Jump to content

Recommended Posts

Hi, 

Last evening, I saw the yellow caution on the Windows Security icon.  When I opened, the section about unwanted apps stated this computer had one.  In looking at the name of it (wished I would have taken a snip of screen to show you the name), the name seems familiar to me...like I've had problems with it before.  It had "piriform" and "cc" in the name.  I did have CCleaner on my computer a few years ago, and since have dealt with remnants.  

So, I ran some reports for you (malwarebytes didn't find anything, but couldn't find a report from that scan) and will include a snip of my 'unwanted app security' from this morning.

Thank you in advance for your help! ~Julie

image.png.aa7d29f19f70be0e99023b06dace7658.png

AdwCleaner[S06]211109.txt FRST211109.txt Addition211109.txt

Link to post
Share on other sites

  • Root Admin

Hello @jammin67

Please go to Control Panel, Programs, Programs and Features and uninstall the following

 

Bonjour
 

 

Windows Defender does not like the following file from CCleaner - please delete it if it's still there

C:\Users\julie\Documents\Downloads\ccsetup563.exe
 

 

 

Push Notifications on your browser appear to be enabled.

Are you sure you want this enabled or allowed?

https://blog.malwarebytes.com/security-world/technology/2019/01/browser-push-notifications-feature-asking-abused/

Turn notifications on or off - Google Chrome

Web Push notifications in Firefox

 

 

 

Please consider changing your default DNS Sever settings. Please choose one provider only

DNS is what lets users connect to websites using domain names instead of IP addresses

  • Google Public DNS: IPv4   8.8.8.8 and 8.8.4.4   IPv6   2001:4860:4860::8888 and 2001:4860:4860::8844
  • Cloudflare: IPv4   1.1.1.1 and 1.0.0.1   IPv6   2606:4700:4700::1111 and 2606:4700:4700::1001
  • OpenDNS: IPv4   208.67.222.222 and 208.67.220.220  IPv6  2620:119:35::35 and 2620:119:53::53
  • DNSWATCH: IPv4   84.200.69.80 and 84.200.70.40   IPv6  2001:1608:10:25::1c04:b12f and 2001:1608:10:25::9249:d69b

The Ultimate Guide to Changing Your DNS Server
https://www.howtogeek.com/167533/the-ultimate-guide-to-changing-your-dns-server/

 

 

Please run the following for me

SecurityCheck by glax24              

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If Microsoft SmartScreen blocks the download, click through to save the file
  • This tool is safe.   Smartscreen is overly sensitive.
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

image.png

image.png

image.png

 

Thank you

 

 

Link to post
Share on other sites

  • Root Admin

Understood Julie. I hear you, I spent thirty years of my forty five years of work performing two full time jobs. Takes a toll after a while. I'm finally back down to one job again. 😆

I'll check back once the system alerts me you've replied.

Cheers @jammin67

 

Link to post
Share on other sites

Hi,

I had a lot of trouble with my internet.  Then, part way through troubleshooting, I decided to restart the laptop.  When I did this, it started processing/installing a windows update.  After this finished, I was finally able to use the internet and the laptop without very slow behavior.  See my notes by your directions below.

uninstall the following

Bonjour  *Uninstall done*
 

Windows Defender does not like the following file from CCleaner - please delete it if it's still there

C:\Users\julie\Documents\Downloads\ccsetup563.exe *couldn't locate this file in that directory.  If it would be somewhere else, I could look again. Please advise.*
 

Push Notifications on your browser appear to be enabled.

Are you sure you want this enabled or allowed? *I did  disable most of them, but left notifications for FB and Google (calendar)*

 

Please consider changing your default DNS Sever settings. Please choose one provider only  *I have a T-P Link C7, and tried to figure this out.  In the end, I could not figure out which setting(s) to change, and what to change it to.  So, not done.  Please advise.*

DNS is what lets users connect to websites using domain names instead of IP addresses

  • Google Public DNS: IPv4   8.8.8.8 and 8.8.4.4   IPv6   2001:4860:4860::8888 and 2001:4860:4860::8844
  • Cloudflare: IPv4   1.1.1.1 and 1.0.0.1   IPv6   2606:4700:4700::1111 and 2606:4700:4700::1001
  • OpenDNS: IPv4   208.67.222.222 and 208.67.220.220  IPv6  2620:119:35::35 and 2620:119:53::53
  • DNSWATCH: IPv4   84.200.69.80 and 84.200.70.40   IPv6  2001:1608:10:25::1c04:b12f and 2001:1608:10:25::9249:d69b

The Ultimate Guide to Changing Your DNS Server
https://www.howtogeek.com/167533/the-ultimate-guide-to-changing-your-dns-server/

Please run the following for me

SecurityCheck by glax24              *text file attached*

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If Microsoft SmartScreen blocks the download, click through to save the file
  • This tool is safe.   Smartscreen is overly sensitive.
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

 

Thank you

 

SecurityCheck211111.txt

Link to post
Share on other sites

  • Root Admin

Hello @jammin67

Changing your DNS to Google Public DNS is probably the easiest for most users

https://developers.google.com/speed/public-dns/docs/using

Here is a YouTube video to show how to make the changes as well

 

Please uninstall, update, or otherwise address the following as appropriate for  your system

 


--------------------------- [ OtherUtilities ] ----------------------------

Evernote v. 5.9.1 v.5.9.1.8742 Warning! Download Update


------------------------------- [ Backup ] --------------------------------

Dropbox 25 GB v.3.1.18.0 Warning! Download Update


-------------------------------- [ Media ] --------------------------------

iTunes v.12.12.1.1 Warning! Download Update
^Please use Apple Software Update tool.^

 

Let me know if you need further assistance with any of these items.

Thanks

 

 

Link to post
Share on other sites

 

Hi,

Sorry for the delay, again working two jobs.  Please see notes below.

 

*Not yet done.  I work from home (for part-time job) on a business-owned computer, and must work a minimum of hours.  I don't want anything to jeopardize my getting the hours in (for week-ending today) no unwanted complications for that computer.  I will attend to this either this evening or tomorrow.*

Changing your DNS to Google Public DNS is probably the easiest for most users

https://developers.google.com/speed/public-dns/docs/using

Here is a YouTube video to show how to make the changes as well

Here is another YouTube video that describes another way of editing the DNS settings

These are the values you want

IPv4   8.8.8.8 and 8.8.4.4

IPv6   2001:4860:4860::8888 and 2001:4860:4860::8844

 

Please uninstall, update, or otherwise address the following as appropriate for  your system

*Evernote uninstalled (I don't use it anyhow)*
--------------------------- [ OtherUtilities ] ----------------------------

Evernote v. 5.9.1 v.5.9.1.8742 Warning! Download Update

*Dropbox uninstalled (I don't use it anyhow)*
------------------------------- [ Backup ] --------------------------------

Dropbox 25 GB v.3.1.18.0 Warning! Download Update


-------------------------------- [ Media ] --------------------------------

**This one I messed up**

I didn't really understand that I should use the Apple Software Update tool, even though I know I read it.  (Blame it on my exhausted mind/body.)  Anyhow, I have other issues now.  So first, I looked up in the Windows 10 Settings, under all apps & features.  From that page, I tried to "modify" but I think I accidentally clicked on remove...since the icon and program were no longer visible afterward.  I went to apple website and downloaded iTunes.  It even opened once.  Sometime thereafter, when I tried to open the program, I now get the error message listed below.  I do apologize for this added headache.  I'm pleased to inform you that this is the last week I should have to work so many hours at full-time job, and I'll do my best to follow your new instructions to a "T".

iTunes v.12.12.1.1 Warning! Download Update
^Please use Apple Software Update tool.^

image.png.d5ec918d5bf0884deb5e08d50d539086.png

Thank you, Julie

Edited by AdvancedSetup
corrected font issue
Link to post
Share on other sites

Hi,

DONE- That last YouTube video explained the DNS pretty easy.  So I just changed it from my computer.  I had thought it was something I had to change from the router, which might affect the work computer for PT job.

As for the iTunes issue, I did some reading and figured out how to reinstall it onto the computer through MS store.  Before, I was using Apple's website.  Everything there is running smoothly now, and didn't seem to reinstall the Bonjour.

Are there any other changes or scans I should run?

Thank you,  Julie

 

 

 

 

Link to post
Share on other sites

  • Root Admin

Good day @jammin67

We can go ahead and run a scan from Microsoft to verify that it does not find any infections on the system.

Please ignore the on screen scan for "infected files" as that is often wrong and appears to be part of the scanning process from Microsoft. We'll just review the actual log once it's completed.

 

 

Microsoft Safety Scanner

Please make sure you Exit out of any other program you might have open so that the sole task is to run the following scan.   
That goes especially for web browsers, make sure all are fully exited out of and messenger programs are exited and closed as well
 

STEP 1

Please set File Explorer to SHOW ALL folders, all files, including hidden ones.  Use OPTION ONE or TWO of this article

https://www.tenforums.com/tutorials/7078-turn-off-show-all-folders-windows-10-navigation-pane.html

STEP 2

I suggest a new scan for viruses & other malware. This may take several hours, depending on the number of files on the system and the speed of the computer.

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Look on the Scan Options & select the FULL scan.

Then start the scan. Have lots of patience. It may take several hours.

  • Once you see it has started, take a long long break;  walk away.  Do not pay credence if you see some intermediate early flash messages on the screen display.  The only things that count are the End result at the end of the run.
  • The scan will take several hours.  Leave it alone. It will remove any other remaining threats as it goes along.  Take a very long break, do your normal personal errands .....just do not use the computer during this scan.

This is likely to run for many hours as previously mentioned  ( depending on the number of files on your machine & the speed of the hardware.)

The log is named MSERT.log  and the log will be at C:\Windows\debug\msert.log

Please attach that log with your next reply.

Thank you

 

Link to post
Share on other sites

  • 4 months later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.