Jump to content
Sign in to follow this  
PadPio

Adwcleaner 7.1 detected/cleaned 17 threats, problem began w/ Win32/Vigram.A

Recommended Posts

First off, some background- I started this topic as i have been running into issues over the last few days. It started when a virus embedded in the most recent version of Display Driver Uninstaller (DDU) was downloaded to my Computer (Windows 10 x64- running only Defender and free version of malwarebytes, at this point in time). I tried to move file to desktop- took a minute (hmm). Then decided to Place in my Extra Apps folder (w/ MWB, + couple others). Got locked on transfer screen (hmmmm), Tried to move to Recycle Bin, same thing. went to to file location, finally got it to move into recycle bin (i think that's how it went down?), ran CCleaner... A while later before bed, i opened windows security center, and noticed it said it had detected a threat. Ran scan.... Detected Win32/vigram.a (showing the transfer path i described above)... Removed... Ran multiple full, quick, offline scans immediately after. I then vigram.a  i also scanned the desktop folder w/ MWB (no threats found),  and then moved MWB out, MWB right then MWB displayed a message for new update available, which allowed me to start the 14 day trial over- which is great!! It's just weird that i never got the message before- honestly, might be nothing, given that i haven't used it in a while.

 Since then, I have noticed a couple of things (spurattically/randomly)-- Screen kinda will do a flicker/refresh thing when i open some applications (file viewer/MWB/Chrome/etc..) Not always though. It seems slightly slower?? more like random hiccups, and weird screen glitches with my background slides- randomly stuttering btw slides, and once, weird problems with icon images on taskbar glitching out when i hovered over them; etc... Just seems off. I have been hyper vigilant though- so that may be an attribute.

 ANYWAYS, I now have kaspersky w/ malwarebytes and uBlock origin, and nothing has been detected until today when i decided to try out AdwCleaner, and 17 things were detected...

# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build:    04-12-2018
# Database: 2018-04-22.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-23-2018
# Duration: 00:00:03
# OS:       Windows 10 Home
# Cleaned:  17
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\Users\johnt\AppData\Local\Host App Service
Deleted       C:\Users\Public\Desktop\..\App Explorer

***** [ Files ] *****

Deleted       C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\App Explorer

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted       HKCU\Software\Host App Service
Deleted       HKLM\Software\Wow6432Node\Classes\AppID\OverlayIcon.DLL
Deleted       HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL
Deleted       HKLM\Software\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted       HKLM\Software\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
Deleted       HKLM\Software\Wow6432Node\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted       HKLM\Software\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer

***** [ Chromium (and derivatives) ] *****

Deleted       Amazon Assistant for Chrome

***** [ Chromium URLs ] *****

Deleted       Ask
Deleted       AOL

***** [ Firefox (and derivatives) ] *****

Deleted       Amazon Assistant for Firefox

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 

Followed by...

# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build:    04-12-2018
# Database: 2018-04-22.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-23-2018
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

 

Then after opening chrome, later, and came up with 3 more detections (have a feeling these are false positive??)....

# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build:    04-12-2018
# Database: 2018-04-22.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-23-2018
# Duration: 00:00:13
# OS:       Windows 10 Home
# Scanned:  40705
# Detected: 3


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.AmazonBrowserBar   Amazon Assistant for Chrome
 

Idk, if my first problem, and this are related at all, but there it is...

Resolution: Has this resolved my problems? Am i safe, or what else should i check or do, to make sure?

Sorry, about the long post. Any help/input is welcome. Thank you for your time! 


 

Edited by PadPio

Share this post


Link to post
Share on other sites

***This is an automated reply***

Hi,

Thanks for posting in the AdwCleaner Help forum.

Someone will reply shortly, but in the meantime here are a few resources which may help resolve your issue:

Thanks in advance for your patience.

-The Malwarebytes Forum Team

Share this post


Link to post
Share on other sites

Sorry about the post being a jumbled mess. I have been up for a long time trying to deal with this issue, and it is too late to edit. I hope this is an appropriate forum for this site. I am a first time user,  and as such, am not aware of your policies or expectations. If you need clarification please let me know. Thank You.

Edited by PadPio

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.