Jump to content

MalwareInfected

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Ok all steps completed no further issues to report. thank you so much for the help...outstanding results!
  2. Norton found some tracking cookies...nothing more. Here is the report Scan Information: Virus Defs Version: 2014.11.21.017 Virus Defs Seq ID: 159147 Scan Statistics: Scan Start: Local: 11/22/2014 11:10 AM UTC: 11/22/2014 4:10 PM Scan Time: 4,004 seconds Scan Targets: Entire computer Counts: Total items scanned: 1,874,433 - Files & Directories: 1,871,329 - Registry Entries: 559 - Processes & Start-up Items: 1,822 - Network & Browser Items: 716 - Other: 4 - Trusted Files: 15,512 - Skipped Files: 19,941 Total security risks detected: 11 Total items resolved: 11 Total items that require attention: 0 Resolved Threats: 11 Tracking Cookies Type: Anomaly Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy) Categories: Tracking Cookies Status: Fully Resolved ----------- 11 Tracking Cookies Cookie:juani@ru4.com/ - Deleted Cookie:juani@doubleclick.net/ - Deleted Cookie:juani@questionmarket.com/ - Deleted Cookie:juani@revsci.net/ - Deleted Cookie:juani@casalemedia.com/ - Deleted Cookie:juani@pixel.rubiconproject.com/ - Deleted Cookie:juani@atwola.com/ - Deleted Cookie:juani@ads.pointroll.com/ - Deleted Cookie:juani@advertising.com/ - Deleted Cookie:juani@rubiconproject.com/ - Deleted - Deleted Unresolved Threats: No unresolved risks
  3. PC is running much better and the Malicious Blocked Website alerts have stopped. Attached is the adwCleaner log however the ESET scan froze twice at 15% AdwCleanerS0.txt
  4. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/21/2014 Scan Time: 5:14:11 PM Logfile: Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.21.12 Rootkit Database: v2014.11.21.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Juani Scan Type: Threat Scan Result: Completed Objects Scanned: 358115 Time Elapsed: 18 min, 56 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 5 PUP.Optional.PrivacySafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [6b000f2f7c003cfaf66bce2c45bd629e], PUP.Optional.PrivacySafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [6b000f2f7c003cfaf66bce2c45bd629e], PUP.Optional.PrivacySafeGuard.A, HKU\S-1-5-21-687661360-2057582773-2491740261-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE}, Quarantined, [6b000f2f7c003cfaf66bce2c45bd629e], PUP.Optional.PrivacySafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1036AD63-AEAC-460B-9060-C96005D4DC86}, Quarantined, [48238eb04c30e84e5a0625d5b1510000], PUP.Optional.PrivacySafeGuard.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1, Quarantined, [591271cd601c3ef87e9dc5f284800df3], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 1 PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard, Quarantined, [591271cd601c3ef87e9dc5f284800df3], Files: 6 PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll, Quarantined, [6b000f2f7c003cfaf66bce2c45bd629e], PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard\unins000.exe, Quarantined, [591271cd601c3ef87e9dc5f284800df3], PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard\enablebho.exe, Quarantined, [591271cd601c3ef87e9dc5f284800df3], PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard\Install.Stats.Ping.exe, Quarantined, [591271cd601c3ef87e9dc5f284800df3], PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx, Quarantined, [591271cd601c3ef87e9dc5f284800df3], PUP.Optional.PrivacySafeGuard.A, C:\Program Files\PrivacySafeGuard\unins000.dat, Quarantined, [591271cd601c3ef87e9dc5f284800df3], Physical Sectors: 0 (No malicious items detected) (end)
  5. Attached is the FixLog. Also prior to your original response to me I ran MBAR and it found Powliks in registry. I did not try to fix, I just saved the log. Attaching it for your review. Fixlog.txt mbar-log-2014-11-20 (18-00-41).txt
  6. Hi Malwarebytes, Need help removing multiple infections. Malwarebytes continues displaying multiple Malicious Website Blocked messages even when a browser is not open. Here is an example: Domain: IP 88.214.193.211 Port: 55928 Type outbound Process: C:\windows\syswow64\dllhost.exe Security settings in IE continue to be changed after reboot which prevents me from downloading. I have to continually change the security settings in order to download. Trying to run FRST but Norton continues to reject and mark it as a threat.
  7. Hi Malwarebytes, Looking at my mothers laptop and noticed Malwarebytes keeps displaying multiple Malicious Website Blocked popup messages. Heres an example of one Domain: IP 88.214.193.211 Port: 55928 Type outbound Process: C:\windows\syswow64\logagent.exe Getting same message for the following and many others. C:\windows\syswow64\rundll32.exe C:\windows\syswow64\dllhost.exe C:\windows\syswow64\dplaysvr.exe In addition Norton has detected a virus along with several tracking cookies. Need assistance in cleaning this mess as well as advice on how to protect her pc from further infection as she is vulnerable due to her lack of pc knowledge.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.