Computer Hope
Software => Computer viruses and spyware => Topic started by: Zammit on September 12, 2015, 08:58:30 AM
-
Error: Invalid display – language keyword cannot be found: Display line: display --to LOG --type INFO CONFIG_ROOTDIR /
Checking LD_LIBRARY_PATH variable [ Skipped ]
Checking for prerequisites [ Warning ]
The (command properties test) is not completly supported in this version of OSX rootkit hunter
Performing malware checks
Checking running processes for suspicious files [ None found ]
Checking for hidden processes [ Skipped ]
Checking for login backdoors [ None found ]
Checking for suspicious directories [ None found ]
Checking for sniffer log files [ None found ]
Error: Invalid display – language keyword cannot be found: Display line: display --toNow we run an additional connection check, to inform you about used and listen tcp-ports
and their appropriate process/commands. – This additional check was created by Christian Hornung
There is a LISTEN tcp Port *:http-alt created by Process/Command: Adguard
There is a LISTEN tcp Port localhost:12080 created by Process/Command: com.avast
There is a LISTEN tcp Port localhost:12110 created by Process/Command: com.avast
There is a LISTEN tcp Port localhost:12143 created by Process/Command: com.avast
There is a LISTEN tcp Port localhost:12443 created by Process/Command: com.avast
There is a LISTEN tcp Port localhost:12993 created by Process/Command: com.avast
There is a LISTEN tcp Port localhost:12995 created by Process/Command: com.avast
There is a LISTEN tcp Port localhost:49168 created by Process/Command: TorGuardD
There is a LISTEN tcp Port localhost:ipp created by Process/Command: launchd
FYI, named services are described in the file /etc/services
There is a CONNECTED tcp Port TorGuardD used by the Process/Command:
There is a CONNECTED tcp Port com.avast used by the Process/Command:
There is a CONNECTED tcp Port 12080 used by the Process/Command: com.avast
There is a CONNECTED tcp Port 12443 used by the Process/Command: Aviator
There is a CONNECTED tcp Port 12443 used by the Process/Command: apsd
There is a CONNECTED tcp Port 12443 used by the Process/Command: openvpn
There is a CONNECTED tcp Port 49168 used by the Process/Command: openvpn
There is a CONNECTED tcp Port 49173 used by the Process/Command: TorGuardD
There is a CONNECTED tcp Port 49645 used by the Process/Command: com.avast
There is a CONNECTED tcp Port 49659 used by the Process/Command: com.avast
There is a CONNECTED tcp Port 49663 used by the Process/Command: com.avast
There is a CONNECTED tcp Port 49946 used by the Process/Command: com.avast
There is a CONNECTED tcp Port 49966 used by the Process/Command: com.avast
There is a CONNECTED tcp Port http used by the Process/Command: com.avast
There is a CONNECTED tcp Port https used by the Process/Command: com.avast
Performing checks on the network interfaces
Checking for promiscuous interfaces [ Warning ]
Possible promiscuous interfaces:
'ifconfig' command output:
Checking the local host...
Performing group and account checks
Checking for passwd file [ Found ]
Checking for root equivalent (UID 0) accounts [ None found ]
Checking for passwordless accounts [ None found ]
Checking for passwd file changes [ None found ]
Checking for group file changes [ None found ]
Checking root account shell history files [ None found ]
Performing system configuration file checks
Checking for a system logging configuration file [ Found ]
Checking if SSH root access is allowed [ OK ]
Checking if SSH protocol v1 is allowed [ Warning ]
The SSH configuration option 'Protocol' has not been set.
Checking for a running system logging daemon [ Found ]
Checking for a system logging configuration file [ Found ]
Checking if syslog remote logging is allowed [ Warning ]
Error: Invalid display – language keyword cannot be found: Display line: display --to SCREEN+LOG --type WARNING SYSTEM_CONFIGS_SYSLOG_REMOTE_FOUND install.* @127.0.0.1:32376
Performing filesystem checks
Checking /dev for suspicious file types [ Warning ]
Suspicious file types found in /dev:
/dev/fd/6: data
/dev/fd/7: Hitachi SH big-endian COFF object, not stripped
/dev/fd/8: data
/dev/fd/9: data
/dev/fd/10: data
/dev/fd/11: data
/dev/fd/12: data
/dev/fd/13: data
/dev/fd/14: MS Windows icon resource
/dev/fd/15: MS Windows icon resource
/dev/fd/16: MS Windows icon resource
Checking for hidden files and directories [ Warning ]
Hidden file found: /usr/share/man/man5/.rhosts.5: troff or preprocessor input text
???
-
Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
What sort of problems are you experiencing?
Please download AdwCleaner (http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner)by Xplode onto your Desktop.
Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.
(http://i424.photobucket.com/albums/pp322/digistar/AdwCleaner-icon.jpg)
If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
When the AdwCleaner program will open, click on the Scan button as shown below.
(http://i424.photobucket.com/albums/pp322/digistar/untitled.png)
AdwCleaner will now start to search for malicious files that may be installed on your computer.
To remove the files that were detected in the previous step, please click on the Clean button.
(http://i424.photobucket.com/albums/pp322/digistar/3.png)
AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
*********************************************
(http://i424.photobucket.com/albums/pp322/digistar/mbamicontw5.gif) Please download Malwarebytes Anti-Malware from here. (http://download.bleepingcomputer.com/malwarebytes/mbam-setup.exe)
Double Click mbam-setup.exe to install the application.
- It should update automatically if the computer is connected to the internet.
- Click on Threat Scan and click on Scan Now.
- The scan may take some time to finish,so please be patient.
- When the scan is complete make sure all the infections have "quarantine" selected in the Action box.
- Click on "Apply actions" You may be asked to Restart your computer to completely remove the infections.
- When disinfection is completed you can click on "Copy to Clipboard".
- Paste the log in you next reply (CTRL+ V)
*************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1 (http://screen317.spywareinfoforum.org/SecurityCheck.exe)
Link 2 (http://screen317.changelog.fr/SecurityCheck.exe)
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
-
Thank you for ur reply but I can't download adware clean I'm using a MacBook. Is there any programs for Mac? That I can fix it with. Thank you
-
Sorry, I can't help with Apple products. You might try the Apple forum on this site.