Jump to content

Comprev

Members
  • Content Count

    950
  • Joined

  • Last visited

Everything posted by Comprev

  1. Thanks for the help! You take care as well.
  2. Computer's running fine, and nothing bad or strange has happened since the original incident which prompted me to come here.
  3. Sorry about that. I disabled Windows Defender Firewall, and both Avast and Malwarebytes' realtime shields. Hopefully this is better. msert.log
  4. Hi, Both scans are attached. msert.log eset.txt
  5. Long time no see @AdvancedSetup I ran a full scan on Avast since it didn't have a threat scan, no malware was detected.
  6. Hello, Earlier today I went to play on the old (legitimate) flash game website Miniclip, and one of the games asked me to enable Adobe Flash. Clicking on that notification sent me to the real Adobe website where I started to download Flash, but before it finished the page changed to a "Virus/spyware download blocked" page similar to the last image on this page, making me think it might have been my home network AT&T's firewall. Nothing else unusual happened, all the websites I visited were real and legitimate as far as I could tell (all had the real URL), and none of my antivirus or
  7. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 12/27/2014 Scan Time: 8:02:34 PM Logfile: Administrator: Yes Version: 2.00.4.1028 Malware Database: v2014.12.27.08 Rootkit Database: v2014.12.23.02 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Lucas Scan Type: Threat Scan Result: Completed Objects Scanned: 347611 Time Elapsed: 18 min, 16 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enable
  8. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-12-2014 Ran by Lucas at 2014-12-27 19:27:27 Run:1 Running from C:\Users\Lucas\Desktop Loaded Profile: Lucas (Available profiles: Lucas) Boot Mode: Normal ============================================== Content of fixlist: ***************** start HKLM-x32\...\Run: [PerforMax Cleaner] => C:\Program Files (x86)\PerforMax Cleaner\PerforMax Cleaner.exe [1589760 2014-12-05] () C:\Program Files (x86)\PerforMax Cleaner HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-2
  9. Earlier today I was trying to install Hamachi on this computer and stupidly used an ad link on Google thinking it was the top result. Thus, I have the PerforMAX rogue and Vosteran browser redirect. A full scan on Malwarebytes and most of a full scan of MSE (I stopped it so I could run Farbar, and I'll run it again after this post) did not fix the problem. Here are the logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014 Ran by Lucas (administrator) on LUCAS-PC on 27-12-2014 16:56:14 Running from C:\Users\Lucas\Desktop Loaded Profile: Lucas (Available profil
  10. I have read your closing post. Thank you so much for your help! Once again, I am very sorry about extending this for two months. Have a good one!
  11. I ended up using F-secure, as the ESET scanner was still unusable. Nothing was found, and there are no symptoms.
  12. I ran the HJT fix, but the add-on doesn't make itself available for downlad when I try to run the scanner. After I agree to the TOS, it just displays a grey box.
  13. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.05.12.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17105 Lucas :: LUCAS-PC [administrator] 5/12/2014 9:02:42 PM mbam-log-2014-05-12 (21-02-42).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 243156 Time elapsed: 11 minute(s), 21 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detecte
  14. It appears to have worked; the redirects have stopped.
  15. I haven't completed all of the steps; my brother doesn't have a Google Sync account. Would any Google/Youtube account be sufficient?
  16. ComboFix 14-04-30.01 - Lucas 05/01/2014 20:57:58.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5922.4525 [GMT -4:00] Running from: c:\users\Lucas\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((( Files Created from 2014-04-02 to 2014-05-02 ))))))))))))))))))))))))))))))) . .
  17. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-04-2014 Ran by Lucas at 2014-04-23 18:08:53 Run:1 Running from C:\Users\Lucas\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** IFEO\bitguard.exe: [Debugger] tasklist.exe IFEO\bprotect.exe: [Debugger] tasklist.exe IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browserdefender.exe: [Debugger] tasklist.exe IFEO\browserprotect.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpf
  18. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 Ran by Lucas (administrator) on LUCAS-PC on 20-04-2014 10:35:12 Running from C:\Users\Lucas\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping
  19. Before I run the scans, I think I should point out that my brother just got another bit of adware on his computer, one that redirects to default-search.net MSE didn't find anything, and here's the log from MBAM: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.04.18.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17041 Lucas :: LUCAS-PC [administrator] 4/17/2014 10:31:00 PM mbam-log-2014-04-17 (22-31-00).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | P
  20. Again, I'm very, very sorry for the wait. I'll make sure it doesn't happen again. My apologies for this out. ComboFix 14-04-12.01 - Lucas 04/15/2014 19:35:50.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5922.4464 [GMT -4:00] Running from: c:\users\Lucas\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((
  21. I'll have it by tomorrow, definitely. I'm really terribly sorry about how long this has been taking.
  22. Hey, sorry about the late response. I'll be able to get on the computer soon, and I'll get to you when I can. Thanks
  23. Haven't seen you here before ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.2 (02.20.2014:1) OS: Windows 7 Home Premium x64 Ran by Lucas on Thu 03/13/2014 at 18:36:35.26 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a0396495
  24. Hey, My brother was downloading GIMP onto his computer, and there appears to be some sort of browser hijack in it - new tabs in Firefox go to conduit.com, and random words are blue and double-underlined, and display a GIMP advertisement when hovered over with the mouse. MSE didn't find anything; Malwarebytes did, but it was unable to remove whatever's causing this mess. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2 Run by Lucas at 21:48:53 on 2014-03-06 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5922.3776 [GMT -5:00]
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.