CCWTech
Techbench-
Posts
23 -
Joined
-
Last visited
Reputation
0 NeutralRecent Profile Visitors
1,100 profile views
-
https://www.lafayettevets.com/ Is being blocked as suspicious. This is a veterinary website.
-
Website false positive. I can't submit logs as I am on Linux and just using the Chrome ext. We strongly recommend you do not visit this site. Website blocked: http://inlighten.info/
-
Yes, at this point if it's really something he needs (Firefox) I'll nuke & pave. Thank you Ron. Your help is very appreciated.
-
Sounds good. I'll just have him use Chrome instead. Thanks for your help. I appreciate it very much. If needed you can close this thread.
-
I don't think it ever was gone. It's very intermittent. I have looked at the browsing history of the user and there is nothing remarkable as far as going to a site that is potentially impacted. We also use a content filtering system to help prevent viruses. Since it's so intermittent, I have difficulty reproducing it. I can spend an hour on the computer and have no issues so unless I can log a couple of days with process-explorer / procmon. Is there a logging feature or is it just real time?
-
Bad news... it's back.
-
Done, I'll report back.
-
Still getting the pop up.
-
So far no. I'll keep an eye on it as it's been sporadic.
-
Fix log attached Fixlog.txt
-
Ron, still getting that pop up in Firefox.
-
Sorry, yes I am aware of the remote software. Yes it is a business computer. I am an IT tech, a Malwarebytes re-seller, and almost always able to remove on my own, but struggling with getting this one.
-
Here is the ADWCleaner log. I'll run TFC now and report back on the issue: # AdwCleaner 7.0.1.0 - Logfile created on Wed Aug 16 12:29:53 2017 # Updated on 2017/05/08 by Malwarebytes # Running on Windows 7 Professional (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[C0].txt - [1168 B] - [2017/7/27 19:11:43] C:/AdwCleaner/AdwCleaner[C1].txt - [1518 B] - [2017/8/14 22:57:8] C:/AdwCleaner/AdwCleaner[S0].txt - [1137 B] - [2017/7/27 19:10:27] C:/AdwCleaner/AdwCleaner[S1].txt - [1385 B] - [2017/8/14 22:56:18] C:/AdwCleaner/AdwCleaner[S2].txt - [1223 B] - [2017/8/16 12:27:10] C:/AdwCleaner/AdwCleaner[S3].txt - [1291 B] - [2017/8/16 12:28:55] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
-
I keep getting Firefox Pop UP for .js file I have run ADWCleaner, JRT, Malwarebytes, Webroot, and many other scanners and I can't get rid of it. I have reset Firefox as well. Addition.txt FRST.txt mab.txt