.2016 10,7 MB 9.0.30729.4148 All users
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 26.2.2015 13,2 MB 9.0.30729.6161 All users
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 10.7.2015 592 KB 9.0.30729 All users
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 13.6.2015 16,3 MB 9.0.30729.4148 All users
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 26.2.2015 10,1 MB 9.0.30729.6161 All users
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 7.2.2016 13,8 MB 10.0.40219 All users
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 7.2.2016 11,1 MB 10.0.40219 All users
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 6.3.2015 10.0.50903 All users
Microsoft Web Deploy 3.6 Microsoft Corporation 21.11.2016 10,8 MB 3.1238.1962 All users
Microsoft XNA Framework Redistributable 4.0 Refresh Microsoft Corporation 11.11.2015 9,45 MB 4.0.30901.0 All users
Mozilla Firefox 58.0.2 (x64 en-US) Mozilla 18.2.2018 145 MB 58.0.2 All users
Mozilla Maintenance Service Mozilla 18.2.2018 246 KB 58.0.2.6611 All users
MSI Afterburner 4.0.0 MSI Co., LTD 26.2.2015 4.0.0 All users
MSI Gaming APP MSI 26.2.2015 14,4 MB 3.0.0.09 All users
NaturalReader 15 Free Naturalsoft 14.12.2017 77,1 MB 1.00.0000 All users
NETGEAR WNA1100 wireless USB 2.0 driver NETGEAR 5.8.2015 1.0.0.0 All users
Nikon Message Center 2 Nikon 15.10.2016 9,42 MB 2.1.0 All users
Nikon Movie Editor Nikon 15.10.2016 33,2 MB 2.8.3 All users
Notepad++ Notepad++ Team 26.2.2015 6.7.4 All users
Novice MSN Microsoft Corporation 28.4.2016 3.0.4.344 All users
NVIDIA 3D Vision Controller Driver 352.65 NVIDIA Corporation 2.6.2015 352.65 All users
NVIDIA 3D Vision Driver 388.13 NVIDIA Corporation 11.12.2017 388.13 All users
NVIDIA GeForce Experience 3.6.0.74 NVIDIA Corporation 10.6.2017 3.6.0.74 All users
NVIDIA Graphics Driver 388.13 NVIDIA Corporation 11.12.2017 388.13 All users
NVIDIA HD Audio Driver 1.3.35.1 NVIDIA Corporation 11.12.2017 1.3.35.1 All users
NVIDIA PhysX System Software 9.15.0428 NVIDIA Corporation 2.6.2015 9.15.0428 All users
OldSchool RuneScape Launcher 1.2.7 Jagex Ltd 28.1.2018 26,8 MB 1.2.7 Tilen
OneNote Microsoft Corporation 26.7.2015 16.0.3327.1048 All users
Opera Stable 51.0.2830.40 Opera Software 5.3.2018 51.0.2830.40 All users
Optično branje Windows Microsoft Corporation 28.2.2015 6.3.9654.17133 All users
Oracle VM VirtualBox 5.2.8 Oracle Corporation 6.3.2018 174 MB 5.2.8 All users
Paladins Hi-Rez Studios 5.2.2018 All users
Picture Control Utility x64 Nikon 15.10.2016 29,1 MB 1.4.16 Tilen
Pomoč+namigi za Windows Microsoft Corporation 26.2.2015 6.3.9654.20559 All users
Potovanja MSN Microsoft Corporation 14.7.2015 3.0.4.336 All users
PowerISO Power Software Ltd 28.2.2015 6.1 All users
Pošta, Koledar in Ljudje 4.7.2015 All users
Prerequisites for SSDT Microsoft Corporation 31.3.2015 6,36 MB 12.0.2000.8 All users
Python 2.7.10 (64-bit) Python Software Foundation 25.1.2018 59,0 MB 2.7.10150 All users
Qualcomm Atheros Killer Network Manager Suite Qualcomm Atheros 26.2.2015 1.1.42.1045 All users
Razer Chroma SDK Core Components Razer Inc. 17.3.2017 1.14.2 All users
Razer Synapse Razer Inc. 17.3.2017 9,33 MB 2.20.17.302 All users
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 26.2.2015 6.0.1.7245 All users
SETCCE proXSign® 2.1.1.72 SETCCE 22.8.2017 37,3 MB 2.1.1.72 All users
Snemalnik zvokov Windows Microsoft Corporation 26.2.2015 6.3.9600.20280 All users
Soda PDF 7 LULU Software Limited 16.3.2015 7.1.11.22180 All users
Sound Blaster Cinema 2 Creative Technology Limited 26.2.2015 1.00.06 All users
Steam Valve Corporation 28.6.2016 2.10.91.91 All users
TAP-Windows 9.9.2 21.9.2015 9.9.2 All users
TeamViewer 13 TeamViewer 2.3.2018 13.0.6447 All users
Tom Clancy's Rainbow Six Siege Ubisoft Montreal 8.6.2017 All users
Uplay Ubisoft 9.6.2017 27.0 All users
Video Microsoft Corporation 6.11.2015 2.6.446.0 All users
ViewNX 2 Nikon 15.10.2016 71,4 MB 2.8.3 All users
Visual Studio 2012 x64 Redistributables AVG Technologies 23.5.2015 1,89 MB 14.0.0.1 All users
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 23.5.2015 1,69 MB 14.0.0.1 All users
VLC media player VideoLAN 8.5.2017 2.2.4 All users
Vreme MSN Microsoft Corporation 22.11.2016 3.0.4.350 All users
Windows Live Essentials Microsoft Corporation 11.10.2016 16.4.3528.0331 All users
Windows Media Player Firefox Plugin Microsoft Corp 17.12.2016 296 KB 1.0.0.8 Tilen
WinRAR 5.20 (64-bit) win.rar GmbH 26.2.2015 5.20.0 All users
WinSCP 5.11.2 Martin Prikryl 14.11.2017 81,4 MB 5.11.2 All users
XAMPP Bitnami 4.10.2017 573 MB 7.1.9-0 All users
Zemljevidi Microsoft Corporation 26.2.2015 2.1.3230.2048 All users
Šport MSN Microsoft Corporation 29.4.2016 3.0.4.345 All users

#12 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 09:25 PM

SCHEDULED TASKS:

Yes Task Adobe Flash Player PPAPI Notifier Adobe Systems Incorporated Tilen C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe -check pepperplugin
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated All users C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-tilen.kroselj@hotmail.com Adobe Systems Incorporated Tilen C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task ASC_ASCTray_Auto Tilen C:\Program Files (x86)\IObit\Advanced SystemCare Beta\ASCTray.exe /AlwaysShow
Yes Task CCleanerSkipUAC Piriform Ltd Tilen "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. All users C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. All users C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Opera scheduled Autoupdate 1440107343 Opera Software All users C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
No Task Optimize Start Menu Cache Files-S-1-5-21-3629500557-589580868-1972341005-1001 Tilen
Yes Task {31A8CE33-4FB9-48D9-A800-5D6C44DE1E7C} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a E:\browse.exe -d E:\
Yes Task {3B98B16A-B048-4383-9B02-1CAFA66E5F17} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Wondershare\PDFPasswordRemover\unins000.exe"
Yes Task {9AD4EF04-C8B6-495B-9573-19464A083587} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a F:\browse.exe -d F:\
Yes Task {BB2358EB-34F5-4B6F-ADDB-56B377AABAB7} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a "C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe" -d "C:\Program Files\SAMSUNG\USB Drivers"

#13 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 09:26 PM

STARTUP:

Yes HKCU:Run AdobeBridge Tilen
No HKCU:Run CCleaner Monitoring Piriform Ltd Tilen "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
Yes HKCU:Run Discord Discord Inc. Tilen C:\Users\Tilen\AppData\Local\Discord\app-0.0.300\Discord.exe
Yes HKCU:Run uTorrent BitTorrent Inc. Tilen "C:\Users\Tilen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated All users "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
No HKLM:Run HP Software Update Hewlett-Packard All users C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Yes HKLM:Run ManOWarHelper Razer Inc All users C:\Program Files (x86)\Razer\Razer_ManOWar_Driver\Drivers\SysAudio\ManOWarHelper.exe /start
Yes HKLM:Run MBCfg64 Microsoft Corporation All users C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
No HKLM:Run Nikon Message Center 2 Nikon Corporation All users C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
No HKLM:Run proxsign SETCCE All users "C:\Program Files (x86)\SETCCE\proXSign\bin\proxsign.exe" -autostart
Yes HKLM:Run RTHDVCPL Realtek Semiconductor All users "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
Yes HKLM:Run ShadowPlay Microsoft Corporation All users "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
Yes HKLM:Run Sound Blaster Cinema 2 Creative Technology Ltd All users "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
Yes HKLM:Run SunJavaUpdateSched Oracle Corporation All users "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Yes HKLM:Run UpdReg Creative Technology Ltd. All users C:\Windows\UpdReg.EXE
Yes HKLM:Run WindowsDefender All users "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
No Startup Common HP Digital Imaging Monitor.lnk Hewlett-Packard Co. All users C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
Yes Startup Common Killer Network Manager.lnk Flexera Software LLC All users C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe
No Startup User MEGAsync.lnk Mega Limited Tilen C:\Users\Tilen\AppData\Local\MEGAsync\MEGAsync.exe

#14 NeedHelpy

NeedHelpy
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 07 March 2018 - 09:28 PM

To mention: I was unable to delete 3 folders in Windows.old:
1. Windows
2. ProgramData
3. Program Files

#15 buddy215

buddy215

  • BC Advisor
  • 12,908 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:27 PM

Posted 08 March 2018 - 06:13 AM

Disable these Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run AdobeBridge Tilen
Yes HKCU:Run Discord Discord Inc. Tilen C:\Users\Tilen\AppData\Local\Discord\app-0.0.300\Discord.exe
Yes HKCU:Run uTorrent BitTorrent Inc. Tilen "C:\Users\Tilen\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated All users "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
Yes HKLM:Run ManOWarHelper Razer Inc All users C:\Program Files (x86)\Razer\Razer_ManOWar_Driver\Drivers\SysAudio\ManOWarHelper.exe /start

Yes HKLM:Run ShadowPlay Microsoft Corporation All users "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

Yes HKLM:Run UpdReg Creative Technology Ltd. All users C:\Windows\UpdReg.EXE
Yes Startup Common Killer Network Manager.lnk Flexera Software LLC All users C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes Task Adobe Flash Player Updater Adobe Systems Incorporated All users C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AdobeAAMUpdater-1.0-MicrosoftAccount-tilen.kroselj@hotmail.com Adobe Systems Incorporated Tilen C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
Yes Task ASC_ASCTray_Auto Tilen C:\Program Files (x86)\IObit\Advanced SystemCare Beta\ASCTray.exe /AlwaysShow
Yes Task CCleanerSkipUAC Piriform Ltd Tilen "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)

Yes Task GoogleUpdateTaskMachineUA Google Inc. All users C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Opera scheduled Autoupdate 1440107343 Opera Software All users C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)

Yes Task {31A8CE33-4FB9-48D9-A800-5D6C44DE1E7C} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a E:\browse.exe -d E:\
Yes Task {3B98B16A-B048-4383-9B02-1CAFA66E5F17} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Wondershare\PDFPasswordRemover\unins000.exe"
Yes Task {9AD4EF04-C8B6-495B-9573-19464A083587} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a F:\browse.exe -d F:\
Yes Task {BB2358EB-34F5-4B6F-ADDB-56B377AABAB7} Microsoft Corporation Tilen C:\Windows\system32\pcalua.exe -a "C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe" -d "C:\Program Files\SAMSUNG\USB Drivers"

 

Uninstall these programs:

Adobe AIR Adobe Systems Incorporated 13.6.2015 18.0.0.144 All users
Adobe Community Help Adobe Systems Incorporated 23.5.2015 3.0.0.400 All users

Adobe Media Player Adobe Systems Incorporated 23.5.2015 1.8 All users

Java 8 Update 151 Oracle Corporation 31.12.2017 99,7 MB 8.0.1510.12 All users
Java 8 Update 151 (64-bit) Oracle Corporation 31.12.2017 114 MB 8.0.1510.12 All users
Java SE Development Kit 8 Update 151 (64-bit) Oracle Corporation 31.12.2017 348 MB 8.0.1510.12 All users

 

After completing the above and rebooting......Rerun Eset Online Scanner and post the results.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss

A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users