kitmub

So can I Assume everything is clear? and avast dealt whatever it detected and with your help remove whatever that wasnt removed? ( I got scared when the Avast ui didnt open and the tray icon disappear when the threat happened then everything is ok after restarting after the threat) Im just curious whether the fixes is for remnant or is it hardening of the system?? other than that nothing Many thanks forfixing

heres the fixlog i didnt uninstall ccleaner just for info ( i sometimes use it for cleaning temp and disabling startups and rarely registry) Fixlog.txt

I was refeered to go here even though avast is the one who detected it (i have MBam free Installed) my post from Avast (thread link) So far no detection since then and everthing seems to be working and havent notice anything also did some scan with avast, emisoft emergency kit, mbam with no detection ( i did a Mbam FullScan no detection but i didnt finished it because of the time also attached) Attached Farbar logs (Old Jan142022 - a day after the detection also the same logs on the avast forum) (New Jan162022 RegUser - recent logs using regular user same account when the incident happen) (New Jan162022 Admin - farbar with Run as Admin) Recent MBam Log ( no detection i cancelled it because of the time) Addition-New-Jan162022(AdminUser).txt Addition-New-Jan162022(regUser).txt Addition-Old-Jan152022.txt FRST-New-Jan16,2022(regUser).txt FRST-New-Jan162022(AdminUser).txt FRST-Old-Jan152022.txt MbamFullScan(Jan162022).txt

ok Confirmed

false positive of vibersetup and java jre Jabswitch ( adopopenjdk openj9 version old v11-0-10 & new v11-0-11 ) From searching of the forum i see someone also reported about jabswitch when i was doing this post (i just included it to be complete) Jabswitch old v11-0-10 https://www.virustotal.com/gui/file/acf50d64f47496e72a917e5be7eb186853d0d258a861e48092a0db228ea6353e/detection https://metadefender.opswat.com/results/file/bd09b75640482def51a1be2446ba23b2/hash/overview?lang=en jabswitch new v11-0-11 https://www.virustotal.com/gui/file/108bd842e08107e6af785de31c487cd48927d8fb53e673c8aafb5dbeb2c5a57b/detection https://metadefender.opswat.com/results/file/f3f11e0ab9de350e9651de2e3fc20d8f/hash/multiscan?lang=en Vibersetup https://www.virustotal.com/gui/file/4a3f1e4ad189689686408ef75177474a1f96135b89645741bc9a40610c0b7634/detection https://metadefender.opswat.com/results/file/bzIxMDMwMWpDbHJiZHJlZmRBWjJaRFIyZHJJ/regular/multiscan?lang=en Attached Mbamlog ViberJava log = (the first time i see it) Mbamlog recent = most recent scan still detected Files FPfiles.zip MbamlogViberJavaFP.txt MbamRecentLog.txt

it doesn't blocked anymore and not reproduceable so I assume it fixed itself just happened 2 times wasn't able to screenshot it though I guess it can be closed now

me third its blocking something in google chrome and microsoft edge (both chromium) extension page sadly wasnt able to get the screenshot and maybe just after upgrading to version 2.2.24 cant seem to reproduce it though just to say extension installed are ublock origin comodo security pro ghostery bitdefender traffic light avast online security noscript

Ok confirmed its no longer being detected

found a way to get the files you need to use the "Run" to get to the Assembly folder it is still being detection logs & Files Attached detection zip password is 123 the Virustotal URL Detections.zip MbamNewApr302021.txt

Sadly i cant seem to scan it with virustotal it wont let me select it or even copy the file to upload it even using admin unless there are other way to copy it Attach screenshot showing selecting the file

The Google search message is now gone ( though i cant go to comodo fourm but can go to comodo i heard there are intemitent problem comodo side) there was an internet interruption last night i restarted the router and already have a different Public IP address note: there are 2 Standard user, 1 Admin Acct, (2 other accidentaly created haven't open those acct yet) Attached 2 set of FRST log "AdminPriv(FRST/Addition).txt" one using the Admin Acct w/ Admin Privilege "User(FRST/Addition).txt" using the Standard User Acct w/ run as Admin RKLog run as admin no detection Mbam log Recent it still detect the Assembly Files AdminPrivAddition.txt AdminPrivFRST.txt MbamApr292021.txt RKlog.txt UserAddition.txt UserFRST.txt

on March my mom asking me to open a webinar on a legitimate website i didnt notice i misclick a malicious adware the browser did stop it at first because of certificate i guess but becasue my mother is late and making me to hurry up for the webinar and i know its a legitimate website i continued it redirected to another site then lots of colordialog popups at that time i was still using the mcaffee lifesave trial that came with the laptop it was able to block something but there still popup and the adware is design only to show when your cursor is near on the menu and can easily be misclick if its a little higher browser extension at that time was mcaffee webadvisor, ghostery, comodo onlinesecurity (i didnt installed noscript on my moms useraccount) spywareblaster was also installed if it matter and comodo securedns after that i did full scan of mcaffeee, malwarebytes, superantyspyware, comodo cleaning esentials, windows defender nothing was found i only installed avast free when mcafee was nearing end of trial did fullscan before installing avast I noticed browsers (and one time windows update already gone) having "managed by organization" even though its my mother personal laptop Just Recently searching in google for this laptop im getting this msg only wit this laptop other device doesnt Addition.txt FRST.txt mbamFull(Apr25-2021).txt mbamold(Apr23-2021).txt zemanalog.txt quar.zip