Jump to content

kevinf80

Experts
  • Content Count

    27,667
  • Joined

  • Last visited

  • Days Won

    6

Everything posted by kevinf80

  1. Hiya Infernus, As long as Malwarebytes is active you will be safe... Regards, Kevin...
  2. Hiya Infernus, That is an inbound call from a sniffer trying to make a connection to your system, very typical and not related to anything on your PC. Malwarebytes is doing its job.... The IP address is definitely malicious.. https://www.virustotal.com/gui/ip-address/193.239.147.156/detection Thanks, Kevin...
  3. Just missed your reply there, can you post the fresh RTP log... Open Malwarebytes.... Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the RTP Detection log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text
  4. Hello infernus, Therein lies the problem, not all free software is really free. Such software may come bundled with addons that are used to recover there costs by devious means. Malwarebytes is really good at stopping such outbound calls that you were experiencing. The software itself is not classed as malicious, but its unseen actions can be. Therefore security programs do let the software run, but its hidden actions slip under the fence and do what they are intended to do, fortunately Malwarebytes does stop those actions... Not all free software behaves that way, its just bein
  5. Hello infernus, Which version of Hotpoint Shield did you use, free or premium. If the free version then such software uses other means to offset costs. Is Malwarebytes still making RTP detection s or have they ceased totally..? Thanks, Kevin..
  6. Hiya infernus, How does your system respond now, any issues or concerns... Thanks, Kevin..
  7. Hiya infernus, Thanks for those logs, continue: Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool
  8. Have to go out for about an hour, regardles of what happens with previous instructions also do the following... Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"
  9. Hiya infernus, I see from the Addition.txt log that there are three versions of hotspot shield installed, two of those are marked up as hidden... Try the following: Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folde
  10. Hiya Infernus, I suppose it is possible for Hotspot shield to be at fault, why can you not make the uninstall... Kevin...
  11. Hiya Mcruz_20, Thanks for those logs, continue: Please download the attached fixlist.txt file and save it to the Desktop or location where you ran FRST from. NOTE. It's important that both files, FRST or FRSTEnglish, and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system that cannot be undone. Run FRST or FRST64 and press the Fix button just once and wait. If the tool
  12. Hello lilmama59, I want to see the produced logs from Malwarebytes and AdwCleaner, not image files... The permission issue you quote is not an error, it is a safety precaution to use administrator priveleges, when you use "Continue" on the alert you can accept the alert... For malwarebytes log, open Malwarebytes then do the following: Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the Scan log which shows the
  13. Hiya infernus, I doubt that we are dealing with a false positive, I`ve worked similar threads to yours before.. Usually it turns out to be 3rd party software that runs after boot and exploits a system file to make an outbound call. I`ve just uploaded one of the IP`s to VirusTotal, the result confirms malicious activity... https://www.virustotal.com/gui/ip-address/92.63.197.97/detection What we now need to do is find out which software is causing the problem... As clean boot stops the RTP detection happening it is now a process of elimination to find which non MS service(s)
  14. Hello Infernus, Set windows up for "Clean Boot" mode, full instructions here: https://support.microsoft.com/en-gb/kb/929135 Basically all none MS services are disabled, see how your system runs in that mode, see if the RTP detections cease in that mode... Thanks, Kevin
  15. Hello Infernus and welcome to Malwarebytes, Can you post the last three RTP logs: To get the RTP Detection log from Malwarebytes do the following: Open Malwarebytes.... Click on the Detection History tab > from main interface. Then click on "History" that will open to a historical list Double click on the RTP Detection log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if sele
  16. Hello Mae and welcome to Malwarebytes, Continue with the following: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 4 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ens
  17. Hello lilmama59 and welcome to Malwarebytes, Continue with the following: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 4 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Option
  18. Hiya Ruari, Thanks for those logs, continue: Download Sophos Free Virus Removal Tool and save it to your desktop. If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete..... Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours... Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Ne
  19. Hello Ruari and welcome to Malwarebytes, Continue with the following: Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab. Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Clsoe out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Click on
  20. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you
  21. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  22. Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following for Tips to help protect from infection Thank you
  23. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
  24. Due to the lack of feedback, this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread. Tips to help protect from infection Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.