Page 10 of 17 FirstFirst ... 89101112 ... LastLast
  1.    17 Nov 2015 #91
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    I ran the Malwarebytes AM Scan (complete); it took a few minutes over 2 hours: below is the Scan Log of items detected:
    There were only 16 items.
    I notice that "shopperz" is on the list: this is one file that gave me a lot of trouble: it constantly plagued me.

    I just clicked on Remove Detected Files. It says that they were all quarantined.

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 11/17/2015
    Scan Time: 5:26 PM
    Logfile:
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2015.11.17.07
    Rootkit Database: v2015.11.14.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x86
    File System: NTFS
    User: User

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 516948
    Time Elapsed: 2 hr, 5 min, 4 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 16
    PUP.Optional.CrossBrowse, C:\AdwCleaner\Quarantine\C\Program Files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\metro_driver.dll.vir, , [93883847286359dd69abacc8e420be42],
    PUP.Optional.CrossBrowse, C:\AdwCleaner\Quarantine\C\Program Files\Crossbrowse\Crossbrowse\Application\39.6.2171.95\nacl64.exe.vir, , [7ba03847e0ab9e985abae094966e1ce4],
    PUP.Optional.MindSpark, C:\AdwCleaner\Quarantine\C\Program Files\MapsGalaxy_39\bar\1.bin\T8RES.DLL.vir, , [bc5fb5ca602bc6709c5f99e1a95bd927],
    PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Program Files\shopperz101120150230\Jijlofd.dll.vir, , [9f7c4d32e1aaa78fa7eb2b6bca370bf5],
    PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Program Files\shopperz101120150230\Jijlofd64.dll.vir, , [1dfe3f402c5f3df9f6d71a7cf908c13f],
    PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Program Files\shopperz121120151540\Gucarog.dll.vir, , [b5665b242863d462f39fe5b103fe6a96],
    PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\Program Files\shopperz121120151540\Gucarog64.dll.vir, , [fe1ddaa557344fe794399cfa7d84da26],
    PUP.Optional.FastBrowser, C:\AdwCleaner\Quarantine\C\Program Files\speed browser\Application\shortcut.exe.vir, , [6daedca3b0db67cf894069c3f60a946c],
    PUP.Optional.SwiftSearch, C:\AdwCleaner\Quarantine\C\Program Files\SwiftSearch_1.10.0.25\Uninstall.exe.vir, , [46d56817d7b46bcb4615f388669efe02],
    PUP.Optional.Yontoo, C:\AdwCleaner\Quarantine\C\ProgramData\260dee10-c5d7-419f-8be9-a3d98ba1c6c6\plugins\12\resources\plugin.dll.vir, , [1a0176097f0c46f0c0f5b69bcc35d729],
    PUP.Optional.PullUpdate, C:\AdwCleaner\Quarantine\C\ProgramData\TVTime\Uninstall.exe.vir, , [bd5ed0af7c0fe74f141436453dc752ae],
    PUP.Optional.QuarkNetwork, C:\AdwCleaner\Quarantine\C\Users\User\AppData\Roaming\NetService\sc.exe.vir, , [74a7e897c4c7b87ed8a5920a25dc3dc3],
    Trojan.FilePatch.DNSApi, C:\AdwCleaner\Quarantine\C\WINDOWS\system32\dnsapi.dll.vir, , [55c695eaf893d1658ff79a6646ba847c],
    PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\WINDOWS\system32\Gucarog.dll.vir, , [af6cee91f4973ef8f79be0b6ef12659b],
    PUP.Optional.Komodia.WnskRST, C:\AdwCleaner\Quarantine\C\WINDOWS\system32\Jijlofd.dll.vir, , [27f43e4193f80234c3cfebab10f16d93],
    PUP.Optional.CheckOffer, C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\RXW76L2D\VuuPC_VO2_8907[1].exe, , [ce4d2956701b86b0799d5ea250b1eb15],

    Physical Sectors: 0
    (No malicious items detected)


    (end)
      My ComputerSystem Spec
  2.    17 Nov 2015 #92
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    MWAM wanted a "Restart," so I just restarted. The same DLL Error message appeared, by the way.
      My ComputerSystem Spec
  3.    17 Nov 2015 #93
    Join Date : Apr 2015
    Posts : 12,990
    W10Prox64

    Okay, this is a good scan. All of the items were from the quarantine using ADWCleaner, except for one:

    PUP.Optional.CheckOffer, C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE\RXW76L2D\VuuPC_VO2_8907[1].exe, , [ce4d2956701b86b0799d5ea250b1eb15],
    --------------------------------------
    updating the RECAP list:

    DONE-Set another restore point,
    DONE-Run ESET from Firefox, save the log file and paste it here, let it delete whatever it finds.
    DONE-Run Malwarebytes Anti-Exploit (see post #17)
    Download and install Malwarebytes Anti-Exploit
    This will help protect your browsers against zero-day attacks.
    DONE-Run SuperAntiSpyware ( see post #49)

    DONE-Please run one last scan of Malwarebytes Antimalware - but this time you're going to do a full scan of drive C and not just a threat scan (see my instructions in previous post #75)

    sfc /scannow
    CryptoPrevent
    Set 2 restore points: CLEAN #1 and CLEAN #2
    Ccleaner: open the list of existing restore points, and we will delete all old ones, because they contain infection remnants and we don't want to have them available for a restore. We will also have a look at your startups and autoruns, and your installed programs from here.

    (I may have a couple of other tools I will add to the list here, if we find they are necessary, so TBD.)

    Then, I will suggest you put a couple add-ons into Firefox and adjust some settings for safety, and ONLY use Firefox to browse the web, until Edge has extension support (sometime next year).

    --------------------------------------


    Please now let's run SFC /SCANNOW to make sure your operating system files are intact.
    When you run the tool, we are looking for the answer "No integrity violations found".
    If you get something else other than that, please reboot, and run the tool again. You should run this tool at leaast 3 times, to see if we can get the answer we are looking for.


    EDIT: USE OPTION #3

    Here are the instructions:
    SFC Command - Run in Windows 10 - Windows 10 Forums
    Last edited by simrick; 17 Nov 2015 at 20:58.
      My ComputerSystem Spec
  4.    17 Nov 2015 #94
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    I just completed the sfc/scannow process: The message read:

    I used "Option 3."

    "Windows Resource Protection did not find any Integrity Violations."

    I accessed the Command Prompt via Start > Command Prompt (Admin)
      My ComputerSystem Spec
  5.    17 Nov 2015 #95
    Join Date : Apr 2015
    Posts : 12,990
    W10Prox64

    Quote Originally Posted by Writer View Post
    I just completed the sfc/scannow process: The message read:

    I used "Option 3."

    "Windows Resource Protection did not find any Integrity Violations."

    I accessed the Command Prompt via Start > Command Prompt (Admin)
    Excellent news.

    Next:

    Let's download and run CryptoPrevent

    We will use standard protection. The computer will need to be rebooted after you've applied the protection.

    Please give me a few moments to post some screenshots for you.
      My ComputerSystem Spec
  6.    17 Nov 2015 #96
    Join Date : Apr 2015
    Posts : 12,990
    W10Prox64

    Running CryptoPrevent

    Click image for larger version. 

Name:	foolishit01.PNG 
Views:	21 
Size:	49.2 KB 
ID:	48916

    Select default protection and click apply.

    Click image for larger version. 

Name:	foolishit02.PNG 
Views:	21 
Size:	28.2 KB 
ID:	48917

    Check for updates. Please wait a minute or even minute and a half for it to contact the server for updates.

    Click image for larger version. 

Name:	foolishit03.PNG 
Views:	21 
Size:	25.6 KB 
ID:	48918

    If an update is available, take it.
    Please note this is the free version. It will not auto-update, so you could check that once and a while.

    This is NOT a scanner. This makes group policy changes to your computer to prevent malicious code from running from within certain locations in your computer (like appdata), from which malware tend to typically execute their payload/code. It is not a "running" program. It simply makes the group policy changes and then does nothing else until you open it up to check for updates or change the settings.

    Click image for larger version. 

Name:	foolishit04.PNG 
Views:	21 
Size:	27.3 KB 
ID:	48919

    Click image for larger version. 

Name:	foolishit05.PNG 
Views:	21 
Size:	9.2 KB 
ID:	48923


    Click image for larger version. 

Name:	foolishit06.PNG 
Views:	21 
Size:	16.3 KB 
ID:	48924

    Click image for larger version. 

Name:	foolishit07.PNG 
Views:	21 
Size:	5.2 KB 
ID:	48925

    Click image for larger version. 

Name:	foolishit08.PNG 
Views:	21 
Size:	9.6 KB 
ID:	48926

    That's it.
      My ComputerSystem Spec
  7.    17 Nov 2015 #97
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    The Link that you give in Post 95 brings up a Website that is very busy. It is difficult to determine where to click in order to download the software. Could you tell me what to click on there?

    One possibility says: Download Locations. Below that it reads: Download at Author's site

    Above this it Reads: CryptoPrevent 7.4.20
      My ComputerSystem Spec
  8.    17 Nov 2015 #98
    Join Date : Apr 2015
    Posts : 12,990
    W10Prox64

    Quote Originally Posted by Writer View Post
    The Link that you give in Post 95 brings up a Website that is very busy. It is difficult to determine where to click in order to download the software. Could you tell me what to click on there?

    One possibility says: Download Locations. Below that it reads: Download at Author's site

    Above this it Reads: CryptoPrevent 7.4.20
    click here
    [link removed]

    when you've got it let me know, so I can delete the link, in case it changes in the future, and then we have a broken link in our thread.
      My ComputerSystem Spec
  9.    17 Nov 2015 #99
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    OK, I installed CryptoPrevent. After the "Restart," a message came up that read: Prevention Successfully applied.

    A window came up during the process about "WhiteListing" certain segments. It said that if I wasn't sure that I should click on "No" Do not WhiteList. So I clicked on No.
      My ComputerSystem Spec
  10.    17 Nov 2015 #100
    Join Date : Apr 2015
    Posts : 12,990
    W10Prox64

    Quote Originally Posted by Writer View Post
    OK, I installed CryptoPrevent. After the "Restart," a message came up that read: Prevention Successfully applied.

    A window came up during the process about "WhiteListing" certain segments. It said that if I wasn't sure that I should click on "No" Do not WhiteList. So I clicked on No.
    That's fine. Please stand by for my next post.
      My ComputerSystem Spec

 
Page 10 of 17 FirstFirst ... 89101112 ... LastLast


Similar Threads
Thread Forum
BEST Anti-Virus for Windows 10 Pro ??
I have been using Norton Anti-Virus for 10 years and Norton Security the past 3 years !! I actually bought a 3-User pack on a Super Sale Price (from Norton). My Wife uses on and I have one "unused" !! Since I Upgraded to WINDOWS 10 PRO I find...
AntiVirus, Firewalls and System Security
Malware or Virus?
I usually use downmagz.com to download magazines. Today, I went to there to get some mags and when I went to the download page I got a popup that said CableONE has blocked the website. Clicked OK and then a page came up with a blue screen and...
AntiVirus, Firewalls and System Security
Solved ?Question about virus behavior.
Hi all, story; I got a virus about 6 months ago,,around then,, I had a pro-virus program, and it found virus after virus,after virus,,,,uhh infected files,,, my question is; why didnt the virus program kill the "source of the virus"? was i...
AntiVirus, Firewalls and System Security
Help with a virus
Hi everyone, So here is my issue, I installed some software but it turned out to be a fake version of that software. It installed a ton of bloat and popups and all of that. When ever I uninstalled the software it would reinstall itself and it was a...
AntiVirus, Firewalls and System Security
VIRUS TOTAL Bookmarked
While Miles was helping some one in Eight Forums he made a recommendation for the user to scan a URL with an online scanner. An then it came to me, I should have Virus Total bookmarked. https://virustotalcloud.appspot.com/static/img/logo.png ...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 05:55.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums