Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Possible adware infection on windows 7

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Possible adware infection on windows 7

Unread postby Arimyth » August 21st, 2017, 11:17 pm

Addition.txt
FRST.txt


Hello,

Within the past week I've started to notice some popups and redirect links when I enter search queries or even click on my screen. These popups usually lead to searchbind.net which redirects my search to yahoo, or sometimes I'll click my screen and be redirected to putrr18.com. I've run both MalwareBytes and BitDefender scans and deleted all suggested files. However the issue persists despite my efforts. I have not noticed symptoms beyond those which I have mentioned, such as slower performance, issues outside of a browser, or crashes. My main browser is Google Chrome, however this issue still exists when using Opera (I don't have any other browser except internet explorer without addons which came preinstalled). Below are the attached files: FRST.txt and Addition.txt
You do not have the required permissions to view the files attached to this post.
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm
Advertisement
Register to Remove

Re: Possible adware infection on windows 7

Unread postby mAL_rEm018 » August 25th, 2017, 6:09 pm

Hello Arimyth,

My apologies for the delay in getting to your topic. If you still need help, please do the following:

  • Right-click on FRST64.exe and select Run as administrator.
  • The tool might update. Please allow it to do so.
  • Select Scan.
  • When the scan is over two windows will open, FRST.txt and Addition.txt.
  • Please post the contents of both logs in your next reply.

-----------------------------------------
In your next reply, I would like to see..
  • FRST.txt
  • Addition.txt

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....
User avatar
mAL_rEm018
MRU Teacher
MRU Teacher
 
Posts: 2162
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Possible adware infection on windows 7

Unread postby Arimyth » August 28th, 2017, 2:19 pm

Addition.txt

FRST.txt


Apologies for the late reply, I was out of town for a few days. Attached are both FRST.txt and Addition.txt.

-Arimyth
You do not have the required permissions to view the files attached to this post.
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm

Re: Possible adware infection on windows 7

Unread postby mAL_rEm018 » August 28th, 2017, 2:25 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello Arimyth,

Welcome to Malware Removal! My name is mAL_rEm018, but feel free to call me mAL. I will be helping you with your malware related problems :)

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.

To make sure everything goes smoothly, I would like you to observe the following rules:
  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread. Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum. Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

I am currently reviewing your logs and will return as soon as possible, with additional instructions. In the meantime I would like you to read and get acquainted with the following topic: HOW TO GET HELP IN THIS FORUM - everyone must read this, where the conditions for receiving help here are explained.
User avatar
mAL_rEm018
MRU Teacher
MRU Teacher
 
Posts: 2162
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Possible adware infection on windows 7

Unread postby Arimyth » August 28th, 2017, 3:16 pm

Hey mAL,

This is my personal Windows 7 computer and I have full administrator rights. I have read the rules and agree to them.

-Arimyth
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm

Re: Possible adware infection on windows 7

Unread postby mAL_rEm018 » August 28th, 2017, 5:21 pm

Hello Arimyth,


Please answer the following question:
  • Is this computer used for any type of business purposes?


TSG-SysInfo
  • Please download and save the following tool to your Desktop: Link.
  • Right-click on SysInfo.exe and select "Run as Administrator" to run it...if UAC prompts, please allow it.
  • A window entitled TSG SysInfo will open. Please copy/paste the highlighted text in your next reply.


MGA Diagnostics
  • Please download and save the following tool to your Desktop: Link.
  • Right-click on MGADiag.exe and select "Run as Administrator" to run it...if UAC prompts, please allow it.
  • Select Continue. The diagnosis will now begin.
  • When the process is over, click Copy.
  • Open Notepad and paste the contents.
  • Save this file as MGADiag.txt.
  • Post the content on MGADiag.txt in your next reply.


CKScanner
  • Please download following tool to your Desktop: Link
  • Right-Click on CKScanner.exe and select "Run as Administrator" to run it...if UAC prompts, please allow it.
  • Select Search For Files
  • When the scan in finished, click on Save List To File.
  • Open CKFiles.txt on your desktop and post the contents in your next reply.
    Only run CKScanner.exe once.


-----------------------------------------
In your next reply, I would like to see..
  • Answer to my question.
  • TSG-SysInfo log
  • MGADiag.txt
  • CKFiles.txt

    Please post each log separately to prevent it being cut off by the forum post size limiter.
    Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....
User avatar
mAL_rEm018
MRU Teacher
MRU Teacher
 
Posts: 2162
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Possible adware infection on windows 7

Unread postby Arimyth » August 28th, 2017, 9:43 pm

My computer is used solely for personal projects and use. It has never been used for any kind of business or organization. The 3 files will be attached in 3 separate posts separate from this one.
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm

Re: Possible adware infection on windows 7

Unread postby Arimyth » August 28th, 2017, 9:46 pm

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 7 Ultimate, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz, Intel64 Family 6 Model 94 Stepping 3
Processor Count: 4
RAM: 16343 Mb
Graphics Card: Radeon (TM) RX 480 Graphics, -1 Mb
Hard Drives: C: 223 GB (121 GB Free); D: 931 GB (778 GB Free);
Motherboard: MSI, Z170A GAMING M3 (MS-7978)
Antivirus: Bitdefender Antivirus Free Antimalware, Enabled and Updated

Some things to note: My graphics card has 8GB of VRAM, not sure why it says -1 Mb.
C: is a 223gb SSD and D: is a 1TB HDD.
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm

Re: Possible adware infection on windows 7

Unread postby Arimyth » August 28th, 2017, 9:50 pm

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->

Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-D4M3X-9BK9M-4RPH9
Windows Product Key Hash: jlr8sJgEl+xs9ipw2oBs+TIywKw=
Windows Product ID: 00426-OEM-8992662-00009
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.1.7601.2.00010100.1.0.001
ID: {1C87DF6A-529F-4097-B652-B11A8C69267A}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows 7 Ultimate
Architecture: 0x00000009
Build lab: 7601.win7sp1_gdr.130828-1532
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]
File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{1C87DF6A-529F-4097-B652-B11A8C69267A}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.001</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-4RPH9</PKey><PID>00426-OEM-8992662-00009</PID><PIDType>2</PIDType><SID>S-1-5-21-2700185069-337209265-1189023076</SID><SYSTEM><Manufacturer>MSI</Manufacturer><Model>MS-7978</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>A.60</Version><SMBIOSVersion major="3" minor="0"/><Date>20160516000000.000000+000</Date></BIOS><HWID>1E593107018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>MSI_NB</OEMID><OEMTableID>MEGABOOK</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.1.7601.17514

Name: Windows(R) 7, Ultimate edition
Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
Activation ID: 7cfd4696-69a9-4af7-af36-ff3d12b6b6c8
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 00426-00178-926-600009-02-1033-7601.0000-1052017
Installation ID: 015460422660121006965235371110776400319562541445048954
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
Partial Product Key: 4RPH9
License Status: Licensed
Remaining Windows rearm count: 3
Trusted time: 8/28/2017 6:47:16 PM

Windows Activation Technologies-->
HrOffline: 0x00000000
HrOnline: N/A
HealthStatus: 0x0000000000000000
Event Time Stamp: N/A
ActiveX: Not Registered - 0x80040154
Admin Service: Not Registered - 0x80040154
HealthStatus Bitmask Output:


HWID Data-->
HWID Hash Current: OAAAAAEAAgABAAEAAAAEAAAABAABAAEAHKI0fzlxWjmOBir1WtKwWhoI3OG1qT+AZp5yir5B9FI=

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20001
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC ALASKA A M I
FACP ALASKA A M I
DBGP INTEL
HPET ALASKA A M I
MCFG ALASKA A M I
FPDT ALASKA A M I
FIDT ALASKA A M I
LPIT INTEL SKL
SSDT INTEL sensrhub
SSDT INTEL sensrhub
SSDT INTEL sensrhub
SSDT INTEL sensrhub
DBG2 INTEL
SSDT INTEL sensrhub
SSDT INTEL sensrhub
UEFI
SSDT INTEL sensrhub
SLIC MSI_NB MEGABOOK
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm

Re: Possible adware infection on windows 7

Unread postby Arimyth » August 28th, 2017, 9:52 pm

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\bitdefender antivirus free\crypt.dll
c:\program files\bitdefender antivirus free\kitinstaller\crypt.dll
c:\program files\common files\vst2\sylenth1\jungle loops crack da top soundbank.fxb
c:\program files\gimp 2\share\gimp\2.0\patterns\cracked.pat
c:\program files\git\usr\bin\ssh-keygen.exe
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\claps\ma firecracker clap.wv
c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\hi hats\ma firecracker chat.wv
c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\kicks\ma firecracker kick.wv
c:\program files (x86)\image-line\fl studio 12\data\patches\packs\drums (modeaudio)\snares\ma firecracker snare.wv
c:\program files (x86)\image-line\fl studio 12\data\patches\plugin presets\generators\drumpad\sound fx\crack.fst
c:\program files (x86)\image-line\fl studio 12\plugins\fruity\effects\hardcore\presets\default\i cracked my tube!.hdprg
c:\program files (x86)\image-line\fl studio 12\plugins\fruity\generators\drumaxx\drum patches\sound fx\crack.dmpatch
c:\program files (x86)\image-line\fl studio 12\plugins\fruity\generators\drumpad\drum patches\sound fx\crack.dmpatch
c:\program files (x86)\image-line\fl studio 12\plugins\fruity\generators\sawer\presets\ambient\mc cracked.sawer
c:\program files (x86)\steam\steamapps\common\terraria\content\images\tilecracks.xnb
c:\users\brandon\documents\image-line\data\drumaxx\drum patches\sound fx\crack.dmpatch
c:\users\brandon\documents\image-line\data\hardcore\default\i cracked my tube!.hdprg
c:\users\brandon\documents\image-line\data\sawer\ambient\mc cracked.sawer
c:\users\brandon\documents\mega\brandon\code assets\website files\p3\vendor\laravel\framework\src\illuminate\foundation\console\keygeneratecommand.php
c:\users\brandon\documents\mega\brandon\code assets\website files\p4\vendor\laravel\framework\src\illuminate\foundation\console\keygeneratecommand.php
c:\users\brandon\downloads\eggcrack-master_mpgh.net.zip
c:\users\brandon\downloads\eggcrack-master\.gitignore
c:\users\brandon\downloads\eggcrack-master\509a0690e0591fb38d086770f82dbfabce6c3a81.asc
c:\users\brandon\downloads\eggcrack-master\eggcrack.json
c:\users\brandon\downloads\eggcrack-master\license
c:\users\brandon\downloads\eggcrack-master\pom.xml
c:\users\brandon\downloads\eggcrack-master\readme.md
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\maven-metadata-local.xml
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.16\authlib-1.5.16.jar
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.16\authlib-1.5.16.jar.lastupdated
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.16\authlib-1.5.16.pom
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.16\authlib-1.5.16.pom.lastupdated
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.16\_remote.repositories
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.17\authlib-1.5.16.pom
c:\users\brandon\downloads\eggcrack-master\lib\com\mojang\authlib\authlib\1.5.17\authlib-1.5.17.jar
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\pom.xml
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\net\teamlixo\eggcrack\minecraft\authenticationfactory.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\net\teamlixo\eggcrack\minecraft\eggcrackauthenticationservice.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\net\teamlixo\eggcrack\minecraft\minecraftplugin.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\net\teamlixo\eggcrack\minecraft\mojangauthenticationfactory.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\net\teamlixo\eggcrack\minecraft\mojangauthenticationservice.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\agent.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\authmanager.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\authrequest.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\errorresponse.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\profile.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\refreshrequest.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\java\org\mcupdater\yggdrasil\sessionresponse.java
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\resources\plugin.json
c:\users\brandon\downloads\eggcrack-master\minecraftplugin\src\main\resources\properties.json
c:\users\brandon\downloads\eggcrack-master\release\eggcrack.jar
c:\users\brandon\downloads\eggcrack-master\release\eggcrack.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\eggcrack.json
c:\users\brandon\downloads\eggcrack-master\release\license
c:\users\brandon\downloads\eggcrack-master\release\readme
c:\users\brandon\downloads\eggcrack-master\release\lib\asm-3.0.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\asm-3.0.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\asm-commons-3.0.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\asm-commons-3.0.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\asm-tree-3.0.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\asm-tree-3.0.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\authlib-1.5.17.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\authlib-1.5.17.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\commons-io-2.4.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\commons-io-2.4.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\commons-lang3-3.1.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\commons-lang3-3.1.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\commons-logging-1.1.3.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\commons-logging-1.1.3.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\forms-1.1-preview.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\forms-1.1-preview.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\forms_rt-7.0.3.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\forms_rt-7.0.3.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\gson-2.2.4.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\gson-2.2.4.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\guava-15.0.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\guava-15.0.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\jdom-1.0.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\jdom-1.0.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\jgoodies-common-1.8.1.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\jgoodies-common-1.8.1.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\jgoodies-forms-1.9.0.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\jgoodies-forms-1.9.0.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\jopt-simple-4.5.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\jopt-simple-4.5.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\log4j-api-2.0-beta9.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\log4j-api-2.0-beta9.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\lib\log4j-core-2.0-beta9.jar
c:\users\brandon\downloads\eggcrack-master\release\lib\log4j-core-2.0-beta9.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\php\crackedaccs.txt
c:\users\brandon\downloads\eggcrack-master\release\php\writefile.php
c:\users\brandon\downloads\eggcrack-master\release\plugins\minecraftplugin.jar
