Archive for the ‘Anti-Malware Tools’ Category

List of vulnerable wordpress plugins. Hacked, dangerous, vulnerable

Tuesday, October 17th, 2017

Reading Time: 8minutes

list-of-vulnerable-wordpress-pluginshacked-dangerous-vulnerable-wp

 

Have your wordpress has been hacked recently? Mine has Don't despair, below is a list of famous WordPress Plugins for its hackability.
Hope this helps you prevent your self on time and wipe out all the unnecessery plugins.
Double check the version number of Vulnerable plugins, and remove it only when you're sure its hackable. If you're sure you happen to run on your WordPress Blog or site one of the below plugins immediately deactivate and delete it.

 

Vulnerability types

A quick reminder of the most common security holes and issues WordPress plugins face. Please note that most problems are a combination of two or more types listed below.

Arbitrary file viewing
Instead of allowing only certain file source to be viewed (for example plugin templates) the lack of checks in the code allows the attacker to view the source of any file, including those with sensitive information such as wp-config.php

Arbitrary file upload
Lack of file type and content filtering allows for upload of arbitrary files that can contain executable code which, once run, can do pretty much anything on a site

Privilege escalation
Once the attacker has an account on the site, even if it’s only of the subscriber type, he can escalate his privileges to a higher level, including administrative ones.

SQL injection
By not escaping and filtering data that goes into SQL queries, malicious code can be injected into queries and data deleted, updated or inserted into the database. This is one of the most common vulnerabilities.

Remote code execution (RCE)
Instead of uploading and running malicious code, the attacker can run it from a remote location. The code can do anything, from hijacking the site to completely deleting it.

