Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Need help identifying possible threats

21 May 2015   #1
Nelson35

Windows 7 Home Premium 64bit
 
 
Need help identifying possible threats

I attached a log file with some possible infections, but I don't know which I should remove or not. Wondering if I could get a little advice.




Attached Files
File Type: log HitmanPro_20150521_0729.log (17.8 KB, 6 views)
My System SpecsSystem Spec
.
21 May 2015   #2
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

Quote:
Max Computer Cleaner is a potentially unwanted program (PUP) that is known to utilize various deceptive marketing practices in order to infiltrate a computer system. The Max Computer Cleaner program is usually automatically contracted without user permission or knowledge and alongside multiple unwanted programs and malicious software.
Quote:
Adware.CrossRider is bundled within the custom installers on many download sites like Softonic, Brothersoft and Cnet. CrossRider is a browser hijacker that will take full control of your browser and start redirecting you to unfamiliar web pages. This may be exploited by hackers to infect your computer with harmful viruses. If this browser extension is present on your PC, then it will be able to redirect you to potentially harmful websites every time you try to perform an online search. This is why, it is recommended that you get rid of this application immediately.
Quote:
The ShopperPro adware infection is designed specifically to make money. It generates web traffic, collects sales leads for other dubious sites, and will display advertisements and sponsored links within your web browser.

ShopperPro it’s technically not a virus, but it does exhibit plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browser hijacking, and in general just interfering with the user experience. The industry generally refers to it as a “PUP” or potentially unwanted program.
Quote:
DomalQ is an adware application that attacks Internet Explorer, Mozilla Firefox or Google Chrome Internet browsers. DomalQ shows disturbing pop-up advertisements while the hijacked Internet browser is opened. The purpose of DomalQ is to push a variety of doubtful websites, services and offers which, in truth, are very irritating and disrupt the attacked PC user's online activity. DomalQ will divert the victimized computer user to misleading websites if he/she clicks on the pop-up advertisements shown by DomalQ. DomalQ may also replace the default homepage and default search engine with tricky websites. DomalQ will reduce the corrupted PC's performance. DomalQ can trace the victimized PC user's online activities. DomalQ can record the victim's browsing history and even get access to his/her private details including login information, such as user names and passwords.
Quote:
LolliScan is an adware program, that displays pop-up ads and advertisements on web pages that you visit. These advertisements will be shown as boxes containing various coupons that are available, as underlined keywords, pop-up ads or advertising banners.
These guides will walk you through removing these items. The free version of Malwarebytes will work fine, be sure to uncheck the "start free pro trial" after installing it, be sure that everything it finds is checked & quarantine it.

Also, since one of the programs has rootkit capabilities, d/l & run TDSSKiller to be sure you don't have a rootkit.

Note: When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.

Adware.CrossRider Removal Guide

Remove "Ads by LolliScan" virus (Easy Removal Guide)

I would not recommend using Revo uninstaller in this instance as AdwCleaner, Malwarebytes & Hitman Pro should be able to clean the infections and the leftover files.
My System SpecsSystem Spec
21 May 2015   #3
Nelson35

Windows 7 Home Premium 64bit
 
 

Thanks Borg386, I'll give this a try.
My System SpecsSystem Spec
.

22 May 2015   #4
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

If you are looking for a system cleaner, a recommended one is CCleaner. It has multiple functions & has a registry cleaner that allows you to make a back up of any reg files you remove. This can be a lifesaver if something vital is inadvertently taken out. After running the various malware scanners, it might be a good idea to d/l & run this to clean up any orphan files/reg keys.

The free version of CCleaner will work fine.

https://www.piriform.com/ccleaner
My System SpecsSystem Spec
22 May 2015   #5
RolandJS

Windows 7 Professional 64-bit
 
 

I have my HitmanPro default set to Ignore, that way I can click delete on known threats, and leave known good Windows OS files and known good nonWindows files alone. Early Warning scan can remove things you do not want removed. Take care.
My System SpecsSystem Spec
22 May 2015   #6
Nelson35

Windows 7 Home Premium 64bit
 
 

Quote   Quote: Originally Posted by RolandJS View Post
I have my HitmanPro default set to Ignore, that way I can click delete on known threats, and leave known good Windows OS files and known good nonWindows files alone. Early Warning scan can remove things you do not want removed. Take care.
Thanks for the tip RolandJS. As soon as I get the pro version of Hitman I'll make sure to do that. I only have the trial version and the free trial is up so I couldn't remove the few things it found. I think everything else has been removed though. By the way is there a list of known good WinOS files that could be copied so I'll have an idea what to look for in the future?
My System SpecsSystem Spec
23 May 2015   #7
RolandJS

Windows 7 Professional 64-bit
 
 

I do not know of such a list. I think HitmanPro's server/cloud side may [or may not] have such a listing.
Because I'm not sure, I left Ignore as Default. Now, in Quick and Default scans, I can usually spot the malware, and I ignore any Windows OS, major program file being flagged until another security program "seconds the motion."
My System SpecsSystem Spec
Reply

 Need help identifying possible threats




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
If malwarebytes found threats and i delete all the threats will it bro
If malwarebytes found threats and i delete all the threats will it broke my pc?
System Security
Security Threats You Should Know About
This is my experience & common mistake we'll make atleast once in a while & me & my friend almost paid a good price for our stupidity but got away with it luckily, so, wanted to share this experience so others may avoid these common mistakes. Just be careful what you are sharing & being a...
General Discussion
Malwarebytes Finds 2 Threats Won't Go Away
Malwarebytes found 2 infections. It deleted infections believe called BadCompany with Notepad. Now WinPatrol advises these 2 threats are trying to make changes to computer. 1. Microsoft Notepad.exe% Want to make change for this type of file registry editor Microsoft regit.exe %1 #2 .SCE ...
System Security
Threats to watch out for
More stuff to watch out for...it never ends..... Android Game Is a Spy App in Disguise - Researchers with F-Secure discovered an Android app that is a spy app disguised as a Snake game. Sneaky. Android Game Is a Spy App in Disguise - PCWorld Facebook Warns of Clickjacking Scam - A disguised...
System Security
Threats to windows 7?
just to discuss, are they any possible treats to windows 7?
General Discussion


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 19:39.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App