Jump to content

JJX

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Maurice. Thanks so much for all the help here. With results above running clear, and MalwareBytes now NOT returning SearchManager as found in Chrome, I think we're done here. One final question though - are we ok to continue to synch Chrome for each User? Again...Many, Many Thanks for assist here. Thx. JJX
  2. hi Maurice. Ran both files via the website above, and both reporting as Undetected apart from ESET-NOD32, which both are detecting Win32/Bundled.Toolbar.Google.D Potentially Unsafe SO looks like only ESET finding possible issue (maybe false positive?). No sure how to extract file, so it that enough info here? Thx JJX
  3. Results as follows Are these 2 x false positives stored in AVG folders? Thanks... Mark.eset_scan.txt
  4. HI Maurice, Ran FULL SCAN and MSS results as attached. Reported that it found and removed in VirTool:Win32/DefenderTamperingRestore, in attached dialog. Running ESET next.msert.log Thanks...
  5. Hi Maurice. All instance of chrome have had reset synch, and Malware Anti-rootkit BETA from url in my post has completed Scan, and no Malware found. Thanks... JJX
  6. Hi. Is this the link to Malware Anti-rootkit? Link above is back to this email. https://www.malwarebytes.com/antirootkit/ Thanks... JJX
  7. Hi Maurice. Have already reset sync on all chrome sessions on this machine....do you need me to do so again? Note that prior to your email, I ran full MWB scan, and its seems to find SearchManager on the ilals account on this machine Thx... JJX
  8. Hi Maurice. Tasks ran as per the above and results added. I all quarantined and deleted the repeating PUP.Optional.SearchManager entries found by most recent MalwareBytes Scan. Results of support tool as per the attached...mbst-grab-results.zip
  9. hi Maurice...will complete this steps over the next 24 hours. Thanks...
  10. Update. Have reset Google Chrome synch, as per guidance in other posts and re-ran MWBytes scan. DIDN'T REBOOT BEFORE THIS SCAN AND CHANGE TO RESET MY CHROME SYNC. It's now returning PUP.Optional.SearchManger entry once, for the other user on this PC. Path to that file is.... C:\users\username\appdata\loca\google\chrome\user data\web data Thx... JJX
  11. Hi, Having an ongoing/recurring issue where multiple instances of PUP.Optional.SearchManager being detected by my Premium Edition of MalwareBytes. Effected directories associated with the program settings for Chrome for both users on this PC. Have also ran HitMan Pro (trial version expired) which is detecting mal/behav-321 malware on a number of files, as follows.... Malware _____________________________________________________________________ C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\sample.dll Size . . . . . . . : 524,488 bytes Age . . . . . . . : 0.0 days (2020-01-30 02:38:43) Entropy . . . . . : 0.4 SHA-256 . . . . . : 128F608C72E94783AB18CF286F4B62C0C4FD7F7120465CA79E1A551791CB2970 RSA Key Size . . . : 2048 Authenticode . . . : Valid > SurfRight . . . . : Mal/Behav-321 Fuzzy . . . . . . : 101.0 Forensic Cluster 1660.8s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\ 1661.8s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\ 1661.8s C:\ProgramData\Malwarebytes\MBAMService\lkg_db\ 1662.8s C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\8DA.CAT 1663.2s C:\ProgramData\Malwarebytes\MBAMService\prot.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\rdefs.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\rules.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\scan.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\tids.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\wprot2.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\clean.mbdb 1663.2s C:\ProgramData\Malwarebytes\MBAMService\Global.sr 1663.2s C:\ProgramData\Malwarebytes\MBAMService\Global.nm 1663.2s C:\ProgramData\Malwarebytes\MBAMService\cfg.bin 1663.2s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\Actions.dll 1663.2s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\MBAMCore.dll 1663.2s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\BrowserSDKDLL.dll 1663.2s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\ig.exe 1663.3s C:\ProgramData\Malwarebytes\MBAMService\dbclsupdate\staging\sample.dll Any help removing this beastie would be GREATLY appreciated. Many Thanks... JJX
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.