Jump to content

Recommended Posts

Hello and welcome!

I'm Radek and I'll try to help you with your issue.

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
I can't foresee everything, so if anything unexpected happens, please stop and inform me!

There are no silly questions. Never be afraid to ask if in doubt!

warning.gif Rules and policies

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.

  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
Link to post
Share on other sites

Thank you for the help. Here is the file.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/28/2015
Scan Time: 3:38:48 PM
Logfile: history log.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.28.10
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ryan
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 330352
Time Elapsed: 8 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.GoldenCoupon.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, Quarantined, [e76a4fa80386e056b67c4331db286a96], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.GoldenCoupon.A, C:\ProgramData\GoldenCoupon, Quarantined, [e76a4fa80386e056b67c4331db286a96], 
 
Files: 13
PUP.Optional.InstallCore, C:\Users\Ryan\AppData\Roaming\1H1Q\Open Office Packages\uninstaller.exe, Quarantined, [d77a49aed4b557df5c14d741e220fe02], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (1).exe, Quarantined, [b69b6b8cb7d249ed14454ead4bb6d62a], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (2).exe, Quarantined, [4809d225cfbadb5b88d109f2ef1225db], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (3).exe, Quarantined, [4908a94e8dfca690401933c811f007f9], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (4).exe, Quarantined, [b899c82fc0c9c17560f91fdc6899e31d], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (5).exe, Quarantined, [dc7548af35543006b0a9de1d887915eb], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (6).exe, Quarantined, [341d5e99b8d1a690adac03f851b0946c], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (7).exe, Quarantined, [55fc04f3424780b6a9b09e5d679a966a], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup (8).exe, Quarantined, [173a57a04a3f0d29aeab877431d0f10f], 
PUP.Optional.Softpulse, C:\Users\Ryan\Downloads\Setup.exe, Quarantined, [4e030ceb6d1c1b1ba9b09764c63b43bd], 
PUP.Optional.GoldenCoupon.A, C:\ProgramData\GoldenCoupon\GoldenCoupon.exe, Quarantined, [e76a4fa80386e056b67c4331db286a96], 
PUP.Optional.Trovi, C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "search_url": "http://www.trovi.com/Results.aspx?gd=&ctid=CT3330389&octid=EB_ORIGINAL_CTID&ISID=M1660E9B2-F2E0-4798-9DFA-98F6D2D7B485&SearchSource=58&CUI=&UM=6&UP=SPEF81FA7D-5C09-43FB-8F67-95D544C7C80D&q={searchTerms}&SSPV=",),Replaced,[6ee350a726631026529128bb8481639d]
PUP.Optional.Conduit, C:\Users\Ryan\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",),Replaced,[80d106f15c2d14225193e201d72ec43c]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Yes, but there's an order to run each tool for a reason. We'll run FRST now.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

There will be two versions to download: 32-bit and 64-bit. Please download the one that is designed for your system. If you don't know which one should it be, download both of them and try each other out. Only one will run - this is the right one. Please leave it and delete the other.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites

Hi,

plenty of work to be done here. Your Chrome settings have been bypassed/altered so you'll have to reinstall it, but after we are done. I'll notify you.

JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!

Please also manually reboot your machine after this procedure.

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • The program will begin to update the database (if internet connection is operational). Please wait a little bit.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
Please include the contents of that file in your reply.
Link to post
Share on other sites

Here are the scans.

 

# AdwCleaner v4.109 - Report created 30/01/2015 at 15:50:40
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Ryan - RYANS_LAPTOP
# Running from : C:\Users\Ryan\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\646a3724e54faa20
Folder Deleted : C:\Program Files\Quiknowledge
Folder Deleted : C:\Users\Ryan\AppData\Roaming\1H1Q
Folder Deleted : C:\ProgramData\hdhlohnoninaedfflojpbmcooceajopa
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : RocketTab Update Task
Task Deleted : RocketTab
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FCF8BFD3-39B8-4370-B464-EC2AAACD97CF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\Vittalia
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\SPPDCOM
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17037
 
