Xyes
Members-
Posts
7 -
Joined
-
Last visited
Reputation
0 Neutral-
MBytes blocks malicious page, but file is blank
Xyes replied to Xyes's topic in Resolved Malware Removal Logs
I'll reinstall Windows. Thanks again for your help. -
MBytes blocks malicious page, but file is blank
Xyes replied to Xyes's topic in Resolved Malware Removal Logs
Hello again. It would seem that the issue is still here. As usual, I got a green popup from malwarebytes saying it blocked a malicious website. The log file still shows nothing under the file entry. Considering nothing has worked up until now, I think it would just be simpler to reformat. I appreciate the help you've given me. -
MBytes blocks malicious page, but file is blank
Xyes replied to Xyes's topic in Resolved Malware Removal Logs
JRT Log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.3 (04.10.2017) Operating System: Windows 10 Home x64 Ran by Lloyd (Administrator) on Fri 06/02/2017 at 2:29:24.93 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Fri 06/02/2017 at 2:30:37.92 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner Log # AdwCleaner v6.047 - Logfile created 02/06/2017 at 02:40:34 # Updated on 19/05/2017 by Malwarebytes # Database : 2017-05-31.2 [Server] # Operating System : Windows 10 Home (X64) # Username : Lloyd - DESKTOP-IF0GQE1 # Running from : C:\Users\Lloyd\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [-] [C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [873 Bytes] - [02/06/2017 02:40:34] C:\AdwCleaner\AdwCleaner[S0].txt - [1461 Bytes] - [02/06/2017 02:38:55] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1018 Bytes] ########## Sophos Log 2017-06-02 06:45:51.085 Sophos Virus Removal Tool version 2.6.0 2017-06-02 06:45:51.085 Copyright (c) 2009-2017 Sophos Limited. All rights reserved. 2017-06-02 06:45:51.086 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them. 2017-06-02 06:45:51.086 Windows version 6.2 SP 0.0 build 9200 SM=0x300 PT=0x1 WOW64 2017-06-02 06:45:51.086 Checking for updates... 2017-06-02 06:45:51.117 Update progress: proxy server not available 2017-06-02 06:45:59.295 Option all = no 2017-06-02 06:45:59.295 Option recurse = yes 2017-06-02 06:45:59.295 Option archive = no 2017-06-02 06:45:59.295 Option service = yes 2017-06-02 06:45:59.295 Option confirm = yes 2017-06-02 06:45:59.295 Option sxl = yes 2017-06-02 06:45:59.296 Option max-data-age = 35 2017-06-02 06:45:59.296 Option vdl-logging = yes 2017-06-02 06:45:59.304 Customer ID: 094260ca9b3af99f9d4a3909fc47a743 2017-06-02 06:45:59.304 Machine ID: f83a1c2927c54fb4aa2b373766cbda89 2017-06-02 06:45:59.304 Component SVRTcli.exe version 2.6.0 2017-06-02 06:45:59.305 Component control.dll version 2.6.0 2017-06-02 06:45:59.305 Component SVRTservice.exe version 2.6.0 2017-06-02 06:45:59.305 Component engine\osdp.dll version 1.44.1.2285 2017-06-02 06:45:59.305 Component engine\veex.dll version 3.68.5.2285 2017-06-02 06:45:59.305 Component engine\savi.dll version 9.0.7.2285 2017-06-02 06:45:59.306 Component rkdisk.dll version 1.5.31.1 2017-06-02 06:45:59.306 Version info: Product version 2.6.0 2017-06-02 06:45:59.306 Version info: Detection engine 3.68.5 2017-06-02 06:45:59.306 Version info: Detection data 5.39 2017-06-02 06:45:59.306 Version info: Build date 5/2/2017 2017-06-02 06:45:59.306 Version info: Data files added 282 2017-06-02 06:45:59.306 Version info: Last successful update (not yet updated) 2017-06-02 06:46:03.682 Downloading updates... 2017-06-02 06:46:03.684 Update progress: [I96736] sdds.svrt_10: adding primary package C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED baseVersion=1 2017-06-02 06:46:03.684 Update progress: [I95020] sdds.svrt_10: looking for packages included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2017-06-02 06:46:03.684 Update progress: [I22529] sdds.svrt_10: looking for supplements included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2017-06-02 06:46:03.684 Update progress: [I49502] sdds.savi0910.xml: found supplement SAVIW32 LATEST path= baseVersion= [included from product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path=] 2017-06-02 06:46:03.684 Update progress: [I95020] sdds.savi0910.xml: looking for packages included from product SAVIW32 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I22529] sdds.savi0910.xml: looking for supplements included from product SAVIW32 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I49502] sdds.data0910.xml: found supplement IDE540 LATEST path= baseVersion= [included from product SAVIW32 LATEST path=] 2017-06-02 06:46:03.684 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE540 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE540 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I49502] sdds.data0910.xml: found supplement IDE541 LATEST path= baseVersion= [included from product IDE540 LATEST path=] 2017-06-02 06:46:03.684 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE541 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE541 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I49502] sdds.data0910.xml: found supplement IDE542 LATEST path= baseVersion= [included from product IDE541 LATEST path=] 2017-06-02 06:46:03.684 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE542 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE542 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I49502] sdds.data0910.xml: found supplement IDE543 LATEST path= baseVersion= [included from product IDE542 LATEST path=] 2017-06-02 06:46:03.684 Update progress: [I95020] sdds.data0910.xml: looking for packages included from product IDE543 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I22529] sdds.data0910.xml: looking for supplements included from product IDE543 LATEST path= 2017-06-02 06:46:03.684 Update progress: [I19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 RECOMMENDED path= 2017-06-02 06:46:03.857 Update progress: [I19463] Syncing product SAVIW32 LATEST path= 2017-06-02 06:46:03.857 Update progress: [I19463] Product download size 165113825 bytes 2017-06-02 06:46:06.805 Update progress: [I19463] Syncing product IDE540 LATEST path= 2017-06-02 06:46:06.806 Update progress: [I19463] Product download size 1784068 bytes 2017-06-02 06:46:07.582 Update progress: [I19463] Syncing product IDE541 LATEST path= 2017-06-02 06:46:07.582 Update progress: [I19463] Product download size 2265483 bytes 2017-06-02 06:46:08.310 Update progress: [I19463] Syncing product IDE542 LATEST path= 2017-06-02 06:46:08.310 Update progress: [I19463] Product download size 206789 bytes 2017-06-02 06:46:08.419 Update progress: [I19463] Syncing product IDE543 LATEST path= 2017-06-02 06:46:08.454 Installing updates... 2017-06-02 06:46:09.056 Error level 1 2017-06-02 06:46:13.264 Update successful 2017-06-02 06:46:21.286 Option all = no 2017-06-02 06:46:21.286 Option recurse = yes 2017-06-02 06:46:21.286 Option archive = no 2017-06-02 06:46:21.286 Option service = yes 2017-06-02 06:46:21.286 Option confirm = yes 2017-06-02 06:46:21.286 Option sxl = yes 2017-06-02 06:46:21.287 Option max-data-age = 35 2017-06-02 06:46:21.287 Option vdl-logging = yes 2017-06-02 06:46:21.296 Customer ID: 094260ca9b3af99f9d4a3909fc47a743 2017-06-02 06:46:21.296 Machine ID: f83a1c2927c54fb4aa2b373766cbda89 2017-06-02 06:46:21.297 Component SVRTcli.exe version 2.6.0 2017-06-02 06:46:21.298 Component control.dll version 2.6.0 2017-06-02 06:46:21.298 Component SVRTservice.exe version 2.6.0 2017-06-02 06:46:21.298 Component engine\osdp.dll version 1.44.1.2285 2017-06-02 06:46:21.298 Component engine\veex.dll version 3.68.5.2285 2017-06-02 06:46:21.299 Component engine\savi.dll version 9.0.7.2285 2017-06-02 06:46:21.299 Component rkdisk.dll version 1.5.31.1 2017-06-02 06:46:21.299 Version info: Product version 2.6.0 2017-06-02 06:46:21.299 Version info: Detection engine 3.68.5 2017-06-02 06:46:21.299 Version info: Detection data 5.39 2017-06-02 06:46:21.299 Version info: Build date 5/2/2017 2017-06-02 06:46:21.299 Version info: Data files added 283 2017-06-02 06:46:21.299 Version info: Last successful update 6/2/2017 2:46:13 AM 2017-06-02 08:20:36.040 Could not open C:\hiberfil.sys 2017-06-02 08:20:48.564 Could not open C:\pagefile.sys 2017-06-02 08:26:00.264 Could not open C:\swapfile.sys 2017-06-02 08:26:00.354 Could not open C:\System Volume Information\{1e7d86b2-3f43-11e7-9607-6245b4e73f7c}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.354 Could not open C:\System Volume Information\{20caa699-3c1c-11e7-9602-6245b4e73f7c}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.354 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.355 Could not open C:\System Volume Information\{55317bd9-475b-11e7-9617-d43d7eba9110}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.355 Could not open C:\System Volume Information\{5531805e-475b-11e7-9617-d43d7eba9110}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.355 Could not open C:\System Volume Information\{73a91c88-39c2-11e7-95fd-6245b4e73f7c}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.356 Could not open C:\System Volume Information\{afacac82-44bb-11e7-9610-6245b4e73f7c}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:00.356 Could not open C:\System Volume Information\{c9e296ab-3a8c-11e7-95ff-6245b4e73f7c}{3808876b-c176-4e48-b7ae-04046e6cc752} 2017-06-02 08:26:09.118 Could not open C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Current Session 2017-06-02 08:26:09.118 Could not open C:\Users\Lloyd\AppData\Local\Google\Chrome\User Data\Default\Current Tabs 2017-06-02 08:32:28.009 >>> Virus 'Mal/Generic-S' found in file C:\Users\Lloyd\Documents\Xyes\Visual Novel Reader\Library\Frameworks\Sakura\bin\browser.exe 2017-06-02 08:32:28.010 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 08:32:28.010 >>> Virus 'Mal/Generic-S' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 08:32:28.010 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 08:32:28.010 >>> Virus 'Mal/Generic-S' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 08:33:52.872 Could not open C:\Windows\System32\config\BBI 2017-06-02 08:33:52.880 Could not open C:\Windows\System32\config\DRIVERS 2017-06-02 08:33:52.887 Could not open C:\Windows\System32\config\RegBack\DEFAULT 2017-06-02 08:33:52.888 Could not open C:\Windows\System32\config\RegBack\SAM 2017-06-02 08:33:52.888 Could not open C:\Windows\System32\config\RegBack\SECURITY 2017-06-02 08:33:52.889 Could not open C:\Windows\System32\config\RegBack\SOFTWARE 2017-06-02 08:33:52.890 Could not open C:\Windows\System32\config\RegBack\SYSTEM 2017-06-02 08:39:26.969 >>> Virus 'Mal/MSIL-LL' found in file D:\KISS\CM3D2\ModEditor\CM3D2ModTool.exe 2017-06-02 08:39:26.969 >>> Virus 'Mal/MSIL-LL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 08:39:26.969 >>> Virus 'Mal/MSIL-LL' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 08:39:26.969 >>> Virus 'Mal/MSIL-LL' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 08:39:26.969 >>> Virus 'Mal/MSIL-LL' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 08:44:14.747 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\Bink\UWP64\bink2winrt_x64.uni10.dll 2017-06-02 08:44:14.750 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\Ogg\UWP64\VS2015\libogg_64.dll 2017-06-02 08:44:14.755 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\APEX-1.3\UWP64\VS2015\ApexFramework_x64.dll 2017-06-02 08:44:14.756 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\APEX-1.3\UWP64\VS2015\APEX_Clothing_x64.dll 2017-06-02 08:44:14.756 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\APEX-1.3\UWP64\VS2015\APEX_Destructible_x64.dll 2017-06-02 08:44:14.757 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\APEX-1.3\UWP64\VS2015\APEX_Legacy_x64.dll 2017-06-02 08:44:14.758 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\APEX-1.3\UWP64\VS2015\APEX_Loader_x64.dll 2017-06-02 08:44:14.762 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\PhysX-3.3\UWP64\VS2015\PhysX3CharacterKinematic_x64.dll 2017-06-02 08:44:14.762 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\PhysX-3.3\UWP64\VS2015\PhysX3Common_x64.dll 2017-06-02 08:44:14.763 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\PhysX-3.3\UWP64\VS2015\PhysX3Cooking_x64.dll 2017-06-02 08:44:14.763 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\PhysX\PhysX-3.3\UWP64\VS2015\PhysX3_x64.dll 2017-06-02 08:44:14.766 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\Vorbis\UWP64\VS2015\libvorbisfile_64.dll 2017-06-02 08:44:14.767 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Binaries\ThirdParty\Vorbis\UWP64\VS2015\libvorbis_64.dll 2017-06-02 08:44:14.772 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Content\Stats\FPSChart_Postamble.html 2017-06-02 08:44:14.773 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Content\Stats\FPSChart_Preamble.html 2017-06-02 08:44:14.773 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\Engine\Content\Stats\FPSChart_Row.html 2017-06-02 08:44:14.777 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\GearGame\Binaries\UWP64\commonEventLoggingLibrary_Release.dll 2017-06-02 08:44:14.777 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\GearGame\Binaries\UWP64\GearGame.exe 2017-06-02 08:44:14.778 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\GearGame\Binaries\UWP64\Microsoft.Xbox.ChatAudio.dll 2017-06-02 08:44:14.779 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\GearGame\Binaries\UWP64\Microsoft.Xbox.GameChat.dll 2017-06-02 08:44:14.879 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\UWPEngine.ini 2017-06-02 08:44:14.880 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\UWPGame.ini 2017-06-02 08:44:14.881 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\UWPInput.ini 2017-06-02 08:44:14.881 Could not open D:\WindowsApps\Microsoft.SpartaUWP_9.9.0.2_x64__8wekyb3d8bbwe\UWPScalability.ini 2017-06-02 08:55:50.183 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 08:55:50.183 >>> Virus 'Mal/VMProtBad-A' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 08:55:50.183 >>> Virus 'Mal/VMProtBad-A' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 08:55:50.183 >>> Virus 'Mal/VMProtBad-A' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 09:16:59.475 >>> Virus 'Troj/Agent-AEEN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 09:16:59.475 >>> Virus 'Troj/Agent-AEEN' found in file HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin 2017-06-02 09:16:59.475 >>> Virus 'Troj/Agent-AEEN' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 09:16:59.475 >>> Virus 'Troj/Agent-AEEN' found in file HKU\S-1-5-21-170916421-1993251242-1440443298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1208 2017-06-02 09:39:34.581 Could not open LOGICAL:0013:00000000 2017-06-02 09:39:34.586 Could not open T:\ 2017-06-02 09:39:38.631 Could not open PHYSICAL:0085:0000:0000:0001 2017-06-02 09:39:38.633 The following items will be cleaned up: 2017-06-02 09:39:38.633 Mal/Generic-S 2017-06-02 09:39:38.633 Mal/MSIL-LL 2017-06-02 09:39:38.633 Mal/VMProtBad-A 2017-06-02 09:39:38.633 Troj/Agent-AEEN 2017-06-02 09:44:51.682 Threat 'Mal/Generic-S' has been cleaned up. 2017-06-02 09:44:51.683 File "C:\Users\Lloyd\Documents\Xyes\Visual Novel Reader\Library\Frameworks\Sakura\bin\browser.exe" belongs to malware 'Mal/Generic-S'. 2017-06-02 09:44:51.683 File "C:\Users\Lloyd\Documents\Xyes\Visual Novel Reader\Library\Frameworks\Sakura\bin\browser.exe" has been cleaned up. 2017-06-02 09:44:51.683 Removal successful 2017-06-02 09:44:56.527 Threat 'Mal/MSIL-LL' has been cleaned up. 2017-06-02 09:44:56.527 File "D:\KISS\CM3D2\ModEditor\CM3D2ModTool.exe" belongs to malware 'Mal/MSIL-LL'. 2017-06-02 09:44:56.527 File "D:\KISS\CM3D2\ModEditor\CM3D2ModTool.exe" has been cleaned up. 2017-06-02 09:44:56.527 Removal successful 2017-06-02 09:45:06.474 Error level 0 Here are all the logs. Hopefully I didn't miss anything. Now to wait and see if those daily pop ups are gone. Addition.txt FRST.txt -
MBytes blocks malicious page, but file is blank
Xyes replied to Xyes's topic in Resolved Malware Removal Logs
Hi Velvet, I had utorrent (Version 2.2.1), the same adobe apps, f.lux, chrome, google drive, java (I think), k-lite, LAME, msi afterburner, nvidia stuff, QuickTime, and Samsung Magician. A lot of the same stuff. Among that list the only thing I can think of that's recent is LAME and nvidia driver updates. -
MBytes blocks malicious page, but file is blank
Xyes posted a topic in Resolved Malware Removal Logs
A few times a day everyday malwarebytes has been blocking an outgoing connection to "osshuadong0.oss-cn-shanghai.aliyuncs.com." When I try to investigate it, I find nothing in the "File" field of the malwarebytes report. It started around May 13, 2017 but the only thing I can remember installing around that time is an Nvidia driver. I use Windows Defender in combination with Malwarebytes but both of them find nothing with their scans. The other day I downloaded Spybot Search and Destroy, but that too is not finding whatever is causing this. Addition.txt FRST.txt -
Okay so I am not sure if I did this right but here are the files. Ave.txt ave2.txt D3DX8ab.zip
-
Kind of late to the party but I also wanted to chime in. I've gotten this to show up a few times over the last month but not thinking much of it and just hitting Quarantine. Yesterday I bought a new SSD and installed a fresh copy of Windows 7 on it. It's been only a day and a few program installs but I have this again. It makes sense if it is Avermedia software as I have installed their software. I have also needed to re-install that software a few times because the it just wouldn't work. Now that I know of this, I want to say that the times it wouldn't work are when I quarantined the file. If you want to do more in-depth testing, I use software from this page: http://gamerzone.avermedia.com//game_capture/extremecap_u3 It is the first download link [Application and Driver (Windows)] I am going to pop them an email to see what they can say about it. I created an account just to post this so I apologize if I did something wrong.