Jump to content

martinduo

Members
  • Content Count

    17
  • Joined

  • Last visited

About martinduo

  • Rank
    New Member
  1. Clean report from Malwarebytes. No blocks. After we cleaned up the PUPs, I installed the cumulative updates for Win 1809 that were waiting for me. Maybe something there trigger the false positives. Anyway just after doing those updates, the feature update to 1903 was posted to me and I installed that. And now the false positives are gone. All is well. Thanks again for your great help. MalwarebytesCleanReport.txt
  2. I don't see any blocks now. But I have only tried saving a Word doc in oneDrive. Tomorrow when I'm really doing some work that might trigger those xmissions, I'll check again. I guess they are some data gathering by Microsoft. See you tomorrow.
  3. I'm back, and Win v 1903 is installed after about 2 hours. My version of Malwarebytes is 3.8.3 and no updates are available.
  4. Yes, running okay with no quarantined files. Yay! But something new has appeared: Protection Events - Website blocked. The exported report for one of them is shown below. Any ideas about why this just started? Looks like some reporting back to Microsoft. The only changes I've done have all been with Chrome. Windows has got the feature update for 1903 queued up for when I next restart. So I may be off the air for awhile. I'm going to let it run now. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 7/30/19 Protection Event Time: 7:39 PM Log File: 517718f8-b323-11e9-9d32-5c514f50594b.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.613 Update Package Version: 1.0.11788 License: Premium -System Information- OS: Windows 10 (Build 17763.437) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , , Blocked, [-1], [-1],0.0.0 -Website Data- Category: Malware Domain: settings-win.data.microsoft.com IP Address: 20.36.218.63 Port: [56842] Type: Outbound File: (end)
  5. I've installed Chrome and imported the bookmarks. I did not reset sync on the Chromebook. I'm waiting to see if a bookmark change I made on the PC is synced to the Chromebook now like before. I may have to investigate this feature and experiment some to understand it. Thank you for the awesome support. I made a donation through PayPal, it's from Bruce Martin.
  6. I forgot to tell you that this appeared during the fix operation:
  7. Okay I ran it, Fixlog.txt is attached. I'm wondering about " reset sync". I ran it on my PC to remove all data from Google servers. But my Chromebook is also signed in on my Google account and has all my bookmarks, etc available on its home page. Isn't that device repopulating the Google server with that data? Will that include copies of the PUPs, etc or is that just Win10 stuff not pushed to Chromebook? Also, if I delay importing my exported bookmarks, will they be restored via the sync from the Chromebook? Just curious. I assume I can short circuit that syncing by just importing them to the PC. Fixlog.txt
  8. The scan says No Threats Detected. Yea! Now I can install Chrome, import my bookmarks, install uBlock Origin, right? Before I do that do I have to hit "Reset Sync" on my Chromebook, or is that unnecessary since i did it already on my PC? What did I do to infect Chrome with spigot? Is it from a web site or a download like unLocker (which Malwarebytes wouldn't let me download) malwarebytesScan.txt
  9. I ran FRST but I clicked the scan button, using the instructions on the FRST page, not yours. That file is named FRST-scan.txt and is attached. Also the Addition-scan.txt is attached in case they are useful. I went back and ran FRST again and clicked the Fix button. Even though the Fixlog.txt says it was moved, the C:\Users\Bruce\AppData\Local\Google folder is still there. I did notice that yesterday there were two subfolders Chrome and Drive. Now there is only Drive. I think I saw that was the case even before I clicked the Fix button. Is it the Chrome subfolder we were trying to get rid of? Should I uninstall Unlock? I'll be away now for a couple of hours. The Malwarebytes scan is still running, but I have to leave now. I'll send it later when I get back. FRST-scan.txt Addition-scan.txt Fixlog.txt
  10. Your instructions to get to the "Reset Sync" button don't agree with what I see. I found the "chrome.google.com/sync?hl=en-us" page with the "Reset Sync" button. I clicked that and uninstalled Chrome as per instructions. BUT I can not delete "\AppData\Local\Google". Permission is denied even with administer privileges. I even went into Safe Mode to do the "RD /S /Q C:\Users\Bruce\AppData\Local\Google" command but still was not able to delete that Google folder. i read in "https://www.guidingtech.com/52019/delete-files-windows-10/" about "Unlocker", and installed that (using Windows Defender to skip one download with infections). Activating Unlocker by right clicking the Google folder gives a message: "No Locking handle Found", and an offer to perform a Delete action. Running that gives a message: "The object could not be deleted", and an offer to perform the requested delete operation at next reboot. Selecting Yes and rebooting still does not do the delete. Attached is a Malwarebytes scan done just now. So now my question is, do I leave Chrome as uninstalled and just use Firefox only? Is my only solution a clean re-install of Win10? I am buying a new computer next month, so I could just continue usinf Firefox with things as they are now until then. Is there any problem with leaving the PUPs until then? And even more important, if I install Chrome on my new computer, does it have a venerability that will infect my new computer with PUPs again? malwarebytesScan.txt
  11. Hi Kevin, Yes my Chrome bookmarks are very important. I have hundreds all saved in nested folders by using the Bookmark Manager. I would hate to lose that organization. Will your suggested procedure preserve that? Also I'm synced with Google on my Chromebook where I have access to the same bookmarks. Will I have to clean up over there also to prevent infecting my PC again?
  12. Thanks for the reply. I have attached the requested files. The Malwarebytes scan still found PUPs. malwarebytesScan.txt AdwCleaner[C00].txt
  13. I posted a topic (https://forums.malwarebytes.com/topic/249646-remove-pupoptionalspigota/) on July 21st and waited for any reply, but only saw one today from kevinf80 telling me the post was closed. I never saw a notice that he had answered me on that same Sunday. Anyway today I followed all his instructions, but he wanted me to reply with attached log files. I have the log files attached to this post. How do I get them to kevinf80? malwarebytesScan.txt adwcleaner_7.4.txt FRST.txt Addition.txt
  14. I am using your web page about: How to remove PUP.Optional.Spigot.A (Virus Removal Guide); https://malwaretips.com/blogs/pup-optional-spigot-a-virus-removal/. But there is a problem: the link to the Junkware Removal Tool tool at Step 2: doesn't work. How can I get it to proceed with the Steps of your page?
  15. 'Turn on fast start-up (Recommended)' is not (was not) checked. The icon is in the "Show Hidden Icons" selection from the task bar. Is that the System Tray?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.