Jump to content

Search the Community

Showing results for tags 'pup.optional.fastcomputer'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 2 results

  1. What is RocketFixio?The Malwarebytes research team has determined that RocketFixio is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.More information can be found on our Malwarebytes Labs blog.How do I know if I am infected with RocketFixio?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see these warnings during install:and this type of screens during "operations":You may see this entry in your list of installed programs:How did RocketFixio get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:How do I remove RocketFixio?Our program Malwarebytes can detect and remove this potentially unwanted application. We do advise however to uninstall the program using the Uninstall option in Windows. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of RocketFixio? No, Malwarebytes removes RocketFixio completely. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this system optimizer.As you can see below the full version of Malwarebytes would have protected you against the RocketFixio installer even before this PUP was added to our detections. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and Malwarebytes Browser Guard would have warned you about their website: Technical details for expertsYou may see these entries in FRST logs: (AMS Software -> AMS Software) C:\Program Files (x86)\RocketFixio\RocketFixioAdmin.exe C:\Users\Public\Desktop\RocketFixio.lnk C:\ProgramData\Desktop\RocketFixio.lnk C:\Users\{username}\AppData\Roaming\AMS Software C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketFixio C:\Program Files (x86)\RocketFixio RocketFixio 4.0 (HKLM-x32\...\{96D50215-BC87-4536-ADBA-99633C9B81EB}_is1) (Version: 4.0 - AMS Software) Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\RocketFixio Adds the file ArnMngr.exe"="2/18/2019 8:05 AM, 5242096 bytes, A Adds the file InstUtils.exe"="2/18/2019 8:05 AM, 38128 bytes, A Adds the file libeay32.dll"="2/17/2016 8:57 AM, 1192320 bytes, A Adds the file License.txt"="12/17/2018 2:16 PM, 1976 bytes, A Adds the file msvcr120.dll"="2/19/2016 6:43 PM, 970912 bytes, A Adds the file RocketFixio.exe"="2/18/2019 8:05 AM, 30685936 bytes, A Adds the file rocketfixio_video.mp4"="2/15/2019 10:01 AM, 11217953 bytes, A Adds the file RocketFixioAdmin.exe"="2/18/2019 8:05 AM, 30686448 bytes, A Adds the file ssleay32.dll"="2/17/2016 8:58 AM, 291200 bytes, A Adds the file unins000.dat"="5/28/2020 10:47 AM, 16181 bytes, A Adds the file unins000.exe"="5/28/2020 10:46 AM, 1186161 bytes, A Adds the file UninstallUtils.dll"="12/17/2018 1:40 PM, 829440 bytes, A Adds the folder C:\Program Files (x86)\RocketFixio\Data\Animation Adds the file SysInfo.gif"="9/28/2015 12:19 PM, 10881 bytes, A Adds the folder C:\Program Files (x86)\RocketFixio\Data\Fonts Adds the file OpenSans.ttf"="8/26/2015 12:42 PM, 217360 bytes, A Adds the file OpenSans-Light.ttf"="11/3/2012 6:48 AM, 222412 bytes, A Adds the file pfdindisplaypro-bold.ttf"="6/30/2015 11:52 AM, 409476 bytes, A Adds the file pfdindisplaypro-reg.ttf"="6/30/2015 11:52 AM, 430168 bytes, A Adds the file pfdindisplaypro-thin.ttf"="6/30/2015 12:10 PM, 505868 bytes, A Adds the folder C:\Program Files (x86)\RocketFixio\Lang Adds the file English.ini"="2/18/2019 7:23 AM, 83720 bytes, A Adds the folder C:\Program Files (x86)\RocketFixio\LibAV Adds the file avcodec-52.dll"="9/21/2012 1:45 PM, 9948672 bytes, A Adds the file avcore-0.dll"="9/21/2012 1:44 PM, 57856 bytes, A Adds the file avdevice-52.dll"="9/21/2012 1:44 PM, 16384 bytes, A Adds the file avfilter-1.dll"="9/21/2012 1:44 PM, 131072 bytes, A Adds the file avformat-52.dll"="9/21/2012 1:45 PM, 950784 bytes, A Adds the file avutil-50.dll"="9/21/2012 1:45 PM, 122880 bytes, A Adds the file SDL.dll"="9/21/2012 1:44 PM, 321536 bytes, A Adds the file swscale-0.dll"="9/21/2012 1:44 PM, 222720 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketFixio Adds the file Order full version.url"="5/28/2020 10:47 AM, 58 bytes, A Adds the file RocketFixio.lnk"="5/28/2020 10:47 AM, 1086 bytes, A Adds the file Tutorial.url"="5/28/2020 10:47 AM, 61 bytes, A Adds the file Uninstall program.lnk"="5/28/2020 10:47 AM, 1046 bytes, A Adds the file Visit website.url"="5/28/2020 10:47 AM, 49 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim Adds the file DelList.txt"="5/28/2020 10:47 AM, 0 bytes, A Adds the file ListOfDelayedStart.dat"="5/28/2020 10:47 AM, 216 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim\RegList Adds the file RegList.dat"="5/28/2020 10:47 AM, 2 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar Adds the file RocketFixio.lnk"="5/28/2020 10:47 AM, 1086 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Other\Dayly Adds the file Emotion.sor"="5/28/2020 10:47 AM, 8 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file RocketFixio.lnk"="5/28/2020 10:47 AM, 1068 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{96D50215-BC87-4536-ADBA-99633C9B81EB}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\RocketFixio\RocketFixio.exe" "DisplayName"="REG_SZ", "RocketFixio 4.0" "DisplayVersion"="REG_SZ", "4.0" "EstimatedSize"="REG_DWORD", 93722 "HelpLink"="REG_SZ", "http://rocketfixio.com/support.php" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\RocketFixio" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "RocketFixio" "Inno Setup: Language"="REG_SZ", "english" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon,pintotaskbar" "Inno Setup: Setup Version"="REG_SZ", "5.5.2 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20200528" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\RocketFixio\" "MajorVersion"="REG_DWORD", 4 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "AMS Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\RocketFixio\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\RocketFixio\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://rocketfixio.com/" "URLUpdateInfo"="REG_SZ", "http://rocketfixio.com/download.php" [HKEY_CURRENT_USER\Software\AMS Software\AmsOptim] "AmsNewsRuns"="REG_DWORD", 2 "CheckUpdates"="REG_BINARY, .... "TreeViewClean_chrome_cookie"="REG_DWORD", 0 "TreeViewClean_chrome_formss"="REG_DWORD", 0 "TreeViewClean_chrome_passwords"="REG_DWORD", 0 "TreeViewClean_chromium_cookie"="REG_DWORD", 0 "TreeViewClean_chromium_formss"="REG_DWORD", 0 "TreeViewClean_chromium_passwords"="REG_DWORD", 0 "TreeViewClean_cleanall_download_folder"="REG_DWORD", 0 "TreeViewClean_download_folder"="REG_DWORD", 0 "TreeViewClean_edge_cookie"="REG_DWORD", 0 "TreeViewClean_edge_forms"="REG_DWORD", 0 "TreeViewClean_edge_passwords"="REG_DWORD", 0 "TreeViewClean_firefox_cookie"="REG_DWORD", 0 "TreeViewClean_firefox_forms"="REG_DWORD", 0 "TreeViewClean_firefox_passwords"="REG_DWORD", 0 "TreeViewClean_ie_cookie"="REG_DWORD", 0 "TreeViewClean_ie_passwords"="REG_DWORD", 0 "TreeViewClean_opera_cookie"="REG_DWORD", 0 "TreeViewClean_opera_forms"="REG_DWORD", 0 "TreeViewClean_opera_passwords"="REG_DWORD", 0 "TreeViewClean_yandex_cookie"="REG_DWORD", 0 "TreeViewClean_yandex_forms"="REG_DWORD", 0 "TreeViewClean_yandex_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_chrome_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_chrome_formss"="REG_DWORD", 0 "TreeViewCleanPlanner_chrome_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_chromium_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_chromium_formss"="REG_DWORD", 0 "TreeViewCleanPlanner_chromium_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_cleanall_download_folder"="REG_DWORD", 0 "TreeViewCleanPlanner_download_folder"="REG_DWORD", 0 "TreeViewCleanPlanner_edge_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_edge_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_edge_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_firefox_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_firefox_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_firefox_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_ie_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_ie_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_opera_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_opera_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_opera_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_yandex_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_yandex_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_yandex_passwords"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Fast\Test] "Sweestreet"="REG_BINARY, .... Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/28/20 Scan Time: 10:57 AM Log File: 3a002ec6-a0c1-11ea-9dc5-00ffdcc6fdfc.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.920 Update Package Version: 1.0.24580 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 232495 Threats Detected: 9 Threats Quarantined: 9 Time Elapsed: 2 min, 59 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 2 PUP.Optional.FastComputer, HKCU\SOFTWARE\FAST\TEST, Quarantined, 4174, 816607, 1.0.24580, , ame, PUP.Optional.FastComputer, HKCU\SOFTWARE\AMS SOFTWARE\AmsOptim, Quarantined, 4174, 816654, 1.0.24580, , ame, Registry Value: 1 PUP.Optional.FastComputer, HKCU\SOFTWARE\FAST\TEST|SWEESTREET, Quarantined, 4174, 816607, 1.0.24580, , ame, Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\AMS Software\AmsOptim, Quarantined, 4174, 818987, 1.0.24580, , ame, PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\OTHER\DAYLY, Quarantined, 4174, 816958, 1.0.24580, , ame, File: 4 PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\OTHER\DAYLY\EMOTION.SOR, Quarantined, 4174, 816958, 1.0.24580, , ame, Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\ROCKETFIXIO\ROCKETFIXIO.EXE, Quarantined, 0, 392686, 1.0.24580, , shuriken, Generic.Malware/Suspicious, C:\USERS\{username}\DESKTOP\ROCKETFIXIO.EXE, Quarantined, 0, 392686, 1.0.24580, , shuriken, Generic.Malware/Suspicious, C:\USERS\{username}\DOWNLOADS\ROCKETFIXIO.EXE, Quarantined, 0, 392686, 1.0.24580, , shuriken, Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
  2. What is Fast Computer?The Malwarebytes research team has determined that Fast Computer is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.More information can be found on our Malwarebytes Labs blog.How do I know if I am infected with Fast Computer?This is how the main screen of the system optimizer looks:You will find these icons in your taskbar, your startmenu, and on your desktop:and see these warnings during install:and these types of screens during "operations":You may see this entry in your list of installed programs:How did Fast Computer get on my computer?These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:How do I remove Fast Computer?Our program Malwarebytes can detect and remove this potentially unwanted application. Please download Malwarebytes for Windows to your desktop. Double-click MBSetup.exe and follow the prompts to install the program. When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen. Click on the Get started button. Click Scan to start a Threat Scan. When the scan is finished click Quarantine to remove the found threats. Reboot the system if prompted to complete the removal process. Is there anything else I need to do to get rid of Fast Computer? No, Malwarebytes removes Fast Computer completely. How would the full version of Malwarebytes help protect me?We hope our application and this guide have helped you eradicate this system optimizer.As you can see below the full version of Malwarebytes would have protected you against the Fast Computer installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late. and both Malwarebytes Premium and Browser Guard block access to their domain: Technical details for expertsYou may see these entries in FRST logs: (AMS Software LLC -> AMS Software) C:\Program Files (x86)\Fast Computer\OptimAdmin.exe C:\Users\{username}\AppData\Roaming\AMS Software C:\Users\Public\Desktop\Ускоритель Компьютера.lnk C:\ProgramData\Desktop\Ускоритель Компьютера.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ускоритель Компьютера C:\Program Files (x86)\Fast Computer (AMS Software ) C:\Users\{username}\Desktop\FastComputerOT.exe Ускоритель Компьютера 4.0 (HKLM-x32\...\{EB9EE9A7-45C6-4F98-8463-2078E8BDC6E8}_is1) (Version: 4.0 - AMS Software) Shortcut: C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ускоритель Компьютера.lnk -> C:\Program Files (x86)\Fast Computer\OptimAdmin.exe (AMS Software) <==== Cyrillic Shortcut: C:\Users\Public\Desktop\Ускоритель Компьютера.lnk -> C:\Program Files (x86)\Fast Computer\OptimAdmin.exe (AMS Software) <==== Cyrillic Alterations made by the installer: File system details [View: All details] (Selection) --------------------------------------------------- Adds the folder C:\Program Files (x86)\Fast Computer Adds the file ArnMngr.exe"="1/20/2020 2:50 PM, 5240064 bytes, A Adds the file InstUtils.exe"="1/20/2020 2:50 PM, 38144 bytes, A Adds the file libeay32.dll"="2/17/2016 8:57 AM, 1192320 bytes, A Adds the file License.txt"="8/13/2015 10:46 AM, 964 bytes, A Adds the file msvcr120.dll"="2/19/2016 6:43 PM, 970912 bytes, A Adds the file Optim.exe"="1/20/2020 2:50 PM, 30642944 bytes, A Adds the file OptimAdmin.exe"="1/20/2020 2:50 PM, 30643456 bytes, A Adds the file ssleay32.dll"="12/30/2019 12:07 PM, 291200 bytes, A Adds the file unins000.dat"="5/4/2020 8:54 AM, 35945 bytes, A Adds the file unins000.exe"="5/4/2020 8:53 AM, 1187535 bytes, A Adds the file UninstallUtils.dll"="4/3/2018 1:50 PM, 829440 bytes, A Adds the file Обзорный видеоурок.mp4"="4/13/2018 6:33 PM, 14363257 bytes, A Adds the folder C:\Program Files (x86)\Fast Computer\Data\Animation Adds the file SysInfo.gif"="9/28/2015 12:19 PM, 10881 bytes, A Adds the folder C:\Program Files (x86)\Fast Computer\Data\Fonts Adds the file OpenSans.ttf"="8/26/2015 12:42 PM, 217360 bytes, A Adds the file OpenSans-Light.ttf"="11/3/2012 6:48 AM, 222412 bytes, A Adds the file pfdindisplaypro-bold.ttf"="6/30/2015 11:52 AM, 409476 bytes, A Adds the file pfdindisplaypro-reg.ttf"="6/30/2015 11:52 AM, 430168 bytes, A Adds the file pfdindisplaypro-thin.ttf"="6/30/2015 12:10 PM, 505868 bytes, A Adds the folder C:\Program Files (x86)\Fast Computer\LibAV Adds the file avcodec-52.dll"="9/21/2012 1:45 PM, 9948672 bytes, A Adds the file avcore-0.dll"="9/21/2012 1:44 PM, 57856 bytes, A Adds the file avdevice-52.dll"="9/21/2012 1:44 PM, 16384 bytes, A Adds the file avfilter-1.dll"="9/21/2012 1:44 PM, 131072 bytes, A Adds the file avformat-52.dll"="9/21/2012 1:45 PM, 950784 bytes, A Adds the file avutil-50.dll"="9/21/2012 1:45 PM, 122880 bytes, A Adds the file SDL.dll"="9/21/2012 1:44 PM, 321536 bytes, A Adds the file swscale-0.dll"="9/21/2012 1:44 PM, 222720 bytes, A Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ускоритель Компьютера Adds the file Купить полную версию.url"="5/4/2020 8:54 AM, 59 bytes, A Adds the file Он-лайн учебник.url"="5/4/2020 8:54 AM, 62 bytes, A Adds the file Сайт программы.url"="5/4/2020 8:54 AM, 50 bytes, A Adds the file Удалить программу.lnk"="5/4/2020 8:54 AM, 1060 bytes, A Adds the file Ускоритель Компьютера.lnk"="5/4/2020 8:54 AM, 1070 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\AMS Software Adds the folder C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim Adds the file DelList.txt"="5/4/2020 8:55 AM, 0 bytes, A Adds the file ListOfDelayedStart.dat"="5/4/2020 8:55 AM, 216 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim\RegList Adds the file RegList.dat"="5/4/2020 8:55 AM, 2 bytes, A In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar Adds the file Ускоритель Компьютера.lnk"="5/4/2020 8:54 AM, 1070 bytes, A Adds the folder C:\Users\{username}\AppData\Roaming\Other\Dayly Adds the file Emotion.sor"="5/4/2020 8:55 AM, 8 bytes, A In the existing folder C:\Users\Public\Desktop Adds the file Ускоритель Компьютера.lnk"="5/4/2020 8:54 AM, 1052 bytes, A Registry details [View: All details] (Selection) ------------------------------------------------ [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB9EE9A7-45C6-4F98-8463-2078E8BDC6E8}_is1] "DisplayIcon"="REG_SZ", "C:\Program Files (x86)\Fast Computer\Optim.exe" "DisplayName"="REG_SZ", "Ускоритель Компьютера 4.0" "DisplayVersion"="REG_SZ", "4.0" "EstimatedSize"="REG_DWORD", 101801 "HelpLink"="REG_SZ", "http://fast-computer.su/support.php" "Inno Setup: App Path"="REG_SZ", "C:\Program Files (x86)\Fast Computer" "Inno Setup: Deselected Tasks"="REG_SZ", "" "Inno Setup: Icon Group"="REG_SZ", "Ускоритель Компьютера" "Inno Setup: Language"="REG_SZ", "russian" "Inno Setup: Selected Tasks"="REG_SZ", "desktopicon,pintotaskbar" "Inno Setup: Setup Version"="REG_SZ", "5.5.2 (u)" "Inno Setup: User"="REG_SZ", "{username}" "InstallDate"="REG_SZ", "20200504" "InstallLocation"="REG_SZ", "C:\Program Files (x86)\Fast Computer\" "MajorVersion"="REG_DWORD", 4 "MinorVersion"="REG_DWORD", 0 "NoModify"="REG_DWORD", 1 "NoRepair"="REG_DWORD", 1 "Publisher"="REG_SZ", "AMS Software" "QuietUninstallString"="REG_SZ", ""C:\Program Files (x86)\Fast Computer\unins000.exe" /SILENT" "UninstallString"="REG_SZ", ""C:\Program Files (x86)\Fast Computer\unins000.exe"" "URLInfoAbout"="REG_SZ", "http://fast-computer.su/" "URLUpdateInfo"="REG_SZ", "http://fast-computer.su/download.php" [HKEY_CURRENT_USER\Software\AMS Software\AmsOptim] "AmsNewsRuns"="REG_DWORD", 2 "CheckUpdates"="REG_BINARY, .... "PromoVal"="REG_SZ", "OT" "TreeViewClean_chrome_cookie"="REG_DWORD", 0 "TreeViewClean_chrome_formss"="REG_DWORD", 0 "TreeViewClean_chrome_passwords"="REG_DWORD", 0 "TreeViewClean_chromium_cookie"="REG_DWORD", 0 "TreeViewClean_chromium_formss"="REG_DWORD", 0 "TreeViewClean_chromium_passwords"="REG_DWORD", 0 "TreeViewClean_cleanall_download_folder"="REG_DWORD", 0 "TreeViewClean_download_folder"="REG_DWORD", 0 "TreeViewClean_edge_cookie"="REG_DWORD", 0 "TreeViewClean_edge_forms"="REG_DWORD", 0 "TreeViewClean_edge_passwords"="REG_DWORD", 0 "TreeViewClean_firefox_cookie"="REG_DWORD", 0 "TreeViewClean_firefox_forms"="REG_DWORD", 0 "TreeViewClean_firefox_passwords"="REG_DWORD", 0 "TreeViewClean_ie_cookie"="REG_DWORD", 0 "TreeViewClean_ie_passwords"="REG_DWORD", 0 "TreeViewClean_opera_cookie"="REG_DWORD", 0 "TreeViewClean_opera_forms"="REG_DWORD", 0 "TreeViewClean_opera_passwords"="REG_DWORD", 0 "TreeViewClean_yandex_cookie"="REG_DWORD", 0 "TreeViewClean_yandex_forms"="REG_DWORD", 0 "TreeViewClean_yandex_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_chrome_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_chrome_formss"="REG_DWORD", 0 "TreeViewCleanPlanner_chrome_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_chromium_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_chromium_formss"="REG_DWORD", 0 "TreeViewCleanPlanner_chromium_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_cleanall_download_folder"="REG_DWORD", 0 "TreeViewCleanPlanner_download_folder"="REG_DWORD", 0 "TreeViewCleanPlanner_edge_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_edge_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_edge_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_firefox_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_firefox_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_firefox_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_ie_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_ie_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_opera_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_opera_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_opera_passwords"="REG_DWORD", 0 "TreeViewCleanPlanner_yandex_cookie"="REG_DWORD", 0 "TreeViewCleanPlanner_yandex_forms"="REG_DWORD", 0 "TreeViewCleanPlanner_yandex_passwords"="REG_DWORD", 0 [HKEY_CURRENT_USER\Software\Fast\Test] "Sweestreet"="REG_BINARY, .... Malwarebytes log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/4/20 Scan Time: 9:04 AM Log File: 8a4412d4-8dd5-11ea-a233-00ffdcc6fdfc.json -Software Information- Version: 4.1.0.56 Components Version: 1.0.889 Update Package Version: 1.0.23386 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: {computername}\{username} -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 233312 Threats Detected: 27 Threats Quarantined: 26 Time Elapsed: 3 min, 37 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 1 PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\OPTIMADMIN.EXE, Quarantined, 928, 816969, , , , Module: 4 PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\LIBAV\AVUTIL-50.DLL, Quarantined, 928, 817386, , , , PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\LIBAV\AVCODEC-52.DLL, Quarantined, 928, 817386, , , , PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\LIBAV\AVCORE-0.DLL, Quarantined, 928, 817386, , , , PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\OPTIMADMIN.EXE, Quarantined, 928, 816969, , , , Registry Key: 3 PUP.Optional.FastComputer, HKCU\SOFTWARE\AMS SOFTWARE\AmsOptim, Quarantined, 928, 816654, 1.0.23386, , ame, PUP.Optional.FastComputer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{EB9EE9A7-45C6-4F98-8463-2078E8BDC6E8}_IS1, Quarantined, 928, 816966, 1.0.23386, , ame, PUP.Optional.FastComputer, HKCU\SOFTWARE\FAST\TEST, Quarantined, 928, 816607, 1.0.23386, , ame, Registry Value: 2 PUP.Optional.FastComputer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{EB9EE9A7-45C6-4F98-8463-2078E8BDC6E8}_IS1|HELPLINK, Quarantined, 928, 816966, 1.0.23386, , ame, PUP.Optional.FastComputer, HKCU\SOFTWARE\FAST\TEST|SWEESTREET, Quarantined, 928, 816607, 1.0.23386, , ame, Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 4 PUP.Optional.FastComputer, C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim\RegList, Quarantined, 928, 816957, , , , PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\AMS SOFTWARE\AMSOPTIM, Quarantined, 928, 816957, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER, Removal Failed, 928, 817386, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\OTHER\DAYLY, Quarantined, 928, 816958, 1.0.23386, , ame, File: 13 PUP.Optional.FastComputer, C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim\RegList\RegList.dat, Quarantined, 928, 816957, , , , PUP.Optional.FastComputer, C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim\DelList.txt, Quarantined, 928, 816957, , , , PUP.Optional.FastComputer, C:\Users\{username}\AppData\Roaming\AMS Software\AmsOptim\ListOfDelayedStart.dat, Quarantined, 928, 816957, , , , PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\OTHER\DAYLY\EMOTION.SOR, Quarantined, 928, 816958, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\WINDOWS\RECENT\FAST COMPUTER SETUP 4.0 - CHANGES.TXT.LNK, Quarantined, 928, 816956, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\LIBAV\AVUTIL-50.DLL, Quarantined, 928, 817386, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\LIBAV\AVCODEC-52.DLL, Quarantined, 928, 817386, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\LIBAV\AVCORE-0.DLL, Quarantined, 928, 817386, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\Ускоритель Компьютера.lnk, Quarantined, 928, 816969, , , , PUP.Optional.FastComputer, C:\USERS\{username}\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\User Pinned\TaskBar\Ускоритель Компьютера.lnk, Quarantined, 928, 816969, , , , PUP.Optional.FastComputer, C:\USERS\PUBLIC\Desktop\Ускоритель Компьютера.lnk, Quarantined, 928, 816969, , , , PUP.Optional.FastComputer, C:\PROGRAM FILES (X86)\FAST COMPUTER\OPTIMADMIN.EXE, Quarantined, 928, 816969, 1.0.23386, , ame, PUP.Optional.FastComputer, C:\USERS\{username}\DESKTOP\FASTCOMPUTEROT.EXE, Quarantined, 928, 816930, 1.0.23386, , ame, Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end) As mentioned before the full version of Malwarebytes could have protected your computer against this threat.We use different ways of protecting your computer(s): Dynamically Blocks Malware Sites & Servers Malware Execution Prevention Save yourself the hassle and get protected.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.