Jump to content

vectorious

Members
 View Profile  See their activity

  • Posts

    12

  • Joined

  • Last visited

 Content Type 

Everything posted by vectorious

  1. vectorious
    The IP address belongs to cloudflare inc, who look legitimate per wikipedia, cannot work out if any of my extensions might be using them or why Chrome might be linking to them.
  2. vectorious
    The same - check.chrome-request.com - a scan does not show any malware, this is the only google hit I can find.
  3. vectorious
    All seems to be clear now - it has stopped blocking anything and none of the scanners report anything. thanks very much for your help
  4. vectorious
    Fix result of Farbar Recovery Scan Tool (x64) Version: 08-09-2017 Ran by Matthew (10-09-2017 14:25:13) Run:2 Running from C:\Users\Matthew\Downloads Loaded Profiles: Matthew & (Available Profiles: Matthew & Liz & Abby & admin) Boot Mode: Normal ============================================== fixlist content: ***************** Start CreateRestorePoint: CloseProcesses: EmptyTemp: Task: {047F6219-46F5-4F1E-9E19-53CFBBA77D1E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {388257D1-DCE3-415A-B605-B9693A132FB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {79790675-1F76-4E09-9B48-CDB69EFC9611} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {CFCA7AF1-15E3-4D54-960F-EF2D59BBE39F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggRdgAMBAtGRxgReFoITA0QEQAOeQhZVRQSRAAWeQoBBwlCRQQFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlEmSFtHL04=" CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggRdgAMBAtGRxgReFoITA0QEQAOeQhZVRQSRAAWeQoBBwlCRQQFIk0FA1oDB0VXfV5bFElXTwhwJVhKAlEmSFtHL04=" cmd: bitsadmin /reset /allusers cmd: ipconfig /flushdns End ***************** Restore point was successfully created. Processes closed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{047F6219-46F5-4F1E-9E19-53CFBBA77D1E} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{047F6219-46F5-4F1E-9E19-53CFBBA77D1E} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{388257D1-DCE3-415A-B605-B9693A132FB3} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{388257D1-DCE3-415A-B605-B9693A132FB3} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79790675-1F76-4E09-9B48-CDB69EFC9611} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79790675-1F76-4E09-9B48-CDB69EFC9611} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFCA7AF1-15E3-4D54-960F-EF2D59BBE39F} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCA7AF1-15E3-4D54-960F-EF2D59BBE39F} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully Chrome RestoreOnStartup => removed successfully Chrome StartupUrls => removed successfully ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 7888896 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12715705 B Java, Flash, Steam htmlcache => 72214843 B Windows/system/drivers => 319189337 B Edge => 0 B Chrome => 776088535 B Firefox => 59240430 B Opera => 401294535 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 838090 B LocalService => 11428 B NetworkService => 9660 B Matthew => 369715973 B Liz => 28833182 B Abby => 0 B admin => 0 B RecycleBin => 0 B EmptyTemp: => 1.9 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 14:25:37 ====
  5. vectorious
    Note: In the interim Windows defender (mysteriously active at the same time as Bit defender) found something and after a couple of attempts appears to have removed it. Accordingly when I ran MBAR I got a message saying no clean up was required and it did not generate a mbar-log-scan-date.txt as far as I can tell I have copied the system_log.txt below I seem to have no more issues, so thank you for your help here Matt -------------------------------------- Malwarebytes Anti-Rootkit BETA 1.09.3.1001 (c) Malwarebytes Corporation 2011-2012 OS version: 10.0.9200 Windows 10 x64 Account is Administrative Internet Explorer version: 11.540.15063.0 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.594000 GHz Memory total: 17063329792, free: 11737341952 Downloaded database version: v2017.09.03.06 Downloaded database version: v2017.08.02.01 Downloaded database version: v2017.09.01.01 ======================================= Initializing... ------------ Kernel report ------------ 09/03/2017 20:58:38 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kd.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\System32\drivers\msrpc.sys \SystemRoot\System32\drivers\ksecdd.sys \SystemRoot\System32\drivers\werkernel.sys \SystemRoot\System32\drivers\CLFS.SYS \SystemRoot\System32\drivers\tm.sys \SystemRoot\system32\PSHED.dll \SystemRoot\system32\BOOTVID.dll \SystemRoot\System32\drivers\FLTMGR.SYS \SystemRoot\System32\drivers\clipsp.sys \SystemRoot\System32\drivers\cmimcext.sys \SystemRoot\System32\drivers\ntosext.sys \SystemRoot\system32\CI.dll \SystemRoot\System32\drivers\cng.sys \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\SleepStudyHelper.sys \SystemRoot\System32\Drivers\acpiex.sys \SystemRoot\System32\Drivers\WppRecorder.sys \SystemRoot\System32\drivers\ACPI.sys \SystemRoot\System32\drivers\WMILIB.SYS \SystemRoot\System32\drivers\intelpep.sys \SystemRoot\system32\drivers\WindowsTrustedRT.sys \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\drivers\msisadrv.sys \SystemRoot\System32\drivers\pci.sys \SystemRoot\System32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pdc.sys \SystemRoot\system32\drivers\CEA.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\System32\drivers\spaceport.sys \SystemRoot\System32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\System32\drivers\storahci.sys \SystemRoot\System32\drivers\storport.sys \SystemRoot\System32\drivers\EhStorClass.sys \SystemRoot\System32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Wof.sys \SystemRoot\System32\Drivers\NTFS.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\System32\drivers\wfplwfs.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\System32\drivers\volume.sys \SystemRoot\System32\drivers\volsnap.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\system32\drivers\iorate.sys \SystemRoot\System32\drivers\IntelPcc.sys \SystemRoot\System32\drivers\disk.sys \SystemRoot\System32\drivers\CLASSPNP.SYS \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\drivers\cdrom.sys \SystemRoot\system32\drivers\filecrypt.sys \SystemRoot\system32\drivers\tbs.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\BasicDisplay.sys \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\vmbkmclr.sys \SystemRoot\System32\drivers\BasicRender.sys \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\drivers\vwififlt.sys \SystemRoot\System32\drivers\pacer.sys \SystemRoot\system32\drivers\netbios.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\System32\drivers\npsvctrig.sys \SystemRoot\System32\drivers\mssmbios.sys \SystemRoot\System32\drivers\gpuenergydrv.sys \SystemRoot\System32\Drivers\dfsc.sys \??\C:\Program Files\Bitdefender Antivirus Free\bdfwfpf.sys \SystemRoot\system32\DRIVERS\ahcache.sys \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys \SystemRoot\System32\drivers\kdnic.sys \SystemRoot\System32\drivers\umbus.sys \SystemRoot\System32\drivers\CAD.sys \SystemRoot\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\HDAudBus.sys \SystemRoot\System32\drivers\portcls.sys \SystemRoot\System32\drivers\drmk.sys \SystemRoot\System32\drivers\ks.sys \SystemRoot\System32\drivers\USBXHCI.SYS \SystemRoot\system32\drivers\ucx01000.sys \SystemRoot\system32\DRIVERS\TeeDriverx64.sys \SystemRoot\System32\drivers\usbehci.sys \SystemRoot\System32\drivers\USBPORT.SYS \SystemRoot\system32\DRIVERS\Netwbw02.sys \SystemRoot\System32\drivers\vwifibus.sys \SystemRoot\system32\DRIVERS\RtsPer.sys \SystemRoot\System32\drivers\i8042prt.sys \SystemRoot\System32\drivers\AsusTP.sys \SystemRoot\System32\drivers\mouclass.sys \SystemRoot\System32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys \SystemRoot\System32\drivers\CmBatt.sys \SystemRoot\System32\drivers\BATTC.SYS \SystemRoot\System32\drivers\wmiacpi.sys \SystemRoot\System32\drivers\intelppm.sys \SystemRoot\System32\drivers\AsHIDSwitch64.sys \SystemRoot\System32\drivers\HIDCLASS.SYS \SystemRoot\System32\drivers\HIDPARSE.SYS \SystemRoot\system32\drivers\nvvad64v.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\drivers\NdisVirtualBus.sys \SystemRoot\System32\drivers\swenum.sys \SystemRoot\System32\drivers\rdpbus.sys \SystemRoot\System32\drivers\usbhub.sys \SystemRoot\System32\drivers\USBD.SYS \SystemRoot\System32\drivers\UsbHub3.sys \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\System32\drivers\hidusb.sys \SystemRoot\System32\drivers\mouhid.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\win32kfull.sys \SystemRoot\System32\win32kbase.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_storahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\ibtusb.sys \SystemRoot\System32\drivers\BTHUSB.sys \SystemRoot\System32\drivers\bthport.sys \SystemRoot\System32\drivers\usbccgp.sys \SystemRoot\System32\drivers\dxgmms2.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\System32\drivers\monitor.sys \SystemRoot\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys \SystemRoot\System32\drivers\rfcomm.sys \SystemRoot\System32\drivers\BthEnum.sys \SystemRoot\System32\drivers\bthpan.sys \SystemRoot\system32\drivers\wcifs.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\mmcss.sys \SystemRoot\system32\drivers\storqosflt.sys \SystemRoot\System32\drivers\registry.sys \SystemRoot\system32\drivers\lltdio.sys \SystemRoot\system32\drivers\mslldp.sys \SystemRoot\system32\drivers\rspndr.sys \SystemRoot\System32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\drivers\ndisuio.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\drivers\vwifimp.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\drivers\tcpipreg.sys \??\C:\WINDOWS\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\drivers\Ndu.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\drivers\condrv.sys \SystemRoot\System32\drivers\tunnel.sys \SystemRoot\System32\drivers\rdpvideominiport.sys \SystemRoot\System32\drivers\rassstp.sys \SystemRoot\System32\DRIVERS\NDProxy.sys \SystemRoot\System32\drivers\AgileVpn.sys \SystemRoot\System32\drivers\rasl2tp.sys \SystemRoot\System32\drivers\raspptp.sys \SystemRoot\System32\DRIVERS\raspppoe.sys \SystemRoot\System32\DRIVERS\ndistapi.sys \SystemRoot\System32\drivers\ndiswan.sys \SystemRoot\system32\drivers\gzflt.sys \SystemRoot\system32\DRIVERS\atc.sys \SystemRoot\system32\DRIVERS\avc3.sys \SystemRoot\system32\drivers\trufos.sys \SystemRoot\system32\DRIVERS\edrsensor.sys \??\C:\WINDOWS\system32\drivers\mwac.sys \SystemRoot\System32\cdd.dll \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys ----------- End ----------- Done! Scan started Database versions: main: v2017.09.03.06 rootkit: v2017.08.02.01 <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xffffac0154325060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xffffac01543269f0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xffffac0154325060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xffffac0154043060, DeviceName: \Device\00000037\, DriverName: \Driver\storahci\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... Done! Drive 0 This is a System drive Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 6EB18BA Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 716800 Partition is bootable Partition file system is NTFS Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 718848 Numsec = 998464737 Partition is not bootable Partition file system is NTFS Partition 2 type is Other (0x27) Partition is NOT ACTIVE. Partition starts at LBA: 999184384 Numsec = 1028096 Partition is not bootable Partition file system is NTFS Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition is not bootable Disk Size: 512110190592 bytes Sector size: 512 bytes Done! File "C:\Users\Matthew\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768) File "C:\Users\Matthew\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768) File "C:\Users\Matthew\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768) File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768) Scan finished system-log.txt
  6. vectorious
    A scan has just found Trojan.downloader:win32/pockershecv.A - removing it, but still getting pings
  7. vectorious
    Bitdefender is now blocking something (rather than malware bytes) Generic.powecod.A.F1442318 Scans attached FRST.txt Addition.txt
  8. vectorious
    ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=728ce915e41b6a46ae3acbe797b2ee76 # end=init # utc_time=2017-08-27 12:15:19 # local_time=2017-08-27 01:15:19 (+0000, GMT Daylight Time) # country="United Kingdom" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 34540 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=728ce915e41b6a46ae3acbe797b2ee76 # end=updated # utc_time=2017-08-27 12:17:49 # local_time=2017-08-27 01:17:49 (+0000, GMT Daylight Time) # country="United Kingdom" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=728ce915e41b6a46ae3acbe797b2ee76 # engine=34540 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2017-08-27 12:54:29 # local_time=2017-08-27 01:54:29 (+0000, GMT Daylight Time) # country="United Kingdom" # lang=1033 # osver=6.2.9200 NT # compatibility_mode_1='Bitdefender Antivirus Free Antimalware' # compatibility_mode=2078 16777213 83 97 2398 126750773 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 3087950 55421529 0 0 # scanned=317998 # found=4 # cleaned=4 # scan_time=2199 sh=91352F7C0C03DBAFE73A9D7B2539C7B346EF9582 ft=1 fh=50f3aee05957228d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Matthew\Downloads\ccsetup514.exe" sh=679554350D98943A57969161DF445FE0BEEE41BA ft=1 fh=f8e5907db567682a vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Matthew\Downloads\ccsetup514pro.exe" sh=68B0376FB80EC5DBF7B47DCC7B5335383E9B063A ft=1 fh=893d1fa1996eca88 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Users\Matthew\Downloads\ccsetup520.exe" sh=F1EEBA9E906322A37AA1EFB1D2FAAAD78E217587 ft=1 fh=0c2952aae1428178 vn="a variant of MSIL/HackKMS.H potentially unsafe application (cleaned by deleting)" ac=C fn="C:\Windows\AutoKMS\AutoKMS.exe" Note: I ran it again afterwards and it was clean - I don't know if that makes a difference
  9. vectorious
    Note: I realise I posted the wrong file - I left the clean to run overnight and it seemed to hang at about 95% done. On a restart the scan now says clear and does not report anything No CX file was created as part of the incomplete clean # AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 20 21:01:03 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 08-17-2017.2 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [985 B] - [2017/8/20 8:9:29] C:/AdwCleaner/AdwCleaner[S1].txt - [1010 B] - [2017/8/20 20:58:32] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########
  10. vectorious
    OK: To note: This is a second hand machine, but seemed to be clean on start up - the only things it has installed are windows 10 (I upgraded), Steam + games, GoG+games and malwarebytes plus bitdefender free plus some free to download stuff like chrome, opera - it does not even have my ancient copy of Office installed. If there is pirated software, how can I detect it? # AdwCleaner 7.0.1.0 - Logfile created on Sun Aug 20 08:09:29 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 08-17-2017.2 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** Trojan.Bayrob, C:\Users\Matthew\Downloads\Transfer ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\WebBar ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ########## Fixlog.txt AdwCleaner[S0].txt
  11. vectorious
    The logs from a scan The PUPs reappear each time after removing them - not sure if they are they same. thanks daily protection log.txt scan log.txt
  12. vectorious
    I keep getting blocks by Malwarebytes for unitdata.info Looking at other answers I downloaded Farbar scanner and I attach Addition and FRST.txt below Is there anything I can do to stop this? thanks Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.