Jump to content

Jight

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Our new site that our website developer has made from scratch, is being blocked automatically to clients that own Malwarebytes. The IP to the site has been used by other people in the past, but we now own the IP and our site is clean. We can't really tell all our clients to add an exception to their antiviruses to access our site, could you please look into this. Domain: portal.totalfireservice.com.au IP: 104.238.83.154 (I am aware that the site is hosted in America, but we are an Australian company) I have attached photos of the blockage that the client has sent us.
  2. Sorry I had no idea bittorrent/utorrent was illegal software, I have uninstalled them, evidence is in the attachments. May we continue?
  3. After restarting, "removing" the virus and doing another scan; the viruses persist. In fact, there's an extra one for some reason (nwifi), here are the logs: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 14/07/2016 Scan Time: 2:39 PM Logfile: virus 2.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.07.14.02 Rootkit Database: v2016.05.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: JEREMY Scan Type: Threat Scan Result: Completed Objects Scanned: 319112 Time Elapsed: 5 min, 27 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\hidclass.sys, , [c0752d58193603b6ed762b4027c65e1b], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\Ndu.sys, , [d358df634f52247cb43f0781218f4d6e], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\netbt.sys, , [f51c02d992a8d6bc5ec4d990f227d4c7], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\nwifi.sys, , [aa4cd20708b7e0412a5316d7e2875103], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\srv.sys, , [acc1709ec7fe6eb8999dbc91c50c2b34], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\srv2.sys, , [afbcfc946fae7483e27bd316d03f94a5], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\srvnet.sys, , [107c1ebe79710e4a759449bd6604245a], Physical Sectors: 0 (No malicious items detected) (end)
  4. Thanks for the reply Kenvinf80, The logs are in the attatchments. I'm going to conduct another Malwarebytes scan to see if it finds the files again - also - should I delete the files out of the Malwarebytes Quarantine? Rkill.txt Malwarebytes log.txt Addition.txt FRST.txt
  5. Have scanned the following files (found from a malwarebytes scan) with 3 different antiviruses: Malwarebytes AVG IObit Antimalware I have tried to upload these files to virustotal.com to see if they are a virus in disguise but it keeps telling me the files are empty, or that I don't have permission to upload the files. I looked up what these files are and they are legitimate files that windows uses, but I am unsure if a virus has "taken control" or modified these files to it's needs. What steps should I take to check that these files are clean? They keep coming up when I do a full computer scan. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 13/07/2016 Scan Time: 4:50 PM Logfile: virus.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.07.13.04 Rootkit Database: v2016.05.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: JEREMY Scan Type: Custom Scan Result: Completed Objects Scanned: 723807 Time Elapsed: 1 hr, 41 min, 26 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\hidclass.sys, , [c0752d58193603b6ed762b4027c65e1b], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\Ndu.sys, , [d358df634f52247cb43f0781218f4d6e], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\netbt.sys, , [f51c02d992a8d6bc5ec4d990f227d4c7], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\srv.sys, , [acc1709ec7fe6eb8999dbc91c50c2b34], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\srv2.sys, , [afbcfc946fae7483e27bd316d03f94a5], Unknown.Rootkit.Driver, C:\WINDOWS\SYSTEM32\drivers\srvnet.sys, , [107c1ebe79710e4a759449bd6604245a], Physical Sectors: 0 (No malicious items detected) (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.