Jump to content

Daily

Honorary Members
  • Posts

    34
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thanks for all your help Kevin!!! Hope you have a good evening/night
  2. Nope I don't notice anything out of the usual. Should I run sopho again?
  3. Hi Kevin! I have the logs. Sopho didn't find any threats. Also, Malwarebytes didn't ask me to restart after the scan so I just exported the scan that was done just then. Am i clean now? Fixlog.txt mbam log.txt AdwCleaner[C0].txt
  4. Here you go Kevin! FRST.txt Addition.txt
  5. Thanks for the help with the PUP! I'm more worried about the Trojan.Script though. I'm worried about what might have happened in the 12 hours between when the scan picked up the Trojan and when I actually quarantined it. The scan picked up the Trojan.Script at 9am and I quarantined it at 9pm because that's when i logged onto my laptop.
  6. Hi! I ran a scan of my laptop this morning and found a Trojan.Script at 9am. I did not discover the Trojan until I logged on at 9pm. Here's a copy of the scan log. I just ran a recent scan using MBAM and nothing showed up except the pup that keeps popping up in my Chrome web data. Here's a copy of the log from this morning. Am I clean? In addition, I have not used Popcorn Time since approximately 2014/2015. I can throw up a scan log of the PUP as well if we can get that out of the way. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 12/11/17 Scan Time: 4:54 AM Log File: 60767e7a-de72-11e7-bf55-08606e8b88da.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.236 Update Package Version: 1.0.3465 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 298175 Threats Detected: 1 Threats Quarantined: 1 Time Elapsed: 2 hr, 22 min, 35 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 1 Trojan.Script, C:\USERS\VIRGIL YAU\DOWNLOADS\POPCORN-TIME-0.3.8-5-SETUP.EXE, Quarantined, [295], [467948],1.0.3465 Physical Sector: 0 (No malicious items detected) (end)
  7. I have just rebooted the system. No sign of postbuild.exe in SCANRESULTS folder. Her'es the scan log -Log Details- Scan Date: 11/12/17 Scan Time: 2:51 PM Log File: 039adea8-c7fc-11e7-b4c8-08606e8b88da.json Administrator: Yes -Software Information- Version: 3.3.1.2183 Components Version: 1.0.236 Update Package Version: 1.0.3238 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: VirgilYau-PC\Virgil Yau -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 386939 Threats Detected: 6 Threats Quarantined: 6 Time Elapsed: 44 min, 31 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 6 Backdoor.Bot, C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\SCANRESULTS\POSTBUILD.EXE-U.MBAM, Delete-on-Reboot, [48], [456339],1.0.3238 PUP.Optional.Trovi, C:\USERS\VIRGIL YAU\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [4976], [454808],1.0.3238 PUP.Optional.Trovi, C:\USERS\VIRGIL YAU\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [4976], [454808],1.0.3238 PUP.Optional.ASK, C:\USERS\VIRGIL YAU\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [527], [454829],1.0.3238 PUP.Optional.Trovi, C:\USERS\VIRGIL YAU\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [4976], [454808],1.0.3238 PUP.Optional.Conduit, C:\USERS\VIRGIL YAU\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [579], [454835],1.0.3238 Physical Sector: 0 (No malicious items detected) (end)
  8. Yes for sure! Thanks for going through this with me haha.
  9. Perhaps. I'll wait and see what the staff have to say about the problem. My paranoia is huge lol. Thanks for keeping me up to date Floridakeyslover.
  10. Malwarebytes just picked up 1 of the 2 Backdoor.bot files. So I'll have to reboot the system in about 10 minutes. Also, both postbuild.exe files have disappeared from the SCANRESULTS folder. There are now duplicates of some files in MBAMservice for some reason(have not rebooted system yet).
  11. Not sure. The postbuild.exe files are just sitting there in my Scanresults folder and Malwarebytes isn't picking them up.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.