Page 4 of 17 FirstFirst ... 2345614 ... LastLast
  1.    16 Nov 2015 #31
    Join Date : Apr 2015
    Posts : 12,436
    W10Prox64

    Your JRT log

    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.0 (11.12.2015)
    Operating System: Windows 10 Home x86
    Ran by User (Administrator) on Mon 11/16/2015 at 17:06:39.26
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    File System: 3
    Successfully deleted: C:\Users\User\AppData\Local\installer (Folder)
    Successfully deleted: C:\Users\User\Appdata\LocalLow\company (Folder)

    Successfully repaired: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk (Shortcut)
    Registry: 0
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Mon 11/16/2015 at 17:08:27.95
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    That's good.
    Now please upload your MBAM scan log. Thanks.

    EDIT: I will be unavailable for about an hour now, but that should be okay because ESET will take quite a while to run.
      My ComputerSystem Spec
  2.    16 Nov 2015 #32
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    When I go to Defender Desktop app, I get the following message. This doesn't seem right. Shouldn't Defender be on normally? How do I go about turning Defender on?

    Windows Defender

    This app is turned off by group policy

    If you’re using another app to check for malicious or unwanted software, use Security and Maintenance to check that app’s status.

    To allow this app to run, contact your security administrator to enable the program via group policy.
    Also: What were you able to conclude from the several LogFiles that you reviewed?
      My ComputerSystem Spec
  3.    16 Nov 2015 #33
    Join Date : Apr 2015
    Posts : 12,436
    W10Prox64

    Quote Originally Posted by Writer View Post
    When I go to Defender Desktop app, I get the following message. This doesn't seem right. Shouldn't Defender be on normally? How do I go about turning Defender on?



    Also: What were you able to conclude from the several LogFiles that you reviewed?
    As I suspected, your Windows Defender was disabled by the malware. The bulk of it is gone, but you are not clean yet.

    Please post the Malwarebytes scan log so I can identify what infected you.

    What scan are you on now please?
      My ComputerSystem Spec
  4.    16 Nov 2015 #34
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    I just completed another Malwarebytes AM Scan. Here is the LogFile:

    Malwarebytes AM 11-16-2015 6.30 pm.docx

    Was the Scan Log from the Malwarebytes AM Scan I did around noon today stored somewhere?
      My ComputerSystem Spec
  5.    16 Nov 2015 #35
    Join Date : Apr 2015
    Posts : 12,436
    W10Prox64

    Quote Originally Posted by Writer View Post
    I just completed another Malwarebytes AM Scan. Here is the LogFile:

    Malwarebytes AM 11-16-2015 6.30 pm.docx

    Was the Scan Log from the Malwarebytes AM Scan I did around noon today stored somewhere?
    Here is where you find the MBAM log files from the scans you have run:

    Click image for larger version. 

Name:	mbam-scan-logs.PNG 
Views:	1 
Size:	52.4 KB 
ID:	48662


    There is a setting in MBAM you need to change so it detects Rootkits:


    Click image for larger version. 

Name:	MBAM-settings.PNG 
Views:	1 
Size:	52.3 KB 
ID:	48663

    So, sorry, but it really needs to be run again with the Rootkit selected, and make sure the PUPs and PUMs are "treated as malware" as well.

    To answer your earlier question - MBAM does not need to be turned off when running ESET; only your active AV (which in your case, Defender, is already disabled due to the infections).

    And is the ESET scan running now? You should only run one scan at a time, so if ESET is running, let it finish before running MBAM again please.
      My ComputerSystem Spec
  6.    16 Nov 2015 #36
    Join Date : Apr 2015
    Posts : 12,436
    W10Prox64

    Your current MBAM log

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 11/16/2015
    Scan Time: 6:30 PM
    Logfile: Malwarebytes AM 11-16-2015 6.30 pm.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2015.11.16.07
    Rootkit Database: v2015.11.14.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x86
    File System: NTFS
    User: User

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 355070
    Time Elapsed: 25 min, 56 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 1
    PUP.Optional.CrossRider, HKU\S-1-5-21-4156195948-2828175874-2147720042-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9563BC59-9556-4805-8CD4-886781779D8D}, Quarantined, [04b33c4282099a9cf540488f5da6619f],

    Do you have Ghostery installed on one of your browsers? If so, when all is said and done, it may need to be reinstalled.

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)
    (end)

    Looking much better now, but I'd still like to see the log from the first run, thanks.
      My ComputerSystem Spec
  7.    16 Nov 2015 #37
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    I was not able to access ESET from the posts that you made previously. The screen locks up so that I have to close the tab.

    I'll run Malwarebytes AM now and select a root kit. This will likely take 25 minutes again.
      My ComputerSystem Spec
  8.    16 Nov 2015 #38
    Join Date : Apr 2015
    Posts : 12,436
    W10Prox64

    Quote Originally Posted by Writer View Post
    I was not able to access ESET from the posts that you made previously. The screen locks up so that I have to close the tab.
    What browser are you trying to run it in please?
    What all browsers do you have on the system?

    Quote Originally Posted by Writer View Post
    I was not able to access ESET from the posts that you made previously. The screen locks up so that I have to close the tab.I'll run Malwarebytes AM now and select a root kit. This will likely take 25 minutes again.
    Okay sounds good.

    EDIT: I just read your other thread, and it appears that you have only Edge and Internet Explorer, is that correct? If so, then please download and install Firefox browser, and use that to run the ESET online scanner.
      My ComputerSystem Spec
  9.    16 Nov 2015 #39
    Join Date : Sep 2015
    Posts : 66
    Windows 10
    Thread Starter

    For simrick


    When I go to Malwarebytes AM "History," the list there includes three or four dates from the time I first got the viruses on 11-09-2015. There are only three options offered there: I can "Restore" "Delete" or "Delete All." The question is: how do I copy all of these files so that I can put them in a document and post them to you?

    Concerning running the ESET Online Scanner: can you give me a link for it? Usually, when I search for a link for an anti-virus scanner, about a dozen different websites come up. I don't know which one to choose. Additionally, I am now gun-shy since I got these viruses a few days ago.

    I haven't started running the Malwarebytes AM Scanner yet; I thought I would try to send you the previous Scan Logs. The virus that infected Defender might be one of the nine that I sent you earlier.

    I ran the scan, and 406 threats were listed, some as potential threats, and 9 as definite threats. I list the 9 definite threats here:
    1. NowUSeeIt Player
    2. RootKit.Komodia.pup
    3. Trojan.Agent
    4. RootKit.Agent.A
    5. Trojan.Symmi
    6. Adware.PennyBee.WnskRST
    7. Trojan.Downloader
    8. Adware.SilentInstaller
    9. Adware.Imali
      My ComputerSystem Spec
  10.    16 Nov 2015 #40
    Join Date : Apr 2015
    Posts : 12,436
    W10Prox64

    Quote Originally Posted by Writer View Post
    When I go to Malwarebytes AM "History," the list there includes three or four dates from the time I first got the viruses on 11-09-2015. There are only three options offered there: I can "Restore" "Delete" or "Delete All." The question is: how do I copy all of these files so that I can put them in a document and post them to you?
    When you click on a log, it opens, and in the bottom-left there is an "Export" button. You can select "copy to clipboard" and then paste the text right in here in your next message. (You don't even have to make a doc file out of it.)

    Make sure you select APPLICATION LOGS on the left and not QUARANTINE.

    Click image for larger version. 

Name:	MBAM-click on scanlog.PNG 
Views:	2 
Size:	70.8 KB 
ID:	48665
      My ComputerSystem Spec

 
Page 4 of 17 FirstFirst ... 2345614 ... LastLast


Similar Threads
Thread Forum
BEST Anti-Virus for Windows 10 Pro ??
I have been using Norton Anti-Virus for 10 years and Norton Security the past 3 years !! I actually bought a 3-User pack on a Super Sale Price (from Norton). My Wife uses on and I have one "unused" !! Since I Upgraded to WINDOWS 10 PRO I find...
AntiVirus, Firewalls and System Security
Malware or Virus?
I usually use downmagz.com to download magazines. Today, I went to there to get some mags and when I went to the download page I got a popup that said CableONE has blocked the website. Clicked OK and then a page came up with a blue screen and...
AntiVirus, Firewalls and System Security
Solved ?Question about virus behavior.
Hi all, story; I got a virus about 6 months ago,,around then,, I had a pro-virus program, and it found virus after virus,after virus,,,,uhh infected files,,, my question is; why didnt the virus program kill the "source of the virus"? was i...
AntiVirus, Firewalls and System Security
Help with a virus
Hi everyone, So here is my issue, I installed some software but it turned out to be a fake version of that software. It installed a ton of bloat and popups and all of that. When ever I uninstalled the software it would reinstall itself and it was a...
AntiVirus, Firewalls and System Security
VIRUS TOTAL Bookmarked
While Miles was helping some one in Eight Forums he made a recommendation for the user to scan a URL with an online scanner. An then it came to me, I should have Virus Total bookmarked. https://virustotalcloud.appspot.com/static/img/logo.png ...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 02:15.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums