Jump to content

waltervan00

Members
  • Posts

    12
  • Joined

  • Last visited

Posts posted by waltervan00

  1. To the ever supportive Malwarebytes anti-malware technical crew,

    This post was created to suggest a future implementation for the product of Malwarebytes anti-malware. It concerns about the limited features that the free product delivers to its users. I would like to bring up an idea which would be of convenience for a more niche demographic; that is, the ever-growing population of consumers who are regularly engaged in multiplayer entertainment applications requiring connections by unconventional ports and protocols.

    One of the major worries about the digital user revolves around having their protection application software(s) inhibiting the installation, or execution, of certain programs. Such applications including antivirus and anti-malware services are often advised to be uninstalled once a cumbersome issue relating to it and the user's applications has been discovered, but irritatingly left unresolved: therefore, much protection software are graded by the people for delicate balance in protection and user compatibility. This concept of judgement is furthermore encouraged by the large growing forum-like social media sites as users are now evermore in contact with millions of similar users.

    A common solution that such protection services have, to allow users to seamlessly install other programs and open various network related needs, is a 'temporary disable' option. That is, a temporary shutdown of the software's passive protection functions, which may last from ten minutes to the next time the machine is booted up or when the disabling feature is reverted. I feel that this would certainly appeal to the newer generation of digital consumers who will be, in some way, be regularly using a plethora of internet connection types. I do acknowledge the fact that the paid, complete version of this software boasts a feature to disable Malwarebytes opening upon the booting of windows, however, I find that somewhat inconvenient that it would require some form of purchase for this feature; therefore, I would like to request making that a free feature for the free version of the product, as well as an implementation of the option stated beforehand. I would really appreciate that.

    This may raise an issue regarding the safety of the users, as their protection may be placed into jeopardy should the protection be accidentally toggled off, but this uncertainty would simply be rectified by the need to bring up a brief prompt and confirmation dialogue directed to the user.

    Thank you for taking you time reading this thread-header of suggestion. Please take your time to consider the aforementioned points. I am really hopeful of this product and I wish to see it grow, strongly believing that this minute little function is one feature lacking from the product which the users would love to see added.

    Cheers.

  2. Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 21-Jun-16
    Scan Time: 5:15 PM
    Logfile: 
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.06.21.03
    Rootkit Database: v2016.05.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: HUOR SAN CENTER 3

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 302281
    Time Elapsed: 19 min, 53 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

     

    Is this a hurrah?

  3. Here's a log for reference.

    # AdwCleaner v5.200 - Logfile created 20/06/2016 at 18:33:06
    # Updated 14/06/2016 by ToolsLib
    # Database : 2016-06-20.1 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (X64)
    # Username : HUOR SAN CENTER 3 - HUORSANCENTER3
    # Running from : C:\Users\HUOR SAN CENTER 3\Downloads\AdwCleaner\AdwCleaner.exe
    # Option : Clean
    # Support : https://toolslib.net/forum

    ***** [ Services ] *****

    [-] Service Deleted : WtuSystemSupport
    [-] Service Deleted : vToolbarUpdater40.3.1

    ***** [ Folders ] *****

    [-] Folder Deleted : C:\ProgramData\AVG Secure Search
    [-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
    [-] Folder Deleted : C:\ProgramData\avg web tuneup
    [#] Folder Deleted : C:\ProgramData\Application Data\AVG Secure Search
    [#] Folder Deleted : C:\ProgramData\Application Data\AVG Security Toolbar
    [#] Folder Deleted : C:\ProgramData\Application Data\avg web tuneup
    [-] Folder Deleted : C:\Program Files (x86)\avg web tuneup
    [-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    [-] Folder Deleted : C:\Users\HUOR SAN CENTER 3\AppData\Local\avg web tuneup
    [-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

    ***** [ Files ] *****

    [-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\components\AskSearch.js

    ***** [ DLLs ] *****


    ***** [ WMI ] *****


    ***** [ Shortcuts ] *****


    ***** [ Scheduled tasks ] *****


    ***** [ Registry ] *****

    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
    [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    [-] Key Deleted : HKLM\SOFTWARE\Classes\s
    [-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
    [-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
    [-] Key Deleted : HKLM\SOFTWARE\AVG Tuneup
    [-] Key Deleted : HKLM\SOFTWARE\SrpnFiles
    [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    [-] Data Restored : HKU\S-1-5-21-116893555-3398319076-3125001844-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
    [-] Data Restored : HKU\S-1-5-21-116893555-3398319076-3125001844-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

    ***** [ Web browsers ] *****

    [-] [C:\Users\HUOR SAN CENTER 3\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
    [-] [C:\Users\HUOR SAN CENTER 3\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
    [-] [C:\Users\HUOR SAN CENTER 3\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.yahoo.com
    [-] [C:\Users\HUOR SAN CENTER 3\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : free-media-converter.en.softonic.com

    *************************

    :: "Tracing" keys deleted

    *************************

    C:\AdwCleaner\AdwCleaner[C1].txt - [5573 bytes] - [20/06/2016 18:33:06]
    C:\AdwCleaner\AdwCleaner[S1].txt - [5654 bytes] - [19/06/2016 08:24:08]
    C:\AdwCleaner\AdwCleaner[S2].txt - [6241 bytes] - [20/06/2016 18:27:45]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5792 bytes] ##########
     

  4. These UAC (security prompts) are from the usual file management program found in the Windows OS, not internet browsers whatsoever. To be frank I'll just lay it of as a glitch and have to deal with it. I'd prefer to keep the warnings coming so I don't accidentally initiate an installation, but thank you for you advice. And yes, I will be removing the files detected by AdwCleaner so will there be anything else I'll be doing?

  5. Before I command the program to clean. Here is the log file. I feel that I need the good to go before I continue to remove all these selected files as some are related to my antivirus and also because the issue related to my web surfing is virtually resolved. If you spot any adware or unwanted assets then please tell me and I'll remove them. As for the glitch, is there really nothing I can do about it?

    AdwCleaner[S1].txt

  6. The suspicious and ultimately awkward thing about it is that I clicked create folder and it proceeded to prompt the UAC, after denying access, it then creates a folder. It may be let down easily as a bug by Mircosoft, but I'm a little skeptical about it.

    EDIT: So far, no issues involving booting and using the browser. Thank you so much.

  7. Yeah, I suppose it is a UAC prompt; just didn't know what it's called technically.

     

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 18-Jun-16
    Scan Time: 9:11 AM
    Logfile: 
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.06.17.07
    Rootkit Database: v2016.05.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: HUOR SAN CENTER 3

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 302728
    Time Elapsed: 18 min, 32 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    uacPrompt.png

  8. Unfortunately I am unable to search for " bl (x32 Version: 1.0.0 - Your Company Name) Hidden ". Please, excuse my lack of technical expertise. However, I have followed your instructions and here is the log. I think I described the Windows Explorer 'bug' incorrectly. When you single-click an installation .exe file and then create a new folder, the Explorer first attempts to open the installation file, causing the windows security-administration-request prompt to appear. Might have been a bug after all, but I am using a WIN 7 OS for quite some time now and this seems suspicious.

    Fixlog.txt

  9. Here are the logs. I have also discovered some suspicious activity. One of which is being that when I navigate through windows explorer and create a new folder, the program attempts to open up a program that has been selected by the cursor. Another, more dangerous one, is that the laptop fails to fully boot at every two startups. May this be related to my current issue? I look forward to your reply.

    FRST.txt

    Addition.txt

  10. Hello! I've just made an account so that I can report this malicious problem. Whenever I would open a new webpage or a new task, and then proceed to interact with said webpage, the browser (in this case being Google Chrome) suddenly creates a new tab and redirects itself into an ad-filled, basically unwanted website. At least that's the gist of it.

    I've installed MalwareBytes and have run a full computer scan, even completing the removal process by restarting but the problem still exists. Running another scan, I found out the culprit suspected to be this "Hijack.AutoConfigURL.PrxySvrRST".

    As soon as possible, I would be looking forward to cooperating closely with an expert with this issue. It really is a bugger. Although this can be quarantined by the anti-malware, it is only temporary as it seems to come back upon restarting.

    I have included the log of the most previous scan, of which I have learnt that the malware comes back upon restarting. Thank you in advance.

    ____________________________________________________

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 16-Jun-16
    Scan Time: 11:51 PM
    Logfile: 
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.06.16.04
    Rootkit Database: v2016.05.27.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: HUOR SAN CENTER 3

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 301193
    Time Elapsed: 13 min, 10 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 1
    Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://un-stop.info/wpad.dat?f5675b0c0ba45e094f03f44902d52a7a11699604, Quarantined, [ebb912ebf0a9d16501d05669e81abc44]

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    ________________________________________________

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.