New
#11
Last edited by YoYo IE; 24 Feb 2018 at 05:42.
Glad you're making progress YoYo IE! Seems like the "group thought" that this did not bode well -- possible malware, in fact -- was correct. I hope you can get things cleaned up without too much additional difficulty. If you find yourself in need of more expert assistance than is typically available here at TenForums for malware clean-up (doesn't happen very often, but does happen sometimes) I can recommend the user forums at MajorGeeks.com that deal with Hijack This! analysis, and the malware analysis forums at bleepingcomputer.com. They've been doing this since before I wrote a book about malware in 2004, and they're still doing it today.
HTH,
--Ed--
PS: One more thought on your Task Manager info. In addition to the "Search online" option from the right-click on the app name, you can also select "Go to details" instead. If you still have one of those processes on your PC, you might try that to see the name of the process that comes up in the details pane in response. That might tell us something useful, if you were to make a screenshot of that info and post it here, like so (I picked Norton Security just as a for instance):
Last edited by EdTittel; 24 Feb 2018 at 10:07. Reason: Add PS
Log files are not showing Downside and Excavations. I see that you run: μTorrent which is a place to grab things like that.
Here's two more methods to kill them.
1. In Revo Uninstaller Pro you can force uninstall by searching them. Click on Forced Uninstall (upper left) and type downside + click Avanced + click next. Wait for results and decline any offer, just let Revo do the work
Redo it for Excavations. Before rebooting, you may or not search the registry for leftover. If they come back again, repeat with Revo and search for leftover in the registry immediately after.
2. In Regedit, you can delete them manually. Search for Downside and delete related keys. Revo is safer if you are not familiar with searching the registry.
Regedit/Edit/Find/Type downside and start searching/Click F3* to delete them one by one after until <<Finished searching the registry>> is shown.
Repeat for the second one.
Get the Pro version free trial:
Download Revo Uninstaller Freeware - Free and Full Download - Uninstall software, remove programs, solve uninstall problems
* If searching the registry is in an open loop (stalls), meaning that search result is always the same, you have to force it. Click on an empty space so that any key is highlighted and click F3= Force Search.
Last edited by MikeMecanic; 24 Feb 2018 at 16:24.
Are you using NordVPN?
Some of this junk has been found in their service.
I see adware and search hijackers; It also appears that you have/had a mining program on there (Easeware). Are you mining?
I think you need to reset all your browsers, and run Ccleaner on them to clear out the junk. That means ALL browsers that exist on the system, not just the ones you're using regularly. Internet Explorer, Edge, Firefox, Chrome, etc.
You might also want to run JRT (Junkware Removal Tool).
Then flush the DNS. Open an admin command prompt and type ipconfig /flushdns
Then advise if you're still having problems. If so, a FRST log will be in order.
Torrenting is a good way to get yourself infected.