Unwanted antivirus

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
903
Hi Brigham,

These issues don't appear to be related to a malware infection. I am not very experienced in troubleshooting these types of problems. Once this topic is complete, I recommend you post new topic(s) related to these issues in the appropriate forums.

Windows 10 Support
Hardware
Web & Email

Someone more experienced with troubleshooting general Windows issues/problems with printers will be able to better assist.

Before completing this topic, I would like you to run one final scan to check for anything the FRST scan did not show.

---------------------------------------------------
ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.
  • Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
  • When the tool opens, click Get Started.
  • Read and accept the license agreement.
  • At the Welcome to ESET Online Scanner window, click Get Started.
  • Select whether you would like to send anonymous data to ESET.
  • Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
  • Click on the Full Scan option.
  • Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
  • ESET will now begin scanning your computer. This may take some time.
  • When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
  • ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
  • On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
  • Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.
 

Brigham

John
Thread Starter
Joined
Aug 24, 2010
Messages
1,513
iMacg3

Thanks very much for your help. It must be awkward for you with our different time zones, and my lack of computer skills.
 

iMacg3

Malware Specialist
Joined
Nov 3, 2018
Messages
903
No problem, glad we could help.

The following will remove the tools we used as well as reset system restore points:

---------------------------------------------------
KpRm

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.

----------------------------------------------------
Some tips to keep your computer safe on the Internet

Make sure to use strong passwords. There are password managers (for example, Bitwarden) that can help you use secure passwords, and keep track of them.

How to create a strong password
----------------------------------------------------
Keeping software up-to-date is important as well. Programs such as UCheck, Heimdal Free, or PatchMyPC can help keep software on your computer up-to-date.

To keep your operating system up-to-date, make sure that Windows Update is enabled on your computer.
----------------------------------------------------
I recommend backing up your PC regularly. There are several ways to back up your computer, such as using a cloud-based service online, external hard drive, or CD/DVD.

The following articles have more information about methods to back up your computer:

What's the Best Way to Back Up My Computer?

5 Ways to Back up Your Data
----------------------------------------------------
Here are some articles about how to keep your computer safe on the Internet -

Simple and easy ways to keep your computer safe and secure on the Internet - by Lawrence Abrams

Answers to common security questions - Best Practices - by quietman7

COMPUTER SECURITY - a short guide to staying safer online - Malware Removal

PC Safety and Security - What Do I Need? - Tech Support Forum
----------------------------------------------------

Safe surfing :)
 

Brigham

John
Thread Starter
Joined
Aug 24, 2010
Messages
1,513
# Run at 04/08/2020 08:43:17
# KpRm (Kernel-panik) version 2.8
# Website https://kernel-panik.me/tool/kprm/
# Run by ryswi from C:\Users\ryswi\Downloads
# Computer Name: DESKTOP-0L4R0PJ
# OS: Windows 10 X64 (19041)
# Number of passes: 1

- Checked options -

~ Registry Backup
~ Delete Tools
~ Restore System Settings
~ UAC Restore
~ Delete Restore Points
~ Create Restore Point
~ Delete Quarantines

- Create Registry Backup -

~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
~ [OK] Hive C:\Users\ryswi\NTUSER.dat backed up

[OK] Registry Backup: C:\KPRM\backup\2020-08-04-08-43-17

- Delete Tools -


## AdwCleaner
[OK] C:\Users\ryswi\Downloads\AdwCleaner(1).exe deleted
[OK] C:\Users\ryswi\Downloads\AdwCleaner.exe deleted
[OK] C:\Users\ryswi\Downloads\adwcleaner_8.0.2.exe deleted
[OK] C:\AdwCleaner deleted

## ESET Online Scanner
[OK] C:\Users\ryswi\Downloads\esetonlinescanner.exe deleted
[OK] C:\Users\ryswi\AppData\Local\ESET\ESETOnlineScanner deleted

## FRST
[OK] C:\Users\ryswi\Downloads\Addition.txt deleted
[OK] C:\Users\ryswi\Downloads\Fixlog.txt deleted
[OK] C:\Users\ryswi\Downloads\FRST-OlderVersion deleted
[OK] C:\Users\ryswi\Downloads\FRST.txt deleted
[OK] C:\Users\ryswi\Downloads\FRST64(1).exe deleted
[OK] C:\Users\ryswi\Downloads\FRST64(2).exe deleted
[OK] C:\Users\ryswi\Downloads\FRST64(3).exe deleted
[OK] C:\Users\ryswi\Downloads\FRST64(7).exe deleted
[OK] C:\Users\ryswi\Downloads\FRST64.exe deleted
[OK] C:\FRST deleted

## FSS
[OK] C:\Users\ryswi\Downloads\FSS.exe deleted
[OK] C:\Users\ryswi\Downloads\FSS.txt deleted

## Junkware Removal Tool
[OK] C:\Users\ryswi\Downloads\JRT(1).exe deleted
[OK] C:\Users\ryswi\Downloads\JRT(2).exe deleted
[OK] C:\Users\ryswi\Downloads\JRT(3).exe deleted
[OK] C:\Users\ryswi\Downloads\JRT(4).exe deleted
[OK] C:\Users\ryswi\Downloads\JRT(5).exe deleted
[OK] C:\Users\ryswi\Downloads\JRT(6).exe deleted
[OK] C:\Users\ryswi\Downloads\JRT.exe deleted

## Kaspersky Virus Removal Tool
[OK] C:\KVRT_Data deleted

## Minitoolbox
[OK] C:\Users\ryswi\Downloads\MiniToolBox.exe deleted

## Rkill
[OK] C:\Users\ryswi\Downloads\rkill.exe deleted

## Systemlook
[OK] C:\Users\ryswi\Downloads\SystemLook.txt deleted
[OK] C:\Users\ryswi\Downloads\SystemLook_x64(1).exe deleted
[OK] C:\Users\ryswi\Downloads\SystemLook_x64(2).exe deleted
[OK] C:\Users\ryswi\Downloads\SystemLook_x64(3).exe deleted
[OK] C:\Users\ryswi\Downloads\SystemLook_x64.exe deleted

- Restore System Settings -

[OK] Reset WinSock
[OK] FLUSHDNS
[OK] Hide Hidden file.
[OK] Show Extensions for known file types
[OK] Hide protected operating system files

- Restore UAC -

[OK] Set EnableLUA with default (1) value
[OK] Set ConsentPromptBehaviorAdmin with default (5) value
[OK] Set ConsentPromptBehaviorUser with default (3) value
[OK] Set EnableInstallerDetection with default (0) value
[OK] Set EnableSecureUIAPaths with default (1) value
[OK] Set EnableUIADesktopToggle with default (0) value
[OK] Set EnableVirtualization with default (1) value
[OK] Set FilterAdministratorToken with default (0) value
[OK] Set PromptOnSecureDesktop with default (1) value
[OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

~ [OK] RP named Windows Modules Installer created at 07/29/2020 13:10:41 deleted
~ [OK] RP named Windows Modules Installer created at 08/02/2020 20:17:42 deleted
[OK] All system restore points have been successfully deleted

- Create Restore Point -

[OK] System Restore Point created

- Display System Restore Point -

~ RP named KpRm created at 08/04/2020 07:43:54

-- KPRM finished in 78.20s --
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top