Jump to content

djohnson

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

401 profile views
  1. OK, I figured out what I did wrong with the μTorrent removal. The attached FRST.txt and Addition.txt indicate that it's been removed from the system. Thanks for any ideas! FRST.txt Addition.txt
  2. This morning my wife told me that when she clicked on the Chrome icon on our home computer, it notified here that chrome.exe was missing. I did an MBAM scan, and it found some stuff and apparently removed it... or something (see "2016-05-03 scan results.txt" and "2016-05-03 protection log.txt"). I went into System Restore looking for restore points hoping for an easy fix. It said that System Restore was unavailable and no restores were listed. Then tonight Windows Update prompted me to install this apparently bogus update: Definition Update for Microsoft Office 2010 (KB3115129) 32-Bit Edition. The support page at the MS site gives a 404: http://support.microsoft.com/kb/3115129 I'm suspicious about the update, so I hid that update to prevent it from installing. It looks like I'm not the only one today who wonders if this is legit: http://www.dslreports.com/forum/r30738305-WIN7-KB-3115129-Published-today-5-3-2016-Important I ran the FarBar scan and have attached the results as well. I realize Addition.txt mentions that I have μTorrent installed... I just uninstalled it using Windows Add/Remove Programs to meet with the piracy policy for this forum. Please let me know if I need to prove that I've uninstalled it more thoroughly... I ran the FRST scan after uninstalling but with a reboot in between, so I'm not sure why it's still in the list. I'd be happy to do whatever is necessary in that regard... haven't used μTorrent in years. 2016-05-03 scan results.txt 2016-05-03 protection log.txt weird update.txt FRST.txt Addition.txt
  3. OK, so when I would stop and clear, my MBAM scan would come out clean. Then when I signed into Chrome later, it would bring back the malware. Since those MBAM scans I shared earlier both found it in the Default profile (C:\Users\djohnson\AppData\Local\Google\Chrome\User Data\Default\Preferences) I'm assuming that it's getting synced back when I sign in. Would a logical next step be to sign out of Chrome and then delete the Chrome\User Data\ folder as suggested over here https://productforums.google.com/forum/#!topic/chrome/GTWhGf2hfyw... or is there a better way?
  4. After a reboot and a second scan, it found it again. I've attached a log of the second scan as well. Seems to be finding it in the same place. mbam-log2015-04-01 b.txt
  5. Sorry, I messed up with exporting that MBAM log. Here's a copy that includes the actual scan results. mbam-log2015-04-01.txt
  6. The scan just completed. It still found an infection. I can quarantined and can try another scan after a reboot. I've attached the MBAM log. mbam-log2015-04-01.txt
  7. Thank you I ran the fix (log attached). I'm currently running a scan with MalwareBytes again, which I assume will come up clean. I'll post again if it does not. Fixlog.txt
  8. I've completed the Zoek scan. The log file is attached. Thank you. zoek-results.txt
  9. I have recurring detections of Trovi.A when scanning with Malwarebytes. The symptoms appear similar to this post in the forum: https://forums.malwarebytes.org/index.php?/topic/166854-pupoptionaltrovia-keeps-reappearing-after-each-quarantine/ This past weekend, I thought I had cleaned it out by using, in this order, adwcleaner, JRT, MalwareBytes, and HitmanPro as instructed in this post here: http://malwaretips.com/blogs/pup-optional-trovi-a-virus/ Today I became suspicious again and did another MWB scan. It detected Trovi.A again, which I again quarantined. I've done a FRST scan. Logs attached. Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.