c:\users\brandon\downloads\eggcrack-master\release\plugins\minecraftplugin.jar.sig
c:\users\brandon\downloads\eggcrack-master\release\plugins\minecraftplugin\properties.json
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authenticatorthreadfactory.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\eggcrack.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\linelogformatter.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\main.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\account.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\accountlistener.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\authenticatedaccount.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\output\accountoutput.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\output\attemptedaccount.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\output\fileaccountoutput.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\account\output\urlaccountoutput.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authentication\abstractauthenticationservice.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authentication\authenticationcallback.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authentication\authenticationexception.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authentication\authenticationservice.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authentication\runnableauthenticator.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\authentication\configuration\serviceconfiguration.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\config\configuration.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\config\eggcrackconfiguration.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\config\jsonconfiguration.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\credential\credential.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\credential\credentials.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\credential\password\passwordauthenticationservice.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\credential\password\passwordcredential.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\list\abstractextendedlist.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\list\extendedlist.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\list\array\extendedarraylist.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\objective\objective.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\objective\objectivecompleted.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\objective\objectiverequests.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\objective\objectivetime.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\filepluginmanager.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\plugin.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\pluginloader.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\pluginloadexception.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\pluginloghandler.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\pluginmanager.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\systempluginmanager.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\java\javaplugin.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\java\javapluginconfiguration.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\java\javapluginloader.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\java\json\jsonpluginconfiguration.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\plugin\java\json\jsonpluginloader.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\proxy\proxycallback.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\proxy\runnableproxychecker.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\session\session.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\session\sessionlistener.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\session\tracker.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\timer\intervaltimer.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\timer\timer.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\configurationinterface.form
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\configurationinterface.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\headerimage.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\main.form
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\proxiesinterface.form
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\proxiesinterface.java
c:\users\brandon\downloads\eggcrack-master\src\main\java\net\teamlixo\eggcrack\ui\userinterface.java
c:\users\brandon\downloads\eggcrack-master\src\main\resources\meta-inf\manifest.mf
c:\users\brandon\downloads\eggcrack-master\src\main\resources\net\teamlixo\eggcrack\version
c:\users\brandon\onedrive\mythian client\mcp\temp\src\minecraft\assets\minecraft\blockstates\cracked_brick_monster_egg.json
c:\users\brandon\onedrive\mythian client\mcp\temp\src\minecraft\assets\minecraft\blockstates\cracked_stonebrick.json
c:\users\brandon\onedrive\mythian client\mcp\temp\src\minecraft\assets\minecraft\models\block\stonebrick_cracked.json
c:\users\brandon\onedrive\mythian client\mcp\temp\src\minecraft\assets\minecraft\models\item\cracked_brick_monster_egg.json
c:\users\brandon\onedrive\mythian client\mcp\temp\src\minecraft\assets\minecraft\models\item\cracked_stonebrick.json
c:\users\brandon\onedrive\mythian client\mcp910\temp\src\minecraft\assets\minecraft\blockstates\cracked_brick_monster_egg.json
c:\users\brandon\onedrive\mythian client\mcp910\temp\src\minecraft\assets\minecraft\blockstates\cracked_stonebrick.json
c:\users\brandon\onedrive\mythian client\mcp910\temp\src\minecraft\assets\minecraft\models\block\stonebrick_cracked.json
c:\users\brandon\onedrive\mythian client\mcp910\temp\src\minecraft\assets\minecraft\models\item\cracked_brick_monster_egg.json
c:\users\brandon\onedrive\mythian client\mcp910\temp\src\minecraft\assets\minecraft\models\item\cracked_stonebrick.json
c:\windows\configsetroot\windows loader\keys.ini
scanner sequence 3.ZZ.11.HHAPDZ
----- EOF -----
Arimyth
Active Member
 
Posts: 7
Joined: August 21st, 2017, 10:53 pm

Re: Possible adware infection on windows 7

Unread postby pgmigg » August 29th, 2017, 5:50 pm

Cracked - Illegal Software

May I draw your attention to the topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST, which you should have read before posting for help.
The section here explains why we bring this to your attention.

If you wish to receive help from us, you must remove any and all of the following from your computer:
  • Illegal software
  • Cracked software
  • Illegal software key generators

Once the software and/or keygens have been removed, if you still need help, please start a new thread... include a link to your closed topic and include NEW FRST logs :

  • FRST.txt.
  • Addition.txt.
  • Details of the problems you're experiencing.
  • Link to your closed topic.

Wait for a new helper. Do not reply to your topic before a helper has replied.

This topic is now closed.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 4517
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 70 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware