Page 2 of 2 FirstFirst 12
  1.    21 Jan 2017 #11
    Join Date : Aug 2016
    Posts : 553
    Windows 10 Home

    Also, let's do the following:

    Use the Zemana AntiMalware Download


    Double-click on the file Zemana.AntiMalware.Setup.exe to install.


    When the program starts you are presented with a Setup screen, click: Next
    Follow the prompts to install.

    Once Zemana AntiMalware starts, click: Scan


    When Zemana AntiMalware is finished it displays a list of all the malware found.
    Click on Next to remove the malicious files from your computer.


    A reboot may be required to remove malware.


    Click the Graph icon (far upper riht), highlight the applicable log file, and then click: Open Report

    Please post the notepad text file for review.
      My ComputerSystem Spec
  2.    22 Jan 2017 #12
    Join Date : Apr 2015
    Posts : 12,819
    W10Prox64

    Quote Originally Posted by rezarawat View Post
    Thanks for your advice 'prikker' but it seems those solutions still do not work. I'm gonna have to try spy hunter but the only problem is you have to but the program so I'm not too sure now.
    Please do NOT, under any circumstances, install SpyHunter on your system. You're just asking for trouble by doing that.

    -Run TDSSKiller - in the options, select all boxes from the bottom up; it will reboot to scan
    -Open Ccleaner free, clear all cache/history in all browsers - even ones you don't use.
    -Flush your DNS - at admin command prompt: ipconfig /flushdns
    -Reset all browsers on the machine - even ones you don't use.
    How to Reset Your Web Browser To Its Default Settings

    Microsoft Edge - Reset to Default in Windows 10

    -Run RKILL
    -Run ADWCleaner
    -Run JRT

    All these tools are free. All should be done in this order.
      My ComputerSystem Spec
  3.    22 Jan 2017 #13
    Join Date : Jun 2016
    Posts : 19
    windows 10
    Thread Starter

    hi cottonball ive done what you asked:

    using comand prompt:
    ----------------------------------------------------------------------------------------------------------------------------------------------------------# Copyright (c) 1993-2006 Microsoft Corp.#
    # This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
    #
    # This file contains the mappings of IP addresses to host names. Each
    # entry should be kept on an individual line. The IP address should
    # be placed in the first column followed by the corresponding host name.
    # The IP address and the host name should be separated by at least one
    # space.
    #
    # Additionally, comments (such as these) may be inserted on individual
    # lines or following the machine name denoted by a '#' symbol.
    #
    # For example:
    #
    # 102.54.94.97 rhino.acme.com # source server
    # 38.25.63.10 x.acme.com # x client host
    # localhost name resolution is handle within DNS itself.
    # 127.0.0.1 localhost
    # ::1 localhost
      My ComputerSystem Spec
  4.    22 Jan 2017 #14
    Join Date : Jun 2016
    Posts : 19
    windows 10
    Thread Starter

    cotton ball ive now used zemana and things seem fine, i will keep you posted, here is the log file:



    Zemana AntiMalware 2.70.179.576 (Installed)


    -------------------------------------------------------
    Scan Result : Completed
    Scan Date : 2017/1/22
    Operating System : Windows 10 64-bit
    Processor : 4X Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
    BIOS Mode : UEFI
    CUID : 123A7140A7F57224AE4412
    Scan Type : System Scan
    Duration : 15m 39s
    Scanned Objects : 152958
    Detected Objects : 22
    Excluded Objects : 0
    Read Level : Normal
    Auto Upload : Enabled
    Detect All Extensions : Disabled
    Scan Documents : Disabled
    Domain Info : WORKGROUP,0,2


    Detected Objects
    -------------------------------------------------------


    Shell Execute Hooks
    Status : Scanned
    Object : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\EnableShellExecuteHooks
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Potentially Unwanted Modification
    Cleaning Action : Delete
    Related Objects :
    Registry Entry - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\EnableShellExecuteHooks = enabled


    Firefox Shortcut
    Status : Scanned
    Object : Funny collection
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Firefox Shortcut


    Firefox Shortcut
    Status : Scanned
    Object : Funny collection
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Firefox Shortcut


    Firefox Shortcut
    Status : Scanned
    Object : Funny collection
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Firefox Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : Funny collection
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : Funny collection
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : --profile-directory=ChromeDefaultData
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : Funny collection
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Chrome Shortcut
    Status : Scanned
    Object : --load-extension="C:\Users\user\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk"
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Suspicious Browser Setting
    Cleaning Action : Repair
    Related Objects :
    Browser Setting - Chrome Shortcut


    Hosts File
    Status : Scanned
    Object : %systemroot%\system32\drivers\etc\hosts
    MD5 : 548F3A3D304552C73969EA1A0C635626
    Publisher : -
    Size : 3733
    Version : -
    Detection : Hosts Hijack
    Cleaning Action : Repair
    Related Objects :
    Hosts file - Too many empty lines in Hosts file
    File - %systemroot%\system32\drivers\etc\hosts


    WMIMalware
    Status : Scanned
    Object : ASEC
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Trojan:Win32/WMIGhost
    Cleaning Action : Repair
    Related Objects :
    Fileless Malware - WMIMalware : WMI::Root\Subscription\ASEC.mof


    rvsadapter.dll
    Status : Scanned
    Object : %programfiles%\chivaleplecerle\rvsadapter.dll
    MD5 : 91AAF5EFB7342F35DF2DC185443BE0FC
    Publisher : -
    Size : 179712
    Version : -
    Detection : Adware:Win32/BrowserHijack.Gen
    Cleaning Action : Quarantine
    Related Objects :
    File - %programfiles%\chivaleplecerle\rvsadapter.dll
    DLL - 2352 - C:\Windows\SysWOW64\svchost.exe
    Registry Entry - HKLM\System\CurrentControlSet\Services\Coofele\Parameters\ServiceDll = C:\Program Files (x86)\Chivaleplecerle\rvsadapter.dll


    Solution_manual_of_calculus_by_howard_anton_pdf_downloader.exe
    Status : Scanned
    Object : %userprofile%\downloads\programs\solution_manual_of_calculus_by_howard_anton_pdf_downloader.exe
    MD5 : 73D850B7BEEE1AB7BD6619707D948D49
    Publisher : MEGASTYAZHKA OOO
    Size : 524496
    Version : 1.0.0.6
    Detection : Adware:Win32/AutoBulk.51d80e!Ep
    Cleaning Action : Quarantine
    Related Objects :
    File - %userprofile%\downloads\programs\solution_manual_of_calculus_by_howard_anton_pdf_downloader.exe


    maoha
    Status : Scanned
    Object : NE->c:\program files (x86)\maoha
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : PUA:Win32/MaohaWiFi.D!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)


    ucbrowser
    Status : Scanned
    Object : NE->c:\users\user\appdata\local\ucbrowser
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : PUA:Win32/UCBrowser.C!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)


    installationconfiguration.xml
    Status : Scanned
    Object : NE->c:\users\user\appdata\roaming\installationconfiguration.xml
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Adware:Win32/Linkury.A!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)


    kuaizip
    Status : Scanned
    Object : NE->c:\users\user\appdata\roaming\kuaizip
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : PUA:Win32/KuaiZip.B!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)


    main.dat
    Status : Scanned
    Object : NE->c:\users\user\appdata\roaming\main.dat
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Adware:Win32/Linkury.G!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)


    kuaizipdrive.sys
    Status : Scanned
    Object : NE->c:\windows\system32\drivers\kuaizipdrive.sys
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : PUA:Win32/KuaiZip.D!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)


    {343c5224-aa7c-46b4-bebd-b05fe24b94e4}
    Status : Scanned
    Object : NE->c:\windows\system32\tasks\{343c5224-aa7c-46b4-bebd-b05fe24b94e4}
    MD5 : -
    Publisher : -
    Size : -
    Version : -
    Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
    Cleaning Action : Quarantine
    Related Objects :
    (null) - (null)




    Cleaning Result
    -------------------------------------------------------
    Cleaned : 22
    Reported as safe : 0
    Failed : 0
      My ComputerSystem Spec
  5.    22 Jan 2017 #15
    Join Date : Aug 2015
    Maine
    Posts : 38,443
    Windows10Pro 64Bit

    Quote Originally Posted by rezarawat View Post
    Sorry Caledon ken I am abit unclear about what you are trying to say. I went into the drivers folder in system32 and couldn't find a host file. So I searched in that folder, found a file called 'host' opened it in notepad and noticed it all starts with hashtags. But I don't know what to do with this. The tools are detecting something and removing them, which was UC I will try adwcleaner again and see if it detects this. But before it didn't
    You could try giving SuperAntiSpyware a shot at looking for malware on your harddrive. There is a free version.
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!
      My ComputersSystem Spec
  6.    22 Jan 2017 #16
    Join Date : Jun 2016
    Posts : 19
    windows 10
    Thread Starter

    Hi everyone,

    Thank you.for all the help my problems seems to be solved. Zemana antimalware did the job. It deleted all the fanli.cn viruses and quarantined a few others. Now Firefox and chrome is running normal again.
      My ComputerSystem Spec
  7.    22 Jan 2017 #17
    Join Date : Aug 2015
    Posts : 750
    Windows 10 Home

    Problem solved, I'm happy we could help you. Try to be more careful what you download and install the next time. Before installing check it first with your antivirus
      My ComputerSystem Spec
  8.    22 Jan 2017 #18
    Join Date : Aug 2016
    Posts : 553
    Windows 10 Home

    rezarawat,

    Glad Zemana AntiMalware worked for you. It is a good resource to get rid of problems like the ones on your machine.

      My ComputerSystem Spec

 
Page 2 of 2 FirstFirst 12


Similar Threads
Thread Forum
Browsers & Email Create Desktop Shortcut of Website in Google Chrome
How to Create a Desktop Shortcut of Website in Google Chrome Google Chrome lets you easily keep track of your favorite websites. You can add your favorite websites to your bookmarks, and you can also create desktop shortcuts of websites that will...
Tutorials
Microsoft Edge vs Google Chrome vs Firefox
I have had problems with Edge opening my Facebook etc very slowly. I even downloaded Firefox to see if it was faster. I prefer Chrome. It is much faster than Edge or Firefox. However, there is something weird happening. When I start my computer and...
Browsers and Email
Solved {Urgent} Google Chrome Starting to Slow ( Taking atleast 10-15 mins)
Hello, My First Problem Is Google Chrome Just from past 2 days starting very slow taking forever . Before it was working fine no idea what happened 2nd Problem just discovered that not able to start anything e.g CMD in administrative mode(run as...
Browsers and Email
Wierd Google Chrome and Google app launcher display issue
Clean installed windows 10 last week and I'm now getting a few odd display issues. On occasion my google app launcher is not displaying properly, It is much too big. After opening and closing a few times it returns to normal size. The same thing...
Browsers and Email
new tabs in Google Chrome ,Firefox or Internet Explorer freezes PC
Does anybody have a solution to this problem. When I open a couple of new tabs in Google Chrome ,Firefox or Internet Explorer it freezes my computer completely. It started with the latest Windows 10 update. 1. In Event Viewer - System I have this...
Browsers and Email
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 07:23.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums