Jump to content

AdvancedSetup

Root Admin
  • Content count

    69,827
  • Joined

  • Last visited

About AdvancedSetup

  • Rank
    Staff

Contact Methods

  • Website URL
    https://www.malwarebytes.org

Profile Information

  • Location
    US

Recent Profile Visitors

339,557 profile views
  1. AdvancedSetup

    Maxthon hijack?

    Hi @Devans23 Sorry about that. It is an anti-spam routine that saw you posting too quickly. I've set it to allow. Please go ahead and post other logs as needed. Thank you Ron
  2. AdvancedSetup

    AdvancedSetup, can you help please?

    You would be surprised. I have receipts for most items I've purchased even from 20 years ago but that's me, I'm pretty practical and technical about most things. I'm going to close this topic though as it's run it's course and we have explained the issue. Once it is ready we will post and let users know. Thank you
  3. AdvancedSetup

    Help with possible trojan or miner

    Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks
  4. AdvancedSetup

    Help with possible trojan or miner

    Thank you very much for the kind words Andrea. Hope you have a great Memorial Day holiday Ron
  5. AdvancedSetup

    Help with possible trojan or miner

    That should be good. I'll leave you a little information to read and go ahead and close up your topic soon. At this time there are no more signs of an infection on your system. However if you are still seeing any signs of an infection please let me know. If there are any other leftover Folders, Files, Logs or programs used in the cleaning process you can delete them on your own. Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete) IE: C:\FRST folder, FRST -OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall. AdwCleaner also has a built-in uninstaller if you wish to remove. As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers How do I disable Java in my web browser? - Disable Java A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data. Nothing is 100% bulletproof but with a little bit of education, you can certainly swing things in your favor. How Malware Spreads - How did I get infected Best Practices for Safe Computing - Prevention of Malware Infection Avoiding those unwanted free applications A close look at how Oracle installs deceptive software with Java updates IAC / Ask.com toolbars Malwarebytes Unpacked Blog If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection. Thank you and take care Ron
  6. AdvancedSetup

    scvhost.exe NULL Avoiding Detection

    Great, glad to hear. If you do need something else though please let me know Cheers Ron
  7. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks
  8. Please try downloading and reinstalling Microsoft Security Essentials. See if it can repair itself.
  9. AdvancedSetup

    Help with possible trojan or miner

    Please run the following and it will remove it for you. Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Ron
  10. Let me have you run a Kaspersky antivirus scan and see what it can find. Please download and run the following Kaspersky antivirus to remove any found threats Kaspersky Virus Removal Tool Let me know what it finds. Thanks Ron
  11. AdvancedSetup

    Help with possible trojan or miner

    You can keep Team Viewer, I'd probably set the service to disabled or manual. I'd probably remove the SSHD stuff. I don't think Team Viewer puts that in.
  12. AdvancedSetup

    AdvancedSetup, can you help please?

    Purchase online with us verifies proof of purchase electronically. Having a license does not verify proof of purchase. We have black listed millions of illegal licenses. There is no easy way to automate proof of purchase from the thousands of various places our product has been sold in the past. It's been a few years since the last lifetime license was sold and many users and businesses don't have documentation and many places were selling illegal licenses. Some sold the same license to hundreds of different users, so the logistics are not as easy as you think. As we have said from the beginning, keep a copy of your proof of purchase and if you have an issue activating, we'll correct it, but you'll need to open a support ticket for licensing issues. Thank you
  13. AdvancedSetup

    Help with possible trojan or miner

    It's designed to do remote control of the system. You have TeamViewer installed and it too is a remote control application. If you've installed it and use it then nothing wrong, but if not and you're not familiar with it I'd recommend uninstalling it and removing the sshd
  14. AdvancedSetup

    Help with possible trojan or miner

    Please download the attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST or FRST64 and press the Fix button just once and wait. If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart. The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. fixlist.txt Thanks again Ron
  15. AdvancedSetup

    Help with possible trojan or miner

    Are you running these on purpose? S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970752 2018-03-10] () I'll write you another script repair. There is still a little left over.
×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.