LocalThreats
-
Posts
11 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by LocalThreats
-
-
Thanks, I have removed older versions of Python and updated the rest, regards,
-
Thank you for the continued speedy help. I have uninstalled Bonjour.
-
It's not allowFRST.txtAddition.txting me to edit my previous post - I forgot to restart my PC before running FRST, my apologies. Please find the new logs below. Thanks in advance
-
Please find attached logs - Thanks.
AdwCleaner[S04].txt MalwareBytesLog.txt Addition.txt FRST.txt
-
Thanks, I'll update with the logs when they're done. I've found these System overrides in my Windows Exploit Protection settings and I don't remember ever setting these, are they suspicious? Thanks so much for the help
<?xml version="1.0" encoding="UTF-8"?> <MitigationPolicy> <AppConfig Executable="ExtExport.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ie4uinit.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ieinstal.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ielowutil.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="ieUnatt.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="iexplore.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="mscorsvw.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="msfeedssync.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="mshta.exe"> <ASLR ForceRelocateImages="true" RequireInfo="false" /> </AppConfig> <AppConfig Executable="MsSense.exe"> <StrictHandle Enable="true" /> <SEHOP Enable="true" TelemetryOnly="false" /> </AppConfig> <AppConfig Executable="ngen.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="ngentask.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="PresentationHost.exe"> <DEP Enable="true" EmulateAtlThunks="false" /> <ASLR ForceRelocateImages="true" RequireInfo="false" BottomUp="true" HighEntropy="true" /> <SEHOP Enable="true" TelemetryOnly="false" /> <Heap TerminateOnError="true" /> </AppConfig> <AppConfig Executable="PrintDialog.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="runtimebroker.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> <AppConfig Executable="SystemSettings.exe"> <ExtensionPoints DisableExtensionPoints="true" /> </AppConfig> </MitigationPolicy>
-
-
Thanks,
-
1 hour ago, AdvancedSetup said:
-snip-
Hello, Hope you are well.
Thanks
-
I've just had this error while trying to scan some files.
Kind regards, -
Hello,
I'm fairly sure I've been infected by a RAT, and I have some questions - is there anyway to see if this was installed by a family member on the same network with physical access to the computer? I dread to think it was my brother but I'm fairly certain. Is this system still infected?
I have also found Malwarebytes antivirus scans with no action taken and things added to my exception list. I have added those logs alongside the log this advice - Thanks in advance.
Addition.txt FRST.txt AdwCleaner[C00].txt MostRecentPostADW.txt Previous1.txt Previous2.txt Previous3.txt Previous4.txt
RAT help
in Resolved Malware Removal Logs
Posted
Thanks so much for your help. Could I ask what antivirus/anti-rootkit software you use? I'm slightly paranoid about reinfection - Thanks.