Jump to content

Tagara

Members
  • Content Count

    81
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Tagara

  • Rank
    Regular Member
  1. Okay, I have now removed all of the tools. Thanks.
  2. Yes, I know that the files Eset found are PUPs. I am not the one that are using this computer. The one using it does not really know about viruses and malware in general, so he has gotten these PUPs because he has not unchecked offered programs in the installers he has ran. So I don't want them to be there either. I am currently at school, so I will do the last step as soon as I get home today.
  3. Looks good so far! Log below as you see. Just a question: Did we remove everything that Eset found after the scans we have done? I know InstallCore.D, which was in the temp folder is gone, but I do not know where the rest was located. Results of screen317's Security Check version 0.99.87 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 67 Java 7 Update 55
  4. Good thing I have Malwarebytes Pro then! The Battle.net launcher uses P2P to download files faster in some cases. I have now turned it off, and it is never coming back! I guess you can go ahead and close this now.
  5. After a search I figured out that the Battle.net launcher is using P2P. So it is getting files both from other users and Blizzard themselves. This boosts download speeds. If you go to the options you are able to turn this off. I am going to leave it off from now on. This is probably what has caused the detection.
  6. I am sorry if I post this in the wrong section. If so, please tell me and move it. Malwarebytes started to block this IP all of a sudden. I have Blizzard's Battle.net launcher, and it is currently updating World of Warcraft. I've never reported a false positive before, so sorry if I do something wrong. The agent will be attached below. However, I am not sure if it will run without the other files. If you need more files please tell me. I don't really use WinRar that often. I was not sure how to zip a file. I hope it doesn't do anything. Update, 30.08.2014 20:03:42, SYSTEM, MAGNUS-PC, Schedul
  7. Sorry for the late reply, was a little busy. I deactivated avast! during the scan, of course. ComboFix 14-08-29.03 - Peter 30.08.2014 1:06.1.4 - x64Microsoft Windows 8 6.2.9200.0.1252.47.1044.18.8047.6967 [GMT 2:00]Kjører fra: c:\verkt°y\combofix\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Opprettet nytt gjenop
  8. Sorry, Java was not updated. I updated it and ran JavaRa and SecurityCheck. Javva is not updated. FRST and Addition attached. FRST.txt Addition.txt
  9. After running TFC it seems that InstallCore.D is gone from the temp folder, at least it is not there after I rebooted. I do not know about the other stuff that Eset found earlier. JavaRA log: JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Aug 26 14:51:59 2014 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCB
  10. MBAM log below. Still clean as before, but I will give you the log this time just in case there is something in it that you want to see that I do not know of. Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 25.08.2014Scan Time: 16:05:14Logfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.08.25.03Rootkit Database: v2014.08.21.01License: TrialMalware Protection: EnabledMalicious Website Protection: EnabledSelf-protection: Disabled OS: Windows 8CPU: x64File System: NTFSUser: Peter Scan Type: Threat ScanResult: CompletedObjects Scanned: 300452Time Elapsed: 7 min, 3 se
  11. When I do a system restore I get the same problem. What I do to fix that is to re-download Malwarebytes and install it on the same place as I did the first time, this way it should 'fix' itself. It has worked for me several times. (Keep in mind that I am just a regular user, and not someone certified to help you on this.)
  12. The InstallCore.D file found by Eset is in the temp folder. I would like to to point out that I manually deleted everything in the temp folder the day before. Please tell me that this can be fixed.
  13. Whoops, never uploaded files here yet. Addition- and FRST.txt is on the top. Sorry for posting Addition.txt twice, I was not sure if it worked at first. Again, remove everything that is found
  14. MBAM came back clean. I see Eset found something, remove it all please.Addition.txtAddition.txtFRST.txt JRT only found this: Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic AdwCleaner: # AdwCleaner v3.308 - Report created 23/08/2014 at 17:47:42# Updated 20/08/2014 by Xplode# Operating System : Windows 8 (64 bits)# Username : Peter - LIAVAAG# Running from : C:\Verktøy\adwcleaner\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : C:\windows\SysWOW64\RegistryHelperLM.ocx ***** [ Scheduled Tasks ] ***** Task Delet
  15. Ran rkill. The command window did not close by itself, unsure if it is supposed to. The only thing it reported what that Windows Defendre was disabled. avast! is installed on the computer, so I think that is the reason. When I was going to install mbam I for some reason had a problem. It seemed to completely crash at around 70 - 80%. But still it seemed like it was installed, unsure if it was just an error with the current version or not. I checked taskmanager, found a file with a really long name that I think belong to Google Chrome, it was in the temp folder. I cleared that folder. I got a V
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.