Aura

Trusted Advisors
  • Content count

    3,908
  • Joined

  • Last visited

  • Days Won

    14

About Aura

  • Rank
    Special Ops
  • Birthday 02/14/1994

Profile Information

  • Location
    Qu├ębec, Canada
  • Interests
    Technical Support, Malware Removal & Analysis, Information Security, Gaming.

Recent Profile Visitors

8,178 profile views
  1. Most likely a typo.
  2. Noticed that yesterday, but I thought it was a cache issue on my end so didn't bother reporting it before actually trying to fix it. Nice to see it back.
  3. I can't use the logs if they are word wrapped. By default, when you run FRST in Scan Mode, the FRST.txt and Addition.txt files will be created in the same folder where FRST.exe is run from. In your case, it should be the Desktop. So they are there, I can guarantee you it. Why do you have to email yourself the logs? Also, if it's easier, simply copy/paste the logs here from the computer directly after running FRST.
  4. When you open the logs, are the lines wrapped? Like this: Administrator (S-1-5-21-569404164-3270716429-1740154810-500 - Administrator - Disabled) Guest (S-1-5-21-569404164-3270716429-1740154810-501 - Limited - Disabled) Kip (S-1-5-21-569404164-3270716429-1740154810-1001 - Administrator - Enabled) => C:\Users\Kip USE (S-1-5-21-569404164-3270716429-1740154810-1000 - Limited - Enabled) => C:\Users\USE It should be like this (not wrapped): Administrator (S-1-5-21-569404164-3270716429-1740154810-500 - Administrator - Disabled) Guest (S-1-5-21-569404164-3270716429-1740154810-501 - Limited - Disabled) Kip (S-1-5-21-569404164-3270716429-1740154810-1001 - Administrator -Enabled) => C:\Users\Kip USE (S-1-5-21-569404164-3270716429-1740154810-1000 - Limited - Enabled) => C:\Users\USE
  5. Glad to hear that it suits your needs tippicat No problem, you're welcome!
  6. Open Notepad, click on the "Format" menu, and make sure that "Word Warp" isn't checked.
  7. Please re-run FRST as Admin (right-click on FRST.exe, and select Run as Administrator), then provide me the new logs.
  8. Most of these entries are related to Iolo System Mechanic, which Malwarebytes flags as a PUP. Follow the instructions in the thread below and provide me the FRST.txt and Addition.txt logs. https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/
  9. Hi JulieAnn9 Are you able to copy/paste the Malwarebytes scan log here, so I can take a look at it (and see what was detected exactly)?
  10. It's a bit hard to block these pages because most of them are generated dynamically on the spot via the ad network. It has now become a "standard practice" to have ads that redirects a user somewhere else, and it's a really bad practice.
  11. These aren't really "malware" per say, but more of a consequence of malvertising. Malvertising has been on the rise in the last few years, and one thing it does is force redirect you to fishy websites/webpages, like the one asking you to update your Mozilla Firefox. There are pages for Google Chrome, Flash, etc. as well. Using an Adblocker (like the ones I listed above) prevents this from occuring. So install one (I suggest uBlock Origin) and see if you still get these redirections.
  12. Hi tippicat Do you use an adblocker by any chance (such as uBlock Origin, Adblock Plus, AdGuard, etc.)?
  13. I'll be waiting. For now, it might be a good idea to ask your son not to use the computer until it is fully cleaned, as more malware might find their way in if he keeps on using it before we remove the infection.
  14. Hi Ralee, Are you still with me?