 
-\\ Google Chrome v40.0.2214.94
 
 
*************************
 
AdwCleaner[R0].txt - [2530 octets] - [30/01/2015 15:48:07]
AdwCleaner[s0].txt - [2046 octets] - [30/01/2015 15:50:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2106 octets] ##########
 
 
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Ryan on Fri 01/30/2015 at 15:29:36.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\ProgramData\LuckyCouPoen
Successfully deleted: [Folder] C:\ProgramData\RROyalShopperAppp
Successfully deleted: [Folder] C:\ProgramData\SaleesCHecker
Successfully deleted: [Folder] C:\ProgramData\SalesCHecker
Successfully deleted: [Folder] C:\ProgramData\SalesuMaggnet
Successfully deleted: [Folder] C:\ProgramData\SOfTCouep
Successfully deleted: [Folder] "C:\ProgramData\browser"
Successfully deleted: [Folder] "C:\ProgramData\instashare"
Successfully deleted: [Folder] "C:\Program Files (x86)\quiknowledge"
Successfully deleted: [Folder] "C:\Program Files (x86)\tidynetwork"
Successfully deleted: [Folder] "C:\Users\Ryan\documents\optimizer pro"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 01/30/2015 at 15:34:01.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Link to post
Share on other sites

Glad to hear that, but we're not done. Still alot before us.

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites

Hi and sorry for the delay, I blame it on the jetlag.



remove%20outdated.jpg Uninstall some programs

We need to uninstall some programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time

The list of programs to uninstall:

  • Open Office Packages

Pay special attention when uninstalling, some of the programs may have checkboxes that will either install others instead or ask you to leave them installed!
After completing uninstalls, please manually reboot your machine!


51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;autoclean;emptyclsid;C:\windows\Sysnative\sdo2ml6.dll;virustotal{FFAAAB72-30FB-4B20-8BA5-1F76989A605B};c
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Please include its content in your next reply.
Don't forget to re-enable your switched-off protection software!

Link to post
Share on other sites

Hi Radek,

After we are done will we be able to reinstall Open Office?

 

 
Zoek.exe v5.0.0.0 Updated 06-February-2015
Tool run by Ryan on Fri 02/06/2015 at 19:08:28.55.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ryan\Desktop\zoek.exe [scan all users] [script inserted] 
 
==== System Restore Info ======================
 
2/6/2015 7:09:46 PM Zoek.exe System Restore Point Created Succesfully.
 
==== VirusTotal Scan ======================
 
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=0 folders=0 0 bytes)
 
==== EOF on Fri 02/06/2015 at 19:12:31.24 ======================
Link to post
Share on other sites

We'll see. I need a fresh FRST report after all that.

 

 

 
FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool.
Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
> XP users click run after receipt of Windows Security Warning - Open File.
> 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
Make sure that Addition option is checked.
Press Scan button and wait.
The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.
Link to post
Share on other sites

OK, let's purify Chrome now.

chrome.png Reset Chrome to defaults

Please open Google Chrome.

  • Enter the Chrome menu by clicking the chrome-menu.png button.
  • Select Settings.
  • Click Show advanced settings and find the Reset browser settings section.
  • Click Reset browser settings.
  • In the dialog that appears, click Reset.
  • Chrome will reset itself.
Bare in mind that all your browsing history, passwords, cookies will be saved. This procedure will only remove all extensions, themes, plugins etc. and restore Chrome engine to a state similar after a fresh installation.
Link to post
Share on other sites

OK, so now we need to reinstall it.

remove%20outdated.jpg Uninstall some programs

We need to uninstall some programs.

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search there for each entry mentioned below, right-click the entry and click Uninstall one at a time
The list of programs to uninstall:
  • Google Chrome
After completing uninstalls, please manually reboot your machine!

chrome.png Google Chrome reinstall

Please go to the official Chrome download website and install a fresh version.

Link to post
Share on other sites

Good. Let's make some final scans then.

51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.
Please include the content of that document.

ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Please visit ESET Online Scanner website.

Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.
If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.
To perform the scan:
  • Make sure that Enable detecion of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Use custom proxy settings is unchecked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.

Don't forget to re-enable previously switched-off protection software!

Link to post
Share on other sites

Here are the 2 scans.

 

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# product=EOS
# version=8
# IEXPLORE.EXE=11.00.9600.16384 (winblue_rtm.130821-1623)
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=77cdefa7468b7743ae14f4713fb34405
# engine=22404
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-02-10 07:37:12
# local_time=2015-02-10 01:37:12 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.3.9600 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 39991729 0 0
# scanned=238755
# found=12
# cleaned=0
# scan_time=6311
sh=426802626A8B4D633330AA090EB8C34B909AF626 ft=1 fh=6f9bcc5c95e0319a vn="a variant of Win32/SoftPulse.S potentially unwanted application" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2184052683-1741030757-3614636820-1001\$R6FL56U.exe"
sh=35966D9A14EDB05B66BB02FE3834ABDA903EF689 ft=0 fh=0000000000000000 vn="JS/Kryptik.ATB trojan" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\hdhlohnoninaedfflojpbmcooceajopa\q9jyhzeO.js.vir"
sh=560A8FB4F6AABAEEF5A1594471937FCE5DA7EF96 ft=1 fh=9dc5c0ca431585cc vn="a variant of MSIL/Adware.PullUpdate.K.gen application" ac=I fn="C:\ProgramData\jiWVDDtPgrj\dat\kpvIRQkEI.dll"
sh=08B8AD866A27ADACE4F29D9155AFBAF1CAAE1F15 ft=1 fh=7fcca138d1725700 vn="a variant of MSIL/Adware.PullUpdate.K.gen application" ac=I fn="C:\ProgramData\jiWVDDtPgrj\dat\laiyVKrec.dll"
sh=560A8FB4F6AABAEEF5A1594471937FCE5DA7EF96 ft=1 fh=9dc5c0ca431585cc vn="a variant of MSIL/Adware.PullUpdate.K.gen application" ac=I fn="C:\Users\All Users\jiWVDDtPgrj\dat\kpvIRQkEI.dll"
sh=08B8AD866A27ADACE4F29D9155AFBAF1CAAE1F15 ft=1 fh=7fcca138d1725700 vn="a variant of MSIL/Adware.PullUpdate.K.gen application" ac=I fn="C:\Users\All Users\jiWVDDtPgrj\dat\laiyVKrec.dll"
sh=DD6E088E22874B283348A15DB5159C7B20CC6D22 ft=1 fh=fe9dda6ca79832a6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Ryan\Downloads\25623-673284-ccleaner.exe"
sh=74507D2AD5D69252167B682B5FA7E693E1AE0652 ft=1 fh=c644006b49a165d6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Ryan\Downloads\ccsetup502.exe"
sh=270D0C8B3EC68CFBC58F4D0F7EEF5A08C5330713 ft=1 fh=d39f0adf6fd44a53 vn="NSIS/TrojanDownloader.Adload.AA trojan" ac=I fn="C:\Users\Ryan\Downloads\FLVPlayer-Chrome.exe"
sh=BF79312F0BCA9FDBD455F0E6C184212BB4CA4411 ft=1 fh=00ae859c95e0319a vn="a variant of Win32/SoftPulse.S potentially unwanted application" ac=I fn="C:\Users\Ryan\Downloads\Installation.exe"
sh=F796F3E70304AE3A041B9176AD8E197C9E1FCA6D ft=1 fh=5c6c1b2fa77e8b94 vn="Win32/OutBrowse.BU potentially unwanted application" ac=I fn="C:\Users\Ryan\Downloads\Java (1).exe"
sh=795CF822898746752DA0339E504822F8ED6FA64D ft=1 fh=6876035103f347a1 vn="Win32/OutBrowse.BU potentially unwanted application" ac=I fn="C:\Users\Ryan\Downloads\Java.exe"
 
Results of screen317's Security Check version 0.99.96  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
  Java 64-bit 8 Update 31  
 Google Chrome (40.0.2214.111) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.