New
#31
Known issue since 20H2: On a clean install, the first SFC /scannow run will complain and report files being repaired.
Known issue since 20H2: On a clean install, the first SFC /scannow run will complain and report files being repaired.
Ok here they are.
Free file sharing without registration and size limits
Windows Defender: in the Addition log, has found trojans. Best we get 2nd opinions.
Step 1: Run AdwCleaner
Download AdwCleaner 8.2.0 / 8.3.0 Beta
Download AdwCleaner
Downloