Page 3 of 7 FirstFirst 1234567 LastLast
Results 21 to 30 of 65

Thread: lotsss offfffffftroj

  1. #21
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    if your still scanning with MBAM and it's not moving, open task manager and end task....

    I did forget your computer is XP

    https://www.eset.com/us/home/online-scanner/
    the above link is the same scanner but with a different approach
    Operating systems: Microsoft Windows 10/8.1/8/7/Vista/XP/2003/2000/NT (32/64-bit)
    Internet browsers: Firefox, Opera, Chrome, Edge and Internet Explorer 6 or later

    try this one and use the same method to disable your system security to allow it to run.

    If, this wont work either
    free KasperskySecurity Scan
    https://usa.kaspersky.com/free-virus-scan
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  2. #22
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default question

    ok i got my eset. a few q's about it
    shall i enable detection of potentially unwanted applications
    and from advanced settings :
    check - enable detection of potentially unsafe applications
    check- clean threats autamatically
    ??

    (ps : i have to go out to work will be back in 6- 7 hours, i will run a scan when i'll be back and send u the results and thanks.)

  3. #23
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    hitmanpro still finding stuff !
    for ex: c:\Program Files\YeaDesktop
    Is malicious. http://www.isthisfilesafe.com/company/BITE_details.aspx
    Let's see if the eset scanner finds and deletes this if it doesn't we can use FRST to remove it.

    1 malicous version of hitmanpro at my external hard drive :F
    not sure I'm understanding this, Hitman Pro is a good tool, not sure why it would be found to be bad?

    2 trojans at system volume information
    This is not unusual, what we'll do to remove those is to create a new good restore point when we're finished.

    2 suspicous files : A0003752.exe at system volume inforation,
    This is not unusual, what we'll do to remove those is to create a new, good restore point when we're finished.

    and FRST.exe at desktop ...Hitman found this?, not a problem, often scanners find legit tools and classify them as suspicious.
    what do u suggest .?
    leave it alone.


    shall i enable detection of potentially unwanted applications <== yes
    and from advanced settings :
    check - enable detection of potentially unsafe applications <== yes
    check- clean threats autamatically <== yes
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  4. #24
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default yey 1 more pesky to go

    yey it found the "yeadesktop" stuff or whatever and erased. .

    The kind of strange things after the search ,i got the log below. which says either "cleaned by deleting" or "deleted" ; but the funny thing is i deleted them (1 by 1 by clicking the checks inside the button & then pressing the button clean and had the option to leave some of them unchecked ).so either the program doenst know what it is saying or i dont understand ! i mean if it's already cleaned or deleted ,what am i cleaning ? , or if itsnt cleaned yet why does it already write on the log that it's either deteled or cleaned by deleting . very strange language in my opinion ... sorry for the slightly inappropriate writting...

