Jump to content

Need help diagnosing a potential threat

JohnG9
 Share

Recommended Posts

JohnG9

JohnG9

Posted
Posted

Hello!

 

So I've always had some weird things happen on my computer and I am wondering if I am just missing it's detection.  I was hoping some of you guys can walk me through all the steps to diagnose everything.  I saw a similar thread and went through a lot of the steps he did so as to speed up the time to solve this.  

 

I know I am overly paranoid, so I am sure I just took this to the extreme, but I really would like the peace of mind to have an expert tell me they don't think anything is there ?.

 

Steps I've taken so far in order:

1. Downloaded the latest malwarebytes and ran a system scan.  No threats found.

2. Ran FRST.  Attached and  FRST.txt and Addition.txt

3. Ran FRST with the bcedit fix.  That file is also attached Fixlog.txt

4. Ran roguekiller.  12 items found.  I removed 10 of them, but 2 of the registry keys were for a program I still use called postman.  I believe these are legitimate.  Log file attached rk_4C9F.tmp.txt

5. Put FRST on a flash drive from a clean computer and ran it from recovery mode.  Attached that file (I called it FRST recovery.txt to differentiate from the one I ran on regular windows)

6. Ran malwarebytes again.  That log file is attached as mbytes.txt

7. Ran AdwCleaner.  4 threats detected and 3 were removed (after restart).  Log file attached AdwCleaner[C01].txt

8. Ran Roguecleaner again (ugh this thing takes foreverrrrrrrr!!)  This time the only two items that were found were the 2 postman registries that I didn't delete before.  Log file attached rk_23FB.tmp 2nd run.txt

9. Ran FRST again.  Log files attached as FRST2.txt and Addition2.txt

 

 

Woo mama that took forever haha, but I hope that saves you guys some time!  Thanks a ton for doing this, after reading through some other threads I can tell you guys really care about helping people out!  

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted (edited)

Hello JohnG9 and welcome to Malwarebytes,

Do you know of and trust the following proxy running in FireFox...

FF NetworkProxy: Mozilla\Firefox\Profiles\gvyvz6qo.default -> socks", "159.203.166.41"

I do not see any obvious Malware or Infection in your latest logs from FRST...

Thank you,

Kevin.

Edited by kevinf80
typing error
Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept