Jump to content

tcabado

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

3 Neutral
  1. Ok, done that. All scans came out clean. I guess we can consider this solved? Thank you so much again.
  2. Thanks Maurice, it seems we've erased this thing! Thank you for your dedication and patience. Here is the log of the FSS scan. Also already changed that Malwarebytes setting you mentioned. FSS.txt
  3. ESET log.txtHere is the ESET Online Scanner log as requested.
  4. Okay, here they go.FRST.txtAddition.txt I'm very grateful!
  5. Fixlog.txt Here it is. After the reboot I don't see the extension anymore... Just ran another analysis with Malwarebytes and nothing. I'll keep my eyes open. Is there anything else I should do? Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/13/21 Scan Time: 6:38 PM Log File: 98747cd2-e422-11eb-a293-ac8247defbce.json -Software Information- Version: 4.4.2.123 Components Version: 1.0.1358 Update Package Version: 1.0.43049 License: Trial -System Information- OS: Windows 10 (Build 19042.1110) CPU: x64 File System: NTFS User: LAPTOP-34C82GMI\tcaba -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 335801 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 1 min, 11 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  6. Maurice, first, I attach the last scan I did, after another reboot. Then I'll follow with the last instructions. Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/13/21 Scan Time: 6:26 PM Log File: 0ddd930c-e421-11eb-b534-ac8247defbce.json -Software Information- Version: 4.4.2.123 Components Version: 1.0.1358 Update Package Version: 1.0.43049 License: Trial -System Information- OS: Windows 10 (Build 19042.1110) CPU: x64 File System: NTFS User: LAPTOP-34C82GMI\tcaba -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 335836 Threats Detected: 6 Threats Quarantined: 0 Time Elapsed: 1 min, 45 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Njvk\B0FA173C, No Action By User, 2702, 940996, , , , , , Trojan.BrowserHijack, C:\PROGRAMDATA\BKJKML\NJVK, No Action By User, 2702, 940996, 1.0.43049, , ame, , , File: 4 Trojan.BrowserHijack, C:\PROGRAMDATA\BKJKML\NJVK\B0FA173C\BACKGROUND.JS, No Action By User, 2702, 940996, 1.0.43049, , ame, , 44BAC884B216264EA74C8F10C4CEE674, 30585C8EA6717388F8E88BB081F4564E016C3AF3CE0DA9E8959F59FA2A725432 Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Njvk\B0FA173C\icon128.png, No Action By User, 2702, 940996, , , , , 86DF701CE3B2191A415BDEF3222AB59F, E2712D19AA6AA4A29827E76C4DF53F54B5207AB9C90C0CB2202635072D41AA22 Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Njvk\B0FA173C\manifest.json, No Action By User, 2702, 940996, , , , , B939AAA20187D32EC57506ED5624A9C5, 31807715E6BD27EAD50ED16D236D1EE066CA4C928A3A8B740F66106F3D8226DC Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Njvk\B0FA173C\tsaht, No Action By User, 2702, 940996, , , , , CA40BF7F9833689E13FBCE2F1A87759A, E97C7902F2A8D46465A19B23C33C22214BA5C7CCF149EB3AB729A3FCBE6318FB Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  7. Here I past the log of the Malwarebytes scan I just did. It found the Trojan again, and I quarentained it (again). Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 7/13/21 Scan Time: 5:27 PM Log File: d0e5c648-e418-11eb-8c49-ac8247defbce.json -Software Information- Version: 4.4.2.123 Components Version: 1.0.1358 Update Package Version: 1.0.43047 License: Trial -System Information- OS: Windows 10 (Build 19042.1110) CPU: x64 File System: NTFS User: LAPTOP-34C82GMI\tcaba -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 335831 Threats Detected: 6 Threats Quarantined: 0 Time Elapsed: 1 min, 30 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 2 Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Fjvh\B0FA173C, No Action By User, 2702, 940996, , , , , , Trojan.BrowserHijack, C:\PROGRAMDATA\BKJKML\FJVH, No Action By User, 2702, 940996, 1.0.43047, , ame, , , File: 4 Trojan.BrowserHijack, C:\PROGRAMDATA\BKJKML\FJVH\B0FA173C\BACKGROUND.JS, No Action By User, 2702, 940996, 1.0.43047, , ame, , 44BAC884B216264EA74C8F10C4CEE674, 30585C8EA6717388F8E88BB081F4564E016C3AF3CE0DA9E8959F59FA2A725432 Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Fjvh\B0FA173C\icon128.png, No Action By User, 2702, 940996, , , , , 86DF701CE3B2191A415BDEF3222AB59F, E2712D19AA6AA4A29827E76C4DF53F54B5207AB9C90C0CB2202635072D41AA22 Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Fjvh\B0FA173C\manifest.json, No Action By User, 2702, 940996, , , , , B939AAA20187D32EC57506ED5624A9C5, 31807715E6BD27EAD50ED16D236D1EE066CA4C928A3A8B740F66106F3D8226DC Trojan.BrowserHijack, C:\ProgramData\Bkjkml\Fjvh\B0FA173C\tsaht, No Action By User, 2702, 940996, , , , , CA40BF7F9833689E13FBCE2F1A87759A, E97C7902F2A8D46465A19B23C33C22214BA5C7CCF149EB3AB729A3FCBE6318FB Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  8. Oh Wait! After the reboot these two prompts came out. Wouldn't allow me to make a screenshot (they're freeze) but I took photos with my phone. Also, you mentioned my passwords in chrome would be deleted. They didn't.
  9. Hi, Here is the log. I was ready to be very patient but, in fact, this was very fast. Let me know. Fixlog.txt
  10. Thank you Maurice, here is the .zip as requested.mbst-grab-results.zip
  11. Hi, i've seen there've been several of these topics solved but I can't seem to do it myself. I have this extension that keeps coming back to Chrome: appears as an unpacked extension called "uRssFree", and is located at a hidden folder in ProgramData which I deleted, quarentined with Malwarebytes after analyzing it, shreded with another anti-virus, and just keeps coming back after some minutes. Also downloaded Farbar Recovery Scan Tool, located the extension and other problems (related to Policies but not shure if to this trojan), and it just keeps coming. I attach the logs of the last scan I did. Addition.txtFRST.txt Thank you in advance for any help you can give me.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.