Jump to content

spaceferret

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by spaceferret

  1. Sorry for the late response, I ended up having to do a clean reinstall of Windows 10 to resolve it. What happened was further Malwarebytes and Adwcleaner scans revealed more PUPs showing up in my registry. I ended up having to Reset everything twice to no avail, so I did the clean reinstall. The issue has not returned yet.
  2. Yes. I even got frustrated and reset Windows 10, and it returned.
  3. Since the second restart I noticed the "GoldenGate" folder and registry key returned (the file that used to be contained the folder did not). I ran AdwCleaner again and here are the results of that ******* # AdwCleaner v6.040 - Logfile created 14/12/2016 at 18:21:24 # Updated on 02/12/2016 by Malwarebytes # Database : 2016-12-14.1 [Local] # Operating System : Windows 10 Home (X64) # Username : Keith - DESKTOP-UVMT3IS # Running from : C:\Users\Keith\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Keith\AppData\Roaming\GoldenGate ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3517273881-430385543-2654065728-1001\Software\GoldenGate [#] Key deleted on reboot: HKCU\Software\GoldenGate [#] Key deleted on reboot: [x64] HKCU\Software\GoldenGate ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared *************************
  4. # AdwCleaner v6.040 - Logfile created 14/12/2016 at 17:59:30 # Updated on 02/12/2016 by Malwarebytes # Database : 2016-12-14.1 [Server] # Operating System : Windows 10 Home (X64) # Username : Keith - DESKTOP-UVMT3IS # Running from : C:\Users\Keith\Desktop\AdwCleaner.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** [-] Service deleted: netfilter2 ***** [ Folders ] ***** ***** [ Files ] ***** [-] File deleted: C:\WINDOWS\SysNative\drivers\netfilter2.sys ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-3517273881-430385543-2654065728-1001\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23 [#] Key deleted on reboot: HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23 [#] Key deleted on reboot: [x64] HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23 ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1145 Bytes] - [14/12/2016 17:59:30] C:\AdwCleaner\AdwCleaner[S0].txt - [1401 Bytes] - [14/12/2016 17:58:21] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1291 Bytes] ##########
  5. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/14/16 Scan Time: 3:53 AM Logfile: Administrator: Yes -Software Information- Version: 3.0.4.1269 Components Version: 1.0.39 Update Package Version: 1.0.726 License: Trial -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: DESKTOP-UVMT3IS\Keith -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 366579 Time Elapsed: 11 min, 19 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 1 PUP.Optional.Gameo, HKU\S-1-5-21-3517273881-430385543-2654065728-1001\SOFTWARE\GoldenGate, Delete-on-Reboot, [8068], [185307],1.0.726 Registry Value: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.Gameo, C:\USERS\KEITH\APPDATA\ROAMING\GOLDENGATE, Delete-on-Reboot, [8068], [185305],1.0.726 File: 1 PUP.Optional.Gameo, C:\USERS\KEITH\APPDATA\ROAMING\GOLDENGATE\8EFF1C3BD40938FB0157CBAC0E790571.LOGIC.DB, Delete-on-Reboot, [8068], [185305],1.0.726 Physical Sector: 0 (No malicious items detected) (end)
  6. Hey all, So I ran a random scan of Malwarebytes today and it picked up three threats classified as "PUP.Optional.Gameo", a file, folder, and a registry key. They all seem to be related to something called "GoldenGate"", I have not seen the program anywhere installed. After removing the files and restarting the computer, I ran Malwarebytes again and the same three files popped up. Is this a false positive or should I be worried? FRST logs attached. Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.