sp123 Posted February 11, 2023 ID:1554088 Share Posted February 11, 2023 (edited) I'm not sure if this is the correct place to post this (it probably isn't) I was running FRST to look for files remaining from uninstalling Google Chrome, and I noticed this line: Task: {EEC57E55-AAD6-449C-B510-B344039D2855} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [69072 2022-06-21] (Microsoft Corporation -> Microsoft) <==== ATTENTION The file is digitally signed and isn't detected by any AVs on VT. I have both MBAM and WD running and neither detected anything (either on folder scan or quick/threat). FRST logs attached, along with said file & the result of the schtasks command. Is this a bug? FRST.txt Addition.txt schtasks.txt BackgroundDownload.zip Edited February 11, 2023 by sp123 Scan results 1 Link to post Share on other sites More sharing options...
1PW Posted February 11, 2023 ID:1554092 Share Posted February 11, 2023 Hello @sp123 and welcome back: While you are waiting for the next qualified/approved malware removal expert helper to weigh in on your topic, and even though you may have run the following Malwarebytes utility, or its subsets, please carefully follow these instructions: Download the Malwarebytes Support Tool. In your Downloads folder, open the mb-support-x.x.x.xxx.exe file. In the User Account Control (UAC) pop-up window, click Yes to continue the installation. Run the MBST Support Tool. In the left navigation pane of the Malwarebytes Support Tool, click Advanced. In the Advanced Options, click only Gather Logs. A status diagram displays the tool is Getting logs from your computer. A zip file named mbst-grab-results.zip will be saved to the Public desktop, please attach that file in your next reply to this topic. Please do NOT copy and paste. For the short time between when you post the diagnostic logs, and when your helper weighs in, please take no further self-directed remedial actions that will invalidate the diagnostic logs you will have sent. Thank you. 1 Link to post Share on other sites More sharing options...
sp123 Posted February 11, 2023 Author ID:1554098 Share Posted February 11, 2023 (edited) I doubt this is an infection, but I will leave that up to the experts. Thank you @1PW for your work here mbst-grab-results.zip Edited February 11, 2023 by sp123 1 Link to post Share on other sites More sharing options...
Solution MKDB Posted February 11, 2023 Solution ID:1554099 Share Posted February 11, 2023 (edited) Hi @sp123 Thank you for your report. This looks like a "false positive" by FRST. I'll forward those information to the developer. Edited February 11, 2023 by MKDB Link to post Share on other sites More sharing options...
sp123 Posted February 11, 2023 Author ID:1554100 Share Posted February 11, 2023 Thanks! That is what I thought, but just wanted to make sure. Thanks for all your work helping on this forum (and any others?). Link to post Share on other sites More sharing options...
MKDB Posted February 11, 2023 ID:1554101 Share Posted February 11, 2023 (edited) 6 minutes ago, sp123 said: Thanks! That is what I thought, but just wanted to make sure. Thanks for all your work helping on this forum (and any others?). You're welcome @sp123. I'm helping at BC, MB & TB (whenever I have anough time beside family). 😉 Take care! Edited February 11, 2023 by MKDB 1 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 11, 2023 Root Admin ID:1554114 Share Posted February 11, 2023 @sp123 If you're trying to fully remove Google Chrome after an uninstall and you're sure there is not data you want to keep, you can run the following FIXLIST with the Farbar program and it will go through and attempt to fully remove Google Chrome for you. WARNING: This script will forcefully remove ALL of Google Chrome. DO NOT run this script unless you want to fully remove Google Chrome. There is not backup, no restore, files are permanently removed. fixlist.txt Thanks 2 Link to post Share on other sites More sharing options...
sp123 Posted February 11, 2023 Author ID:1554130 Share Posted February 11, 2023 (edited) Thanks. This isn't very important, but here's the fixlog and FRST logs Addition.txt Fixlog.txt FRST.txt Edited February 11, 2023 by sp123 Link to post Share on other sites More sharing options...
sp123 Posted February 12, 2023 Author ID:1554135 Share Posted February 12, 2023 This thread can be closed. Thank you Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 13, 2023 Root Admin ID:1554240 Share Posted February 13, 2023 Here are some recommendations. I'll go ahead and close your topic now. Take care. Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site.https://www.howtogeek.com/240255/password-managers-compared-lastpass-vs-keepass-vs-dashlane-vs-1password/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin Further reading if you like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Hopefully, we've been able to assist you with correcting your system issues. Thank you for using Malwarebytes 1 Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 13, 2023 Root Admin ID:1554241 Share Posted February 13, 2023 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts