Jump to content

Dyrrachas

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Everything posted by Dyrrachas

  1. Dyrrachas
    Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 4/23/18 Scan Time: 10:35 PM Log File: 25edd622-4768-11e8-ab97-90fba683135c.json Administrator: Yes -Software Information- Version: 3.4.5.2467 Components Version: 1.0.342 Update Package Version: 1.0.4852 License: Trial -System Information- OS: Windows 10 (Build 16299.371) CPU: x64 File System: NTFS User: DESKTOP-5JSDOCU\alexk -Scan Summary- Scan Type: Hyper Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 2960 Threats Detected: 63 Threats Quarantined: 63 Time Elapsed: 1 min, 20 sec -Scan Options- Memory: Enabled Startup: Disabled Filesystem: Disabled Archives: Enabled Rootkits: Disabled Heuristics: Disabled PUP: Detect PUM: Detect -Scan Details- Process: 4 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\CLOUD.EXE, Quarantined, [12763], [101627],1.0.4852 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\PGCHK.EXE, Quarantined, [12763], [92735],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\USERS\ALEXK\APPDATA\LOCAL\COSTIGAN.EXE, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\USERS\ALEXK\APPDATA\LOCAL\COSTIGAN.EXE, Quarantined, [11789], [513961],1.0.4852 Module: 5 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\CLOUD.EXE, Quarantined, [12763], [101627],1.0.4852 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\PGCOMMON.DLL, Quarantined, [12763], [92735],1.0.4852 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\PGCHK.EXE, Quarantined, [12763], [92735],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\USERS\ALEXK\APPDATA\LOCAL\COSTIGAN.EXE, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\USERS\ALEXK\APPDATA\LOCAL\COSTIGAN.EXE, Quarantined, [11789], [513961],1.0.4852 Registry Key: 26 Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\condemned needles tunnels, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6B3B7C05-1AC4-44E4-92E8-621D43E110E9}, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{6B3B7C05-1AC4-44E4-92E8-621D43E110E9}, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sacondemned needles tunnelscondemned needles tunnels, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CC83E034-3201-4464-8A44-9C2DF1A685FE}, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{CC83E034-3201-4464-8A44-9C2DF1A685FE}, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\condemned needles tunnels, Quarantined, [11789], [-1],0.0.0 Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B3B7C05-1AC4-44E4-92E8-621D43E110E9}, Quarantined, [11789], [-1],0.0.0 Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B3B7C05-1AC4-44E4-92E8-621D43E110E9}, Quarantined, [11789], [-1],0.0.0 Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sacondemned needles tunnelscondemned needles tunnels, Quarantined, [11789], [-1],0.0.0 Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC83E034-3201-4464-8A44-9C2DF1A685FE}, Quarantined, [11789], [-1],0.0.0 Adware.DotDo.Generic.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC83E034-3201-4464-8A44-9C2DF1A685FE}, Quarantined, [11789], [-1],0.0.0 PUP.Optional.GoldClick, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pgt_svc, Quarantined, [12763], [92735],1.0.4852 Adware.AnonymizerGadget.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, Quarantined, [10721], [-1],0.0.0 Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\bobbin, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DF23C7A3-4050-4C7E-8636-349F97C5A92A}, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{DF23C7A3-4050-4C7E-8636-349F97C5A92A}, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Sabobbinbobbin, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{885450BB-2333-491A-8C27-B8FE0755E27D}, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{885450BB-2333-491A-8C27-B8FE0755E27D}, Quarantined, [6211], [512347],1.0.4852 Adware.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered ladef, Quarantined, [14760], [512672],1.0.4852 Adware.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E32130C8-FA46-4A76-9FE5-C103C66D78BA}, Quarantined, [14760], [512672],1.0.4852 Adware.WinYahoo.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{E32130C8-FA46-4A76-9FE5-C103C66D78BA}, Quarantined, [14760], [512672],1.0.4852 PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Powered ladef, Quarantined, [3796], [-1],0.0.0 PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E32130C8-FA46-4A76-9FE5-C103C66D78BA}, Quarantined, [3796], [-1],0.0.0 PUP.Optional.WinYahoo.TskLnk, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E32130C8-FA46-4A76-9FE5-C103C66D78BA}, Quarantined, [3796], [-1],0.0.0 Registry Value: 5 Adware.AnonymizerGadget.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|AnonymizerGadget, Quarantined, [10721], [490737],1.0.4852 Adware.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [10721], [-1],0.0.0 Adware.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-489972698-490625529-3993062779-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [10721], [-1],0.0.0 Adware.AnonymizerGadget.PrxySvrRST, HKU\S-1-5-21-489972698-490625529-3993062779-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, Quarantined, [10721], [-1],0.0.0 Adware.AnonymizerGadget.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Quarantined, [10721], [-1],0.0.0 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{91035460-1B41-DEA6-9D87-40E407C5CB2A}, Quarantined, [3796], [453921],1.0.4852 File: 22 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\CLOUD.EXE, Quarantined, [12763], [101627],1.0.4852 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\PGCOMMON.DLL, Quarantined, [12763], [92735],1.0.4852 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\PGCHK.EXE, Quarantined, [12763], [92735],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\condemned needles tunnels, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Sacondemned needles tunnelscondemned needles tunnels, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\USERS\ALEXK\APPDATA\LOCAL\COSTIGAN.EXE, Quarantined, [11789], [513961],1.0.4852 Adware.DotDo.Generic.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\condemned needles tunnels, Quarantined, [11789], [-1],0.0.0 Adware.DotDo.Generic.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Sacondemned needles tunnelscondemned needles tunnels, Quarantined, [11789], [-1],0.0.0 PUP.Optional.GoldClick, C:\PROGRAM FILES (X86)\PROXYGATE\MAINSERVICE.EXE, Quarantined, [12763], [92735],1.0.4852 Adware.AnonymizerGadget.PrxySvrRST, C:\USERS\ALEXK\APPDATA\ROAMING\AGDATA\BIN\ANONYMIZERLAUNCHER.EXE, Quarantined, [10721], [490737],1.0.4852 Adware.DotDo.Generic, C:\WINDOWS\SYSTEM32\TASKS\bobbin, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, C:\WINDOWS\SYSTEM32\TASKS\Sabobbinbobbin, Quarantined, [6211], [512347],1.0.4852 Adware.DotDo.Generic, C:\PROGRAM FILES (X86)\GAINST\GAINST.EXE, Quarantined, [6211], [512347],1.0.4852 Adware.WinYahoo.Generic, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered ladef, Quarantined, [14760], [512672],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\PROGRAMDATA\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\DATO.TXT, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\aowLC, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\coririso, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\hdat1, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\hdat2, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\mecere, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\ProgramData\{91035460-1B41-DEA6-9D87-40E407C5CB2A}\xhRvf, Quarantined, [3796], [453921],1.0.4852 PUP.Optional.WinYahoo.TskLnk, C:\WINDOWS\SYSTEM32\TASKS\Yahoo! Powered ladef, Quarantined, [3796], [-1],0.0.0 Physical Sector: 0 (No malicious items detected) (end)
  2. Dyrrachas
    Ran FRST scan after viewing similar threads, heres TXT also scanned with MB, quarintine & remove but they seem to come back. FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.