New
#1
Can somebody interpret this output from MBAM please
My suspicions were raised when browsing a local news site and Edge couldn't open the page and I was left looking at the refresh the page or search options. Then I noticed the address in the bar began with something like SSL-cam/gibberish etc etc /search%SMH. Apologies, but I hastily closed the browser and didn't copy the exact string.
By the way SMH is the website I was trying to view.
I ran the free version of MBAM and it wouldn't run. Stuck at updating and the time elapsed ticking over. I closed MBAM and ran it in Chameleon mode with the following output saved;
Here's the output from the terminal window;Code:Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 29/11/2016 Scan Time: 9:18 AM Logfile: scan.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.11.28.01 Rootkit Database: v2016.11.20.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Enabled OS: Windows 10 CPU: x64 File System: NTFS User: dwick Scan Type: Threat Scan Result: Completed Objects Scanned: 299927 Time Elapsed: 3 min, 18 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 4 PUP.Optional.MyStart, HKU\S-1-5-21-454648519-1538227085-1954309458-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\mystart.com, , [7e239a2bc3d7d75f2a68df01d130bb45], PUP.Optional.MyStart, HKU\S-1-5-21-454648519-1538227085-1954309458-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\www.mystart.com, , [227f30953763f93df39f20c08879b34d], PUP.Optional.MyStart, HKU\S-1-5-21-454648519-1538227085-1954309458-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\mystart.com, , [e6bba124d1c98caa5241b12fbc457b85], PUP.Optional.MyStart, HKU\S-1-5-21-454648519-1538227085-1954309458-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\www.mystart.com, , [d6cb5b6afb9f66d0880bc917b54c0bf5], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
Now the reason I ask about this is that I tried using several all-in-one homepages and MyStart.com happened to be one of them. So if I'm not mistaken this just confirms my stupidity.Code:MBAM-Chameleon ver. 3.1.29.0 Press any key to continue Installing Driver... Protected Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\ ...Done! Trying to start Malwarebytes Anti-Malware, please wait... ...Done! Updating MBAM... Done! Killing known malicious processes, please wait... Mbam-killer Timeout set to 1800 seconds. Mbam-killer is scanning - Press C to cancel... 198570: HKU\S-1-5-21-454648519-1538227085-1954309458-1001_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERS.Mbam-killer scan is complete. Mbam-killer is exiting. Trying to start a scan - please wait... Waiting for scan to complete Done! Removing protection driver... ...Done! Press any key to continue