Jump to content

Joffa

Members
 View Profile  See their activity

  • Posts

    5

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Joffa
    Hi again Kevin. I've used Chrome for a day now and, like with Edge, there's now no phising alert any more. I'll try rebooting and see if I get the message tomorrow (& I'll try using Firefox only). I really appreciate your help - can you leave this issue open for 24 hours more? Thanks Jeff
  2. Joffa
    Addition.txtFRST.txt Thanks mate PS Windows Update has completed now. Cheers Jeff
  3. Joffa
    Thanks Kevin Here's the FixLog.txt: Fix result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020 Ran by joffa (25-10-2020 10:56:34) Run:1 Running from C:\Users\joffa\Desktop Loaded Profiles: joffa Boot Mode: Normal ============================================== fixlist content: ***************** SystemRestore: On CreateRestorePoint: CloseProcesses: GroupPolicy: Restriction ? <==== ATTENTION Task: {86384D59-D20F-4603-BFA3-0139DAA73417} - System32\Tasks\WinmendUpdateTask_joffa => C:\Program Files (x86)\WinMend\Folder Hidden\liveupdate.exe Task: {D9856B18-DC1B-4C1A-A5D3-F97D4BBCD38F} - System32\Tasks\lr9kTbCXdRhS => lr9ktbcxdrhs.exe <==== ATTENTION Tcpip\..\Interfaces\{11fe760f-e9fb-47af-90f1-f4fab472985c}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{3d70b7a1-b595-4413-90f8-79e23bad61b8}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{7d3abf3d-c4e5-4c2a-8c40-6076352c8c9a}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{853f65e9-d806-11e7-a41b-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{b87cda5f-4b76-4524-9e26-b0ab7badcdbc}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{c0771a63-8492-4f6d-ad59-b440b74e9771}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{fdc8773b-61e9-4090-ab75-19e13768560b}: [NameServer] 8.8.8.8 FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=3.0.0-git -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File] S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X] C:\WINDOWS\system32\Drivers\lvuvc.hs AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0] AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0] AlternateDataStreams: C:\Users\joffa\Downloads\BFTinyHand-Regular.zip:com.dropbox.attributes [168] BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File FirewallRules: [{CE4E9944-4BCC-4033-B2D0-31D5A95E6A78}] => (Allow) LPort=161 FirewallRules: [{D789CB08-10E7-4003-8628-3B06BD4021F4}] => (Allow) LPort=427 FirewallRules: [{097B7A11-2CD1-4D84-BD90-502DDE7D0263}] => (Allow) LPort=9100 FirewallRules: [{0BD1977D-7B8D-41C5-A2DC-FFFC644D5E67}] => (Allow) C:\Users\joffa\AppData\Local\Temp\7zS0E78\HPDiagnosticCoreUI.exe => No File FirewallRules: [{1E53E772-B4EE-4192-8C32-3A33C61507E1}] => (Allow) C:\Users\joffa\AppData\Local\Temp\7zS0E78\HPDiagnosticCoreUI.exe => No File FirewallRules: [{E9B6D101-E0B7-4025-A421-A3A922BAAB52}] => (Allow) C:\Users\joffa\AppData\Local\Temp\7zS0D3B\HPDiagnosticCoreUI.exe => No File FirewallRules: [{1E42B33B-8E11-4ED2-8235-64C1CB027CDD}] => (Allow) C:\Users\joffa\AppData\Local\Temp\7zS0D3B\HPDiagnosticCoreUI.exe => No File FirewallRules: [{61E3ECBB-952A-4148-9EF9-B080951BD55B}] => (Allow) %APPDATA%\Spotify\Spotify.exe => No File FirewallRules: [{1AD7088A-5156-458D-9B14-0493253BCAEE}] => (Allow) LPort=31931 FirewallRules: [{E13A2FED-ECFF-4B8A-864A-7E07BB95EF23}] => (Allow) LPort=14714 FirewallRules: [{73B4BFB8-FC57-4669-A102-AAC3C16852FC}] => (Allow) LPort=12972 FirewallRules: [{FE46B88F-0E46-4CEB-8A86-06FBA5A8FB19}] => (Block) %ProgramFiles%\Skylum\Luminar 4\Luminar 4.exe => No File FirewallRules: [UDP Query User{DE97DE2E-F35A-40CA-B350-FD5C9996EB8A}C:\users\joffa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joffa\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [TCP Query User{384E864F-42CA-4D94-9EFF-7BFCAB21A305}C:\users\joffa\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\joffa\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [{9649D109-608A-44F5-8900-D50191F343BE}] => (Allow) C:\Users\joffa\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{586EEF56-056C-41B5-A8CA-A03AB83F518C}] => (Allow) C:\Users\joffa\AppData\Roaming\Zoom\bin\airhost.exe => No File File: C:\Users\joffa\EMPTIES.BAT CMD: winmgmt /verifyrepository cmd: sfc /scannow EmptyTemp: ***************** SystemRestore: On => completed Restore point was successfully created. Processes closed successfully. C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86384D59-D20F-4603-BFA3-0139DAA73417}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86384D59-D20F-4603-BFA3-0139DAA73417}" => removed successfully C:\WINDOWS\System32\Tasks\WinmendUpdateTask_joffa => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinmendUpdateTask_joffa" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9856B18-DC1B-4C1A-A5D3-F97D4BBCD38F}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9856B18-DC1B-4C1A-A5D3-F97D4BBCD38F}" => removed successfully C:\WINDOWS\System32\Tasks\lr9kTbCXdRhS => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\lr9kTbCXdRhS" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11fe760f-e9fb-47af-90f1-f4fab472985c}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3d70b7a1-b595-4413-90f8-79e23bad61b8}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7d3abf3d-c4e5-4c2a-8c40-6076352c8c9a}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{853f65e9-d806-11e7-a41b-806e6f6e6963}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b87cda5f-4b76-4524-9e26-b0ab7badcdbc}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c0771a63-8492-4f6d-ad59-b440b74e9771}\\NameServer" => removed successfully "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{fdc8773b-61e9-4090-ab75-19e13768560b}\\NameServer" => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4 => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6 => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.0-git => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.10 => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.3 => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1 => removed successfully HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8 => removed successfully HKLM\System\CurrentControlSet\Services\HPTouchpointAnalyticsService => removed successfully HPTouchpointAnalyticsService => service removed successfully C:\WINDOWS\system32\Drivers\lvuvc.hs => moved successfully C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully C:\Users\joffa\Downloads\BFTinyHand-Regular.zip => ":com.dropbox.attributes" ADS removed successfully HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => removed successfully HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE4E9944-4BCC-4033-B2D0-31D5A95E6A78}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D789CB08-10E7-4003-8628-3B06BD4021F4}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{097B7A11-2CD1-4D84-BD90-502DDE7D0263}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0BD1977D-7B8D-41C5-A2DC-FFFC644D5E67}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E53E772-B4EE-4192-8C32-3A33C61507E1}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9B6D101-E0B7-4025-A421-A3A922BAAB52}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E42B33B-8E11-4ED2-8235-64C1CB027CDD}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{61E3ECBB-952A-4148-9EF9-B080951BD55B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1AD7088A-5156-458D-9B14-0493253BCAEE}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E13A2FED-ECFF-4B8A-864A-7E07BB95EF23}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73B4BFB8-FC57-4669-A102-AAC3C16852FC}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE46B88F-0E46-4CEB-8A86-06FBA5A8FB19}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DE97DE2E-F35A-40CA-B350-FD5C9996EB8A}C:\users\joffa\appdata\roaming\spotify\spotify.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{384E864F-42CA-4D94-9EFF-7BFCAB21A305}C:\users\joffa\appdata\roaming\spotify\spotify.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9649D109-608A-44F5-8900-D50191F343BE}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{586EEF56-056C-41B5-A8CA-A03AB83F518C}" => removed successfully ========================= File: C:\Users\joffa\EMPTIES.BAT ======================== C:\Users\joffa\EMPTIES.BAT File not signed MD5: D41D8CD98F00B204E9800998ECF8427E <==== ATTENTION (zero byte File/Folder) Creation and modification date: 2018-05-29 19:25 - 2018-05-29 19:28 Size: 000000000 Attributes: ----A Company Name: Internal Name: Original Name: Product: Description: File Version: Product Version: Copyright: VirusTotal: 0-byte ====== End of File: ====== ========= winmgmt /verifyrepository ========= WMI repository is consistent ========= End of CMD: ========= ========= sfc /scannow ========= Beginning system scan. This process will take some time. Beginning verification phase of system scan. Verification 0% complete. Verification 1% complete. Verification 1% complete. Verification 2% complete. Verification 3% complete. Verification 3% complete. Verification 4% complete. Verification 5% complete. Verification 5% complete. Verification 6% complete. Verification 6% complete. Verification 7% complete. Verification 8% complete. Verification 8% complete. Verification 9% complete. Verification 10% complete. Verification 10% complete. Verification 11% complete. Verification 11% complete. Verification 12% complete. Verification 13% complete. Verification 13% complete. Verification 14% complete. Verification 15% complete. Verification 15% complete. Verification 16% complete. Verification 16% complete. Verification 17% complete. Verification 18% complete. Verification 18% complete. Verification 19% complete. Verification 20% complete. Verification 20% complete. Verification 21% complete. Verification 21% complete. Verification 22% complete. Verification 23% complete. Verification 23% complete. Verification 24% complete. Verification 25% complete. Verification 25% complete. Verification 26% complete. Verification 26% complete. Verification 27% complete. Verification 28% complete. Verification 28% complete. Verification 29% complete. Verification 30% complete. Verification 30% complete. Verification 31% complete. Verification 31% complete. Verification 32% complete. Verification 33% complete. Verification 33% complete. Verification 34% complete. Verification 35% complete. Verification 35% complete. Verification 36% complete. Verification 36% complete. Verification 37% complete. Verification 38% complete. Verification 38% complete. Verification 39% complete. Verification 40% complete. Verification 40% complete. Verification 41% complete. Verification 41% complete. Verification 42% complete. Verification 43% complete. Verification 43% complete. Verification 44% complete. Verification 45% complete. Verification 45% complete. Verification 46% complete. Verification 46% complete. Verification 47% complete. Verification 48% complete. Verification 48% complete. Verification 49% complete. Verification 50% complete. Verification 50% complete. Verification 51% complete. Verification 51% complete. Verification 52% complete. Verification 53% complete. Verification 53% complete. Verification 54% complete. Verification 55% complete. Verification 55% complete. Verification 56% complete. Verification 56% complete. Verification 57% complete. Verification 58% complete. Verification 58% complete. Verification 59% complete. Verification 60% complete. Verification 60% complete. Verification 61% complete. Verification 61% complete. Verification 62% complete. Verification 63% complete. Verification 63% complete. Verification 64% complete. Verification 65% complete. Verification 65% complete. Verification 66% complete. Verification 66% complete. Verification 67% complete. Verification 68% complete. Verification 68% complete. Verification 69% complete. Verification 70% complete. Verification 70% complete. Verification 71% complete. Verification 71% complete. Verification 72% complete. Verification 73% complete. Verification 73% complete. Verification 74% complete. Verification 75% complete. Verification 75% complete. Verification 76% complete. Verification 76% complete. Verification 77% complete. Verification 78% complete. Verification 78% complete. Verification 79% complete. Verification 80% complete. Verification 80% complete. Verification 81% complete. Verification 81% complete. Verification 82% complete. Verification 83% complete. Verification 83% complete. Verification 84% complete. Verification 85% complete. Verification 85% complete. Verification 86% complete. Verification 86% complete. Verification 87% complete. Verification 88% complete. Verification 88% complete. Verification 89% complete. Verification 90% complete. Verification 90% complete. Verification 91% complete. Verification 91% complete. Verification 92% complete. Verification 93% complete. Verification 93% complete. Verification 94% complete. Verification 95% complete. Verification 95% complete. Verification 96% complete. Verification 96% complete. Verification 97% complete. Verification 98% complete. Verification 98% complete. Verification 99% complete. Verification 100% complete. Windows Resource Protection found corrupt files and successfully repaired them. For online repairs, details are included in the CBS log file located at windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline repairs, details are included in the log file provided by the /OFFLOGFILE flag. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8151040 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 180536422 B Java, Flash, Steam htmlcache => 31301793 B Windows/system/drivers => 2475801 B Edge => 564250 B Chrome => 873437 B Firefox => 42308042 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 9270 B LocalService => 52206 B NetworkService => 55258 B joffa => 3107059876 B Administrator => 3221381888 B RecycleBin => 9631019123 B EmptyTemp: => 15.1 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 11:19:47 ==== --------------------------------------------------------------------------------------- Microsoft Safety Scanner v1.0, (build 1.325.1417.0) Started On Mon Oct 26 09:39:46 2020 ->Scan ERROR: resource process://pid:104,ProcessStart:132480622585852048 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:404,ProcessStart:132480622673049841 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:628,ProcessStart:132480622918848652 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:748,ProcessStart:132480622954333666 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:772,ProcessStart:132480622954608996 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:820,ProcessStart:132480622956317729 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:3012,ProcessStart:132480622991212583 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:4736,ProcessStart:132480623024222486 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:4640,ProcessStart:132480623778992851 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1908,ProcessStart:132480624640838191 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:2008,ProcessStart:132480624658086400 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:6340,ProcessStart:132481384033969039 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:6892,ProcessStart:132481390449907959 (code 0x0000012B (299)) ->Scan ERROR: resource process://pid:4736,ProcessStart:132480623024222486 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:4640,ProcessStart:132480623778992851 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:1908,ProcessStart:132480624640838191 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:6340,ProcessStart:132481384033969039 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:2008,ProcessStart:132480624658086400 (code 0x00000005 (5)) ->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33)) ->Scan ERROR: resource file://C:\hiberfil.sys (code 0x00000021 (33)) ->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33)) ->Scan ERROR: resource file://C:\pagefile.sys (code 0x00000021 (33)) ->Scan ERROR: resource file://C:\swapfile.sys (code 0x00000021 (33)) ->Scan ERROR: resource file://C:\swapfile.sys (code 0x00000021 (33)) ->Scan ERROR: resource process://pid:4736,ProcessStart:132480623024222486 (code 0x00000005 (5)) ->Scan ERROR: resource process://pid:4736,ProcessStart:132480623024222486 (code 0x00000005 (5)) Quick Scan Results for 84DE5EFA-1A80-4EBC-AD3F-0251D1CB1990: ---------------- Threat detected: VirTool:Win32/DefenderTamperingRestore regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware SigSeq: 0x0000055555C57273 Quick Scan Removal Results ---------------- Start 'remove' for regkeyvalue://hklm\software\microsoft\windows defender\\DisableAntiSpyware Operation succeeded ! Results Summary: ---------------- Found VirTool:Win32/DefenderTamperingRestore and Removed! I don't have symptoms/warnings any more :-)
  4. Joffa
    Here are the log files of these applications. I'm no longer getting the MalwareBytes pop up about phishing - happy 🙂 Thanks, Jeff RKLog.txtAdwCleaner[S01].txtAddition.txtFRST.txt
  5. Joffa
    Greetings I have same 'Website blocked' message as https://forums.malwarebytes.com/topic/265325-constant-rtp-phishing-attempts-please-help/ I've followed most steps in the reply thread & attach relevant text files from the various scanning applications. Malwarebytes initial scan report is 'website blocked due to phishing.txt' Please let me know what my next step should be, or if I should also try the Sophos tool. Much appreciated Jeff RKLog.txt Scan log.txt website blocked due to phishing.txt Addition.txt FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.