    i erased all of the stuff except 4 of them which are pretty safe cuz i've been using them for years and never caused me any problems.. : ( w3l.exe, poweriso.exe , one of the utorrent.exe ), i also didnt erased the aida64engineer430.exe which kind of seems a legit program with no harm,
    but i wanted to ask and have ur opinon anyway..
    here's the log .. whats next ?
    --------------------------------------------------------------------------------------------------------------------------------------
    C:\Documents and Settings\ozg\Application Data\uTorrent\updates\3.4.2_33254.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
    C:\Documents and Settings\ozg\My Documents\İndirilenler\ccsetup528.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
    C:\Program Files\YeaDesktop\YeaDesktop.exe a variant of Win32/Adware.Agent.NPN application cleaned by deleting
    F:\Ozgurs Hardisk\d\downl torrent\Rome Total War\Apps\daemon4123-lite.exe Win32/Adware.Toolbar.Shopper application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\utorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\ok\For Dota\Warkey 6.2.zip a variant of Win32/GameTool.CE potentially unsafe application deleted
    F:\Ozgurs Hardisk\e\New Downloads\ok\Starcraft mods\Burning_Ground_0.5v.zip a variant of Win32/GameHack.RA potentially unsafe application deleted
    F:\Ozgurs Hardisk\e\New Downloads\ok\Starcraft mods\Gravity.7z a variant of Win32/GameHack.RA potentially unsafe application deleted
    F:\Ozgurs Hardisk\e\New Downloads\ok\Starcraft mods\starcraftxv.0.2beta.exe a variant of Win32/GameHack.RA potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\ok\Starcraft mods\StarCraft_Hybrid_War_v0.7.exe a variant of Win32/GameHack.RA potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\ok\Warcraft3\w3l.exe Win32/GameHack.QJ potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\Programs\21 Aralık 2015 sonrası\uTorrent.exe a variant of Win32/AdkDLLWrapper.A potentially unwanted application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\Programs\21 Aralık 2015 sonrası\Readers\FoxitReader620.0429_enu_Setup.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\Programs\21 Aralık 2015 sonrası\Troj removal tool from ozgur\Zone alarm\zafwSetupWeb_110_780_000.exe Win32/Toolbar.Conduit potentially unwanted application deleted
    F:\Ozgurs Hardisk\e\New Downloads\Programs\21 Aralık 2015 sonrası\Windows Related\Hotspot shield\Hotspotshield_By_Anchorfree-646-setup.exe Win32/DownloadAdmin.H potentially unwanted application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\Programs\21 Aralık 2015 sonrası\Windows Related\Hotspot shield\HSS-3.37-install-e-550-plain.exe Win32/Bundled.Toolbar.Ask.L potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\e\New Downloads\Programs\21 Aralık 2015 sonrası\Windows Related\Hotspot shield\u.zip Win32/UltraReach.AF potentially unsafe application deleted
    F:\Ozgurs Hardisk\e\New Downloads\Programs\Sonra\aida64engineer430.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\ozgue new torrent\Games\Hitman Pro 3.7.12 Build 253 + Patch [4realtorrentz].zip a variant of Win32/HackTool.Patcher.AD potentially unsafe application deleted
    F:\Ozgurs Hardisk\ozgue new torrent\Games\Final.Fantasy.III-RELOADED\rld-fifbii.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted
    F:\Ozgurs Hardisk\ozgue new torrent\Games\Worms.Ultimate.Mayhem.Deluxe.Edition-PROPHET\ppt-wumd.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application deleted
    F:\Ozgurs Hardisk\ozgue new torrent\HitmanPro 3.7.9 Build 238\hitmanpro.3.7.x-patch.rar Win32/HackTool.Patcher.AD potentially unsafe application deleted
    F:\Ozgurs Hardisk\ozgue new torrent\HitmanPro 3.7.9 Build 238\HitmanPro.exe Win32/Indiloadz.B trojan cleaned by deleting
    F:\Ozgurs Hardisk\ozgue new torrent\Torr chess\GM Igor Smirnov Courses\1. Grandmaster Secrets - Beginner Chess Course\Programs\video_player.exe a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\ozgue new torrent\Torr chess\GM Igor Smirnov Courses\3. How to Beat Titled Players - IntermediateAdvanced Course\Programs\video_player.EXE a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\ozgue new torrent\Torr chess\GM Igor Smirnov Courses\4. Your Winning Plan\Programs\video_player.EXE a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\ozgue new torrent\trksh\ccsetup526.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
    F:\Ozgurs Hardisk\ozgue new torrent\trksh\PowerISO6.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.L potentially unwanted application cleaned by deleting
    F:\Programs\GOMPLAYERENSETUP.EXE Win32/FusionCore.L potentially unwanted application,Win32/FusionCore.D potentially unwanted application cleaned by deleting
    F:\Programs\GOMPLAYERGLOBALSETUP.exe Win32/FusionCore.L potentially unwanted application,a variant of Win32/FusionCore.E potentially unwanted application cleaned by deleting

  5. #25
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default oh forgot to ask ccleaner

    i also erased the file "ccsetup528.exe" which was the installation for ccleaner ?. isnt tha a legit program?

  6. #26
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Quote Originally Posted by ozgur1318 View Post
    i also erased the file "ccsetup528.exe" which was the installation for ccleaner ?. isnt tha a legit program?
    Yes it is but it's also guilty of downloading and installing an extra toolbar item which I think is either ask or google.

    Your going to kill your computer with all these torrents you download.
    I'm not sure if you understand the importance of how dangerous they can be. GameHacks, torrents for legit programs to have without buying, cracks of any nature.
    It's file sharing. if the file is shared from an infected computer and you download it, your sunk.

    From the eset log you posted it displayed what came in or was bundled with what was found. You will never know what is contaminated and what isn't and the fact that there are some viruses we cannot remove and a reformat is the only option to get your computer back to a working state and that doesn't always work in some cases.

    OK
    As I see it your computer should be working better?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #27
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Forgot
    Instructions when running the eset scan were to set to delete what it found, as I see you are also allowed to uncheck items you wish not to remove.
    i also didnt erased the aida64engineer430.exe
    http://www.herdprotect.com/aida64eng...6fbd7b071.aspx
    aida64engineer430.exe =>Win32/Bundled.Toolbar.Google
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  8. #28
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default ok u are right

    after i read ur replies i thought u were right and
    i rescanned my conputer and wanted erase everything i left beheind . to my surprise they didtn occured in the second scan ! i think eset already deleted them as it says in the first scan log .
    and i also removed all of them (utorrent, aida64, ccleaner etc..) from add/remove programs .
    btw i just noticed on my windows start tab :there is still the pesky "Yeadesktop" !
    and i sitll think there are malwares lurking on the shadows cuz my computer still gets cpu choked easily ( even though its a little faster .which means wer are doing some good progress.)
    what shall i do now?

  9. #29
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default hitmanpro agrees with me

    there are 1 new tracking cookie .
    1 malware at my temp folder
    2 trojans at system volume information \_restore
    1 suspicous file at again in system volume info.. . (except Frst.exe on my desktop , i dont count that )

  10. #30
    Member
    Join Date
    Jun 2007
    Location
    ankara/turkey
    Posts
    91

    Default actully i just noticed

    actually i just noticed that the so called "malware " was kasparsky .so no problem about that..
    but the others i dont .know..what they are. i ereased the tracking cookie by hitmanpro. and ignored others untll ur response..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •