Jump to content

CinderBH

Honorary Members
  • Content Count

    23
  • Joined

  • Last visited

Everything posted by CinderBH

  1. Can you confirm whether the attached file is a FP? Including the scan results. Thank you. https://www.virustotal.com/gui/file/cd9a33d6acd0a13a6d88eeb5d1d4d9e9b591639b9ef60456a8fe3f1d6f1a76c0/detection Results.7z
  2. I ran a full MBAM scan, but not counting what AdwCleaner found and quarantined it came out clean, and I don't use the affected browser. Are we sure this is it? My own log for good measure: # ------------------------------- # Malwarebytes AdwCleaner 8.0.3.0 # ------------------------------- # Build: 03-02-2020 # Database: 2020-03-09.2 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 03-09-2020 # Duration: 00:00:45 # OS: Windows 7 Home Premium # Cleaned:
  3. Did another AdwCleaner scan today, came out clean. I think that registry key has already been took out from the database, but anyone feel free to correct me on this.
  4. I actually got the same result. Based on personal experience, chances are it's a false positive.
  5. Yeah, fr33tux just removed it from the database. Phew, and it really looked like a legitimate infection too...
  6. Oh. So it could be a false positive after all?
  7. Am I infected? Please help. # AdwCleaner v6.044 - Creato file registro eventi 13/03/2017 in 22:00:54 # Aggiornato su 28/02/2017 da Malwarebytes # Database : 2017-03-13.1 [Server] # Sistema operativo : Windows 7 Home Premium Service Pack 1 (X86) # Utente : Gakutenou - FROSTIE # In esecuzione da : C:\Documents\Downloads\adwcleaner_6.044.exe # Modo: analisi # Supporto : https://www.malwarebytes.com/support ***** [ Servizi ] ***** Nessun servizio malevolo trovato. ***** [ Cartelle ] ***** Cartella trovata: C:\Users\Gakutenou\AppData\Local\Emi
  8. Wait, please. I can't do anything about the activation hack for now because I haven't been able to afford a copy of Photoshop CS4 for my university work yet, but could I redo the scans after getting rid of the torrents? It's probably a stupid question, but I don't know who else to turn to...
  9. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015 Ran by Gakutenou (administrator) on FROSTIE (02-11-2015 10:56:29) Running from C:\Documents\Downloads Loaded Profiles: Gakutenou (Available Profiles: Gakutenou) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Italiano (Italia) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If
  10. Sorry, I think NoScript messed with the formatting upon posting. Here goes. # AdwCleaner v5.016 - Creato file registro eventi 01/11/2015 in 23:50:53 # Aggiornato 01/11/2015 da Xplode # Database : 2015-11-01.2 [server] # Sistema operativo : Windows 7 Home Premium Service Pack 1 (x86) # Nome utente : Gakutenou - FROSTIE # In esecuzione da : C:\Documents\Downloads\adwcleaner_5.016.exe # Opzione : Analisi # Supporto : http://toolslib.net/forum ***** [ Servizi ] ***** ***** [ Cartelle ] ***** ***** [ File ] ***** ***** [ DLLs ] ***** ***** [ Collegamenti ] ***** ***** [ Attività pianif
  11. (Scan was performed after ADW, JRT and MBAM scans, rebooting after the first two - I'm aware of the Adobe entry in the hosts file, I haven't been able to remove it yet for personal reasons) Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-10-2015 Ran by Gakutenou (administrator) on FROSTIE (02-11-2015 10:56:29) Running from C:\Documents\Downloads Loaded Profiles: Gakutenou (Available Profiles: Gakutenou) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Italiano (Italia) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutori
  12. # AdwCleaner v5.016 - Creato file registro eventi 01/11/2015 in 23:50:53 # Aggiornato 01/11/2015 da Xplode # Database : 2015-11-01.2 [server] # Sistema operativo : Windows 7 Home Premium Service Pack 1 (x86) # Nome utente : Gakutenou - FROSTIE # In esecuzione da : C:\Documents\Downloads\adwcleaner_5.016.exe # Opzione : Analisi # Supporto : http://toolslib.net/forum ***** [ Servizi ] ***** ***** [ Cartelle ] ***** ***** [ File ] ***** ***** [ DLLs ] ***** ***** [ Collegamenti ] ***** ***** [ Attività pianificate ] ***** ***** [ Registry ] ***** Chiave Trovato : HKLM\SOFTWARE\Micr
  13. Thank you very much for your help. I'll run Delfix immediately. I already set Java to "approve only" and normally run AdBlock Plus and NoScript on Firefox.
  14. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-10-2015 01 Ran by Gakutenou (administrator) on FROSTIE (15-10-2015 19:05:53) Running from C:\Documents\Downloads Loaded Profiles: Gakutenou (Available Profiles: Gakutenou) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Italiano (Italia) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) =================
  15. Understood. The keys and folders have already been identified as false positives. All that is left to do perhaps is to check the FRST logs for any anomalies.
  16. Update: the registry keys possibly belong to the Combined Community Codec Pack. I've had issues with it today, and I realized the registry keys reappeared when I repaired CCCP. Could it possibly be a case of false positive?
  17. I ran a scan with the newest version of AdwCleaner, and the same registry keys have reappeared, but not the folders detected by JRT, with the exception of: ~~~ FireFox Emptied folder: C:\Users\Gakutenou\AppData\Roaming\mozilla\firefox\profiles\h8iwbwr6.default\minidumps [1 files] Can someone please help?
  18. Malwarebytes Anti-Malware www.malwarebytes.org Data scansione: 10/5/2015 Ora scansione: 09:43 File di log: MBAM-Log.txt Amministratore: Sì Versione: 2.1.8.1057 Database malware: v2015.10.05.02 Database rootkit: v2015.10.02.01 Licenza: Premium Protezione da malware: Attivata Protezione da siti web nocivi: Attivata Auto-protezione: Attivata SO: Windows 7 Service Pack 1 CPU: x86 File system: NTFS Utente: Gakutenou Tipo di scansione: Ricerca elementi nocivi Risultati: Completata Elementi analizzati: 394256 Tempo impiegato: 16 min, 51 sec Memoria: Attivata Esecuzioni automatiche: Attivata File
  19. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.4 (09.28.2015:1) OS: Windows 7 Home Premium x86 Ran by Gakutenou on Mon 10/05/2015 at 4:47:26.22 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{3187EF8F-8407-404D-ADF9-E5B18BD716CA} Successfully deleted: [Empty Folder] C:\Users\Gakutenou\Appdata\Local\{50CBDA0E-8504-45F8-993C-DB8D7E44C7B7}
  20. # AdwCleaner v5.010 - Creato file registro eventi 05/10/2015 in 04:00:26 # Aggiornato 04/10/2015 da Xplode # Database : 2015-10-04.3 [server] # Sistema operativo : Windows 7 Home Premium Service Pack 1 (x86) # Nome utente : Gakutenou - FROSTIE # In esecuzione da : C:\Documents\Downloads\adwcleaner_5.010.exe # Opzione : Analisi # Supporto : http://toolslib.net/forum ***** [ Servizi ] ***** ***** [ Cartelle ] ***** ***** [ File ] ***** ***** [ DLLs ] ***** ***** [ Collegamenti ] ***** ***** [ Attività pianificate ] ***** ***** [ Registry ] ***** Chiave Trovato : HKLM\SOFTWARE\Class
  21. Users shortcut scan result (x86) Version:04-10-2015 Ran by Gakutenou (2015-10-05 09:30:32) Running from C:\Documents\Downloads Boot Mode: Normal ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Livestream Procaster.lnk -> C:\Program Files\Livestream Procaster\Procaster.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files\WinZip\WINZIP32.EXE (WinZip Computing, S.L.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Progr
  22. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-10-2015 Ran by Gakutenou (administrator) on FROSTIE (05-10-2015 09:29:28) Running from C:\Documents\Downloads Loaded Profiles: Gakutenou (Available Profiles: Gakutenou) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Italiano (Italia) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.