Plugin Name Vulnerability Type Min / Max Versions Affected
1 Flash Galleryarbitrary file upload1.3.0 / 1.5.6
360 Product Rotationarbitrary file upload1.1.3 / 1.2.0
Tevolutionarbitrary file upload2.0 / 2.2.9
Addblockblockerarbitrary file upload0.0.1
Ads Widgetremote code execution (RCE)2.0 / n/a
Advanced Access Managerprivilege escalation3.0.4 / 3.2.1
Advanced Ajax Page Loaderarbitrary file upload2.5.7 / 2.7.6
Advanced Video Embed Embed Videos Or Playlistsarbitrary file viewingn/a / 1.0
Analyticremote code execution (RCE)1.8
Analytics CounterPHP object injection1.0.0 / 3.4.1
AppointmentsPHP object injection1.4.4 Beta / 2.2.0
Asgaros Forumsettings change1.0.0 / 1.5.7
Aspose Cloud Ebook Generatorarbitrary file viewing1.0
Aspose Doc Exporterarbitrary file viewing1.0
Aspose Importer Exporterarbitrary file viewing1.0
Aspose Pdf Exporterarbitrary file viewing1.0
Attachment Managerarbitrary file upload1.0.0 / 2.1.1
Auto Attachmentsarbitrary file upload0.2.7 / 0.3
Bbpress Like ButtonSQL injection1.0 / 1.5
Bepro Listingsarbitrary file upload2.0.54 / 2.2.0020
Blaze Slide Show For WordPressarbitrary file upload2.0 / 2.7
Brandfolderlocal file inclusion (LFI)2.3 / 3.0
Breadcrumbs Ezremote code execution (RCE)n/a
Candidate Application Formarbitrary file viewing1.0
Category Grid View Galleryarbitrary file upload0.1.0 / 0.1.1
Cherry Pluginarbitrary file upload1.0 / 1.2.6
Chikuncountarbitrary file upload1.3
Cip4 Folder Download Widgetarbitrary file viewing1.4 / 1.10
Cms Commander ClientPHP object injection2.02 / 2.21
Contus Video Galleryarbitrary file viewing2.2 / 2.3
Cookie Euremote code execution (RCE)1.0
Cp Image Storearbitrary file viewing1.0.1 / 1.0.5
Cross Rssarbitrary file viewing0.5
Custom Content Type Managerremote code execution0.9.8.8
Custom Lightboxpossible remote code execution (RCE)0.24
Cysteme Finderarbitrary file viewing1.1 / 1.3
Db Backuparbitrary file viewing1.0 / 4.5
Delete All Commentsarbitrary file upload2.0
Developer Toolsarbitrary file upload1.0.0 / 1.1.4
Disclosure Policy Pluginremote file inclusion (RFI)1.0
Display Widgetsremote code execution2.6
Dop Sliderarbitrary file upload1.0
Download Zip Attachmentsarbitrary file viewing1
Downloads Managerarbitrary file upload1.0 Beta / 1.0 rc-1
Dp Thumbnailarbitrary file upload1.0
Dropbox BackupPHP object injection1.0 / 1.4.7.5
Dukapressarbitrary file viewing2.3.7 / 2.5.3
Ebook Downloadarbitrary file viewing1.1
Ecstaticarbitrary file upload0.90 (x9) / 0.9933
Ecwid Shopping CartPHP Object Injection3.4.4 / 4.4.3
Enable Google Analyticsremote code execution (RCE)n/a
Estatikarbitrary file upload1.0.0 / 2.2.5
Event Commerce Wp Event Calendarpersistent cross-site scripting (XSS)1.0
Filedownloadarbitrary file viewing0.1
Flickr GalleryPHP object injection1.2 / 1.5.2
Form Lightboxoption update1.1 / 2.1
Formidableinformation disclosure1.07.5 / 2.0.07
Fresh Pagearbitary file upload.11 / 1.1
Front End Uploadarbitrary file upload0.3.0 / 0.5.3
Front File Managerarbitrary file upload0.1
Fs Real Estate PluginSQL injection1.1 / 2.06.03
G Translateremote code execution (RCE)1.0 / 1.3
Gallery ObjectsSQL injection0.2 / 0.4
Gallery Sliderremote code execution (RCE)2.0 / 2.1
Genesis Simple Defaultsarbitrary file upload1.0.0
Gi Media Libraryarbitrary file viewing1.0.300 / 2.2.2
Google Analytics Analyzeremote code execution (RCE)1.0
Google Document EmbedderSQL injection2.5 / 2.5.16
Google Maps By Daniel Martynremote code exection (RCE)1.0
Google Mp3 Audio Playerarbitrary file viewing1.0.9 / 1.0.11
Grapefilearbitrary file upload1.0 / 1.1
Gravityformsreflected cross-site scripting (XSS)1.7 / 1.9.15.11
Hb Audio Gallery Litearbitrary file viewing1.0.0
History Collectionarbitrary file viewing1.1. / 1.1.1
Html5avmanagerarbitrary file upload0.1.0 / 0.2.7
I Dump Iphone To WordPress Photo Uploaderarbitrary file upload1.1.3 / 1.8
Ibs Mapproarbitrary file viewing0.1 / 0.6
Image Exportarbitrary file viewing1.0.0 / 1.1.0
Image Symlinksarbitrary file upload0.5 / 0.8.2
Imdb Widgetarbitrary file viewing1.0.1 / 1.0.8
Inboundio Marketingarbitrary file upload1.0.0 / 2.0
Infusionsoftarbitrary file upload1.5.3 / 1.5.10
Inpost Gallerylocal file inclusion (LFI)2.0.9 / 2.1.2
Invit0rarbitrary file upload0.2 / 0.22
Is Humanremote code execution1.3.3 / 1.4.2
Iwp ClientPHP object injection0.1.4 / 1.6.0
Jssor Sliderarbitrary file upload1.0 / 1.3
Like Dislike Counter For Posts Pages And CommentsSQL injection1.0 / 1.2.3
Mac Dock Galleryarbitrary file upload1.0 / 2.7
Magic Fieldsarbitrary file upload1.5 / 1.5.5
Mailchimp Integrationremote code execution (RCE)1.0.1 / 1.1
Mailpresslocal file inclusion (LFI)5.2 / 5.4.6
Mdc Youtube Downloaderarbitrary file viewing2.1.0
Menu Imagemalicious JavaScript loading2.6.5 / 2.6.9
Miwoftparbitrary file viewing1.0.0 / 1.0.4
Mm Forms Communityarbitrary file upload1.0 / 2.2.6
Mobile App Builder By Wappressarbitrary file uploadn/a / 1.05
Mobile Friendly App Builder By Easytoucharbitrary file upload3.0
Multi Plugin Installerarbitrary file viewing1.0.0 / 1.1.0
Mypixslocal file inclusion (LFI)0.3
Nmedia User File Uploaderarbitrary file upload1.8
Option Seoremote code execution (RCE)1.5
Page Google Mapsremote code execution (RCE)1.4
Party Hall Booking Management SystemSQL injection1.0 / 1.1
Paypal Currency Converter Basic For Woocommercearbitrary file viewing1.0 / 1.3
Php Analyticsarbitrary file uploadn/a
Pica Photo Galleryarbitrary file viewing1.0
Pitchprintarbitrary file upload7.1 / 7.1.1
Plugin Newsletterarbitrary file viewing1.3 / 1.5
Post Gridfile deletion2.0.6 / 2.0.12
Posts In Pageauthenticated local file inclusion (LFI)1.0.0 / 1.2.4
Really Simple Guest Postlocal file inclusion (LFI)1.0.1 / 1.0.6
Recent Backupsarbitrary file viewing0.1 / 0.7
Reflex Galleryarbitrary file upload1.0 / 3.0
Resume Submissions Job Postingsarbitrary file upload2.0 / 2.5.3
Return To Topremote code execution (RCE)1.8 / 5.0
Revsliderarbitrary file viewing1.0 / 4.1.4
S3bubble Amazon S3 Html 5 Video With Advertsarbitrary file viewing0.5 / 0.7
Sam Pro Freelocal file inclusion (LFI)1.4.1.23 / 1.9.6.67
Se Html5 Album Audio Playerarbitrary file viewing1.0.8 / 1.1.0
Sell Downloadsarbitrary file viewing1.0.1
Seo Keyword Pageremote code execution (RCE)2.0.5
Seo Spy Google WordPress Pluginarbitrary file upload2.0 / 2.6
Seo Watcherarbitrary file upload1.3.2 / 1.3.3
Sexy Contact Formarbitrary file upload0.9.1 / 0.9.8
Share Buttons Wpremote code execution (RCE)1.0
Showbizarbitrary file viewing1.0 / 1.5.2
Simple Ads Managerinformation disclosure2.0.73 / 2.7.101
Simple Download Button Shortcodearbitrary file viewing1.0
Simple Dropbox Upload Formarbitrary file upload1.8.6 / 1.8.8
Simple Image Manipulatorarbitrary file viewing1.0
Simplr Registration Formprivilege escalation2.2.0 / 2.4.3
Site Importremote page inclusion1.0.0 / 1.2.0
Slide Show Proarbitrary file upload2.0 / 2.4
Smart Slide Showarbitrary file upload2.0 / 2.4
Smart Videosremote code execution (RCE)1.0
Social Networking E Commerce 1arbitrary file upload0.0.32
Social Sharingpossible arbitrary file upload1.0
Social Sticky Animatedremote code execution (RCE)1.0
Spamtaskarbitrary file upload1.3 / 1.3.6
Spicy Blogrolllocal file inclusion (LFI)0.1 / 1.0.0
Spotlightyourarbitrary file upload1.0 / 4.5
Stats CounterPHP object injection1.0 / 1.2.2.5
Stats Wpremote code execution1.8
Store Locator Leunrestricted email sending2.6 / 4.2.56
Tera Chartsreflected cross-site scripting (XSS)0.1 / 1.0
The Viddler WordPress Plugincross-site request forgery (CSRF)/cross-site scripting (XSS)1.2.3 / 2.0.0
Thecartpresslocal file inclusion (LFI)1.1.0 / 1.1.5
Tinymce Thumbnail Galleryarbitrary file viewingv1.0.4 / v1.0.7
Ultimate Product Cataloguearbitrary file upload1.0 / 3.1.1
User Role Editorprivilege escalation4.19 / 4.24
Web Tripwirearbitrary file upload0.1.2
Webapp Builderarbitrary file upload2.0
Website Contact Form With File Uploadarbitrary file upload1.1 / 1.3.4
Weever Apps 20 Mobile Web Appsarbitrary file upload3.0.25 / 3.1.6
Woocommerce Catalog Enquiryarbitrary file upload2.3.3 / 3.0.0
Woocommerce Product Addonarbitrary file upload1.0 / 1.1
Woocommerce Products Filterauthenticated persistent cross-site scripting (XSS)1.1.4 / 1.1.4.2
Woopraarbitrary file upload1.4.1 / 1.4.3.1
WordPress File Monitorpersistent cross-site scripting (XSS)2.0 / 2.3.3
Wp Appointment Schedule Booking Systempersistent cross-site scripting (XSS)1.0
Wp Business Intelligence Litearbitrary file upload1.0 / 1.0.7
Wp Crmarbitrary file upload0.15 / 0.31.0
Wp Custom Pagearbitrary file viewing0.5 / 0.5.0.1
Wp Dreamworkgalleryarbitrary file upload2.0 / 2.3
Wp Easybookingreflected cross-site scripting (XSS)1.0.0 / 1.0.3
Wp Easycartauthenticated arbitrary file upload1.1.27 / 3.0.8
Wp Ecommerce Shop Stylingauthenticated arbitrary file viewing1.0 / 2.5
Wp Editorauthenticated arbitrary file upload1.0.2 / 1.2.5.3
Wp Filemanagerarbitrary file viewing1.2.8 / 1.3.0
Wp Flipslideshowpersistent cross-site scripting (XSS)2.0 / 2.2
Wp Front End Repositoryarbitrary file upload1.0.0 / 1.1
Wp Handy Lightboxremote code execution (RCE)1.4.5
Wp Homepage Slideshowarbitrary file upload2.0 / 2.3
Wp Image News Sliderarbitrary file upload3.0 / 3.5
Wp Levoslideshowarbitrary file upload2.0 / 2.3
Wp Miniaudioplayerarbitrary file viewing0.5 / 1.2.7
Wp Mobile Detectorauthenticated persistent cross-site scripting (XSS)3.0 / 3.2
Wp Monarbitrary file viewing0.5 / 0.5.1
Wp Online Storearbitrary file viewing1.2.5 / 1.3.1
Wp Piwikpersistent cross-site scripting (XSS)0.10.0.1 / 1.0.10
Wp Popupremote code execution (RCE)2.0.0 / 2.1
Wp Post Frontendarbitrary file upload1.0
Wp Propertyarbitrary file upload1.20.0 / 1.35.0
Wp Quick Booking Managerpersistent cross-site scripting (XSS)1.0 / 1.1
Wp Royal Gallerypersistent cross-site scripting (XSS)2.0 / 2.3
Wp Seo Spy Googlearbitrary file upload3.0 / 3.1
Wp Simple Cartarbitrary file upload0.9.0 / 1.0.15
Wp Slimstat Exarbitrary file upload2.1 / 2.1.2
Wp Superb Slideshowarbitrary file upload2.0 / 2.4
Wp Swimteamarbitrary file viewing1 / 1.44.1077
Wp Symposiumarbitrary file upload13.04 / 14.11
Wp Vertical Galleryarbitrary file upload2.0 / 2.3
Wp Yasslideshowarbitrary file upload3.0 / 3.4
Wp2android Turn Wp Site Into Android Apparbitrary file upload1.1.4
Wpeasystatslocal file inclusion (LFI)1.8
Wpmarketplacearbitrary file viewing2.2.0 / 2.4.0
Wpshoparbitrary file upload1.3.1.6 / 1.3.9.5
Wpstorecartarbitrary file upload2.0.0 / 2.5.29
Wptf Image Galleryarbitrary file viewing1.0.1 / 1.0.3
Wsecureremote code execution (RCE)2.3
Wysija Newslettersarbitrary file upload1.1 / 2.6.7
Xdata Toolkitarbitrary file upload1.6 / 1.9
Zen Mobile App Nativearbitrary file upload3.0
Zingiri Web Shoparbitrary file upload2.3.6 / 2.4.3
Zip Attachmentsarbitrary file viewing1.0 / 1.4

 

Have your WordPress site been hacked?

Don’t despair; it happens to the best of us. It’s tough to give generic advice without having a look at your site.

Upgrade old crappy Windows 7 32 bit to Windows 10 32 bit, post install fixes and impressions / How to enter Safe Mode in Windows 10

Wednesday, June 28th, 2017

Reading Time: 5minutes

Upgrade-Windows-7-Vista-XP-to-Windows-10-upgrade-howto-observations-post-fixes

However as I've been upgrading my sister's computer previously running Windows 7 to Windows 10 (the process of upgrading is really simple you just download Windows-Media-Creation-tool from Microsoft website and the rest comes to few clicks (Accept Windows 10 User Agreement, Create current install  restore point (backup) etc.) and waiting some 30 minutes or so for the upgrade to complete.

windows-7-to-10-windows-setup-upgrade-this-pc-prompt

Then it was up to downloading some other updates on a few times and restarting the computer, each time the upgrades were made and all the computer was ready. I've installed Avira (AntiVirus) as I usually do on new PCs and downloaded a bunch of anti-malware (MalwareBytes / Rfkill  / Zemanta)  to make sure that the old upgraded  WIndows was not already infected before the upgrade and I've found a bunch of malware, that got quickly cleared up.

Anyways I've tried also another tool called ReimagePlus – Online Computer Repairin order to check whether there are no some broken WIndows system files after the upgrade

Reimage_Repair-Windows-fix-windows-failing-services-and-broken-windows-installations-clear-up-malware
(here I have to say I've done that besides running in an Administrator command prompt (cmd.exe) and running
 

sfc /scannow


command to check base system files integrity, which luckily showed no problems with the Win base system files.

ReimagePlus however showed some failed services and some failed programs that were previously installed from Windows 7 before the upgrade and even it showed indication for Trojan present on computer but since ReImagePlus is a payed software and I didn't have the money to spend on it, I just proceeded to clean up what was found manually.

After that the computer ran fine, with the only strange thing that some data was from hard drive was red a bit too frequently, after a short call with a close friend (Nomen) – thx man, he suggested that the frequenty hdd usage might be related to Windows Search Indexing service database rebuilt and he adviced me to disable it which I did following this article How to speed up Windows by disabling Search Index Service.

One issue worthy to mention  stumbled upon after the upgrade was problems with Windows Explorer which was frequently crashing and "restarting the Desktop", but once, I've enabled all upgrades from Microsoft and Applied them after some update failures and restarts, once all was up2date to all latest from Microsoft, Explorer started working normally.

In the mean time while Windows Explorer was crashing in order to browse my file system I used the good old Win Total Command or Norton Commander for Windows – WinNC (with its most cool bizzarre own File Explorer tool).

Windows-Total-commander-tool-running-on-MS-Windows-10

As I wanted to run a MalwareBytes scan and Antivirus under Windows Safe-Mode, I tried entering it by restarting the Computer and pressing F8 a number of times before the Windows boot screen but this didn't work as Safe-Mode boot was changed in Windows 10 to be callable in another way because of some extra Windows Boot speed up optimizations, in short the easiest way I found to enter Windows 10 Safe Mode was to Hit Start Button -> Choose Restart PC and keep pressed SHIFT button simultaneously
that calls a menu that gives you some restore options, along with safe mode options for those who want to read more on How to Enter Safe mode (Command Prompt) on Windows 10 – please read this article.

Windows-10-enable-Safe-Mode-options-screen

Once the upgrade was over and all below done unfortunately I've realized her previously installed WIndows 7 is x86 (32 bit) version and the Acer notebook 5736Z where it is being installed is actually X64 (64 bit), hence I've decided to upgrade my dear sis computer to a 64 Bit Windows 10 and researched online whether, there is some tool that is capable to upgrade WIndows 10 from 32 bit to Windows 10 64 bit just to find out the only option is to either use some program to creaty a backup of files on the PC or to manually copy files to external hard drive and reinstall with a Windows 10 64 bit bootable USB Flash or CD / DVD image, so I took my USB flash and used again Windows Media Creation Tool to burn Windows and re-install with the 64 bit iso.

If you're wonder about why I choose to re-install finally Win 10 32 bit with Win 64 bit, because you might think performance difference might be not really so dramatic, then I have to say the Acer notebook is equipped with 4 Gigabytes of RAM Memory and Windows 10 32bit  (Pro) could recognize a maximum of 3 Gigabytes (2.9 GB if I have to be precise) and 1 Gigabyte of memory stays totally unusued all the time with  Winblows 10 32 bit.

Windows-10-4gb-memory-present-only-3gb-usable-why-reason-and-solution

I've tried my best actually to not loose time to fully upgrade Windows 7 (32 bit) -> Windows 10 (64 bit) but to make Windows 7 32 bit Windows to use more than the default Limitation of 3GB of memory by using this thirt party PAE Externsion Kernel Patch
which is patching the Windows Kernel to extend the Windows support for PCs with up to 128 GB of memory however it turned out that this Patch file is not compatible with my Windows Kernel version once I followed readme instructions.

It seems the PAE (Physical Address Extension) is supported by default  by Microsoft only on 32 bit Windows Server 10 to read more on the PAE if interested give a look here.

Well that's all folks, the rest I did was to just boot from the USB drive just burned and re-install WIndows and copy my files from User profile / Downloads / Pictures / Music etc. to the same locations on the new installed Windows 10 professional 64 bit and enjoy the better performance.

Clean slow Windows PC / Laptop from Spyware, Malware, Viruses, Worms and Trojans – Anti-Malware Program Arsenal

Monday, January 26th, 2015

Reading Time: 5minutes

clean-slow-Windows-computer-notebook-laptop-from-malware-spyware-viruses-worms-and-trojans

Malware Bytes is a great tool to clean a PC in a quick and efficient way from Malware /  Spyware that wormed while browsing infectious site on the internet.
But sometimes PCs that has to be fixed are so badly infected with Spyware, Malware and Viruses that even after running Malware Bytes on boot time, left Work or Viruses do automatically download from the Internet or have been polymorphically renamed to a newer one that escapes Malware Bytes badware database and heroistics
Such problematic PCs are usually unmaintained user PCs whose Anti-Virus procetion with Nod32 or Kaspersky licensing has long expired leaving the PC without any mean of protection / PCs with removed Firewall / AV Program (due to Virus or Malware Infection) or on Computers which were used actively to download Cracked Programs, Games – by small kids or PCs used for watching heavily Porn (by teenagers).

Here is a List of Top Iseful FreeWare anti-Malware softwares, you can use in combination with MalwareBytes to (Clean) / Fix a Windows PC that is in almost unsolvable state (and obviously needs re-install) but contains too much software either obsolete or hard (time wasting) to configure:

Below anti-malware goodies helps in “Resurrecting” even the worst infected PC, so I believe every Win Admin should know them well and in computer clubs and university Windows computer networks with Internet it is recommended to check computers at least once a year …

1. Remove Bootkits and Trojans with Kaspersky TDSSKiller

Bootkit is a rootkit which loads when Windows system boots.  To search and destroy bootkits – Download the latest official version of Kaspersky TDSSKiller.

remove-bootkits-and-trojans-with-kaspersky-tdsskiller-screenshot-anti-malware

KASPERSKY TDSSKILLER DOWNLOAD LINKRun Kaspersky (after changing parameters  – enable Detect TDLFS file system) and remove any found infections

2. Download and use latest official version of RKill to terminate any malicious processes running in background

rkill-terminate-any-malicious-spyware-malware-processes-running-in-background-rkill-logo

Please note that you will have to rename version of RKILL so that malicious software won’t block this utility from running. (link will automatically download RKILL renamed as iExplore.exe)
Double click on iExplore.exe to start RKill and stop any processes associated with Luhe.Sirefef.A.

rkill-terminate-trojan-spyware-processes-windows-xp-7-screenshot

RKill will now start working in the background, please be patient while the program looks for any malicious process and tries to end them.
When the Rkill utility has completed its task, it will generate a log.

Do not reboot your computer after running RKill as the malware programs will start again.

When the Rkill utility has completed its task, it will generate a log. Do not reboot computer after running RKill as the malware programs will start again.

3. Clean (any remaining) malware from your computer with HitmanPro

clean-remaining-malware-from-computer-with-hitmanpro-scanning-screenshot

HITMANPRO DOWNLOAD LINK is here

My Mirror of HitmanPro 3.7 (32 bit) Windows version is here
My Mirror of HitmanPro 3.7 (64 bit) Windows version is here

Because HitmanPro is unfortunately proprietary software, when you run a scan on the computer “Activate free license” button to begin the free 30 days trial, and remove all the malicious files found on your computer.

4. Remove Windows adware with AdwCleaner

The AdwCleaner utility will scan your computer and web browser for the malicious files, browser extensions and registry keys, that may have been installed on your computer without your knowledge.

adwcleaner-clean-remove-delete-adware-with-AdwCleaner-found-malware-screenshot

Here isAdwCleaner utility ADWCLEANER DOWNLOAD LINK 
My Download AdwCleaner 4.109 is here

Note that before starting AdwCleaner, close all open programs and internet browsers. After finishing scan AdwCleaner requires a reboot (always backup cause you never know what can happen).

5. Remove any malicious registry keys added by malware with RogueKiller

remove-any-malicious-registry-keys-added-by-malware-with-RogueKiller

RogueKiller is a utility that will scan for the unwanted registry keys and any other malicious files on your computer. It is pretty much like the free software Little Registry Cleaner but it is specialised in removing common malware left junk keys.

download the latest official version of RogueKiller from the below links.

ROGUEKILLER x86 DOWNLOAD LINK(For 32-bit machines)
ROGUEKILLER x64 DOWNLOAD LINK(For 64-bit machines)

Download Mirror link of Roguekiller X86 is here
Download Mirror link of Roguekiller X64 is here

Wait for the Prescan to complete.This should take only a few seconds,  then click on the “Scan” button to perform a system scan. After scan complete delete any found hax0r malicious registries

6. Purge any leftover infections on your computer with Emsisoft Anti-Malware

purge-any-left-over-infections-on-your-computer-with-EmsiSoft-anti-malware

Emsisoftscan (potentially) infected PC for Viruses, Trojans, Spyware, Adware, Worms, Dialers, Keyloggers and other badware.

DOWNLOAD EMSISOFT EMERGENCY KIT HERE  – The link will open in new window tab. Note that EmsiSoftEmergencyKit is huge 168 Mbs!

My mirror of EmsiSoft Emergency kit is here

It is recommended to do the SMART Scan as it is more complete, though if you're in a hurry Quick Scan might also find something ugly. Once Scan completes Quarantine any found infected items.

It is best if all of the 7 Win cleaners are run, e.g.:

(TDSSKiller, RKill, HitmanPro, AdwCleaner, RogueKiller, Little Registry Cleaner  and EmsiSoft) in a consequential order as they're shown in article). Finally a run of Malware Bytes just to make sure nothing has remained is a good idea too.

Hopefully now you should be malware free. If you know other useful Anti-Spyware tools that helped you in case of PC Malware Slowness problems (constant Hard Disk read writes), please drop a comment and I will include them in this list). 
Once badware is removed from your PC or laptop the CPU should no longer show constantly busy with some strange process in taskmgrand notebook should be much more responsive (and if you have power management enabled) it will consume less energy reducing your electricity bills🙂
 

Any feedback on experience with running above bunch of anti spy programs is also mostly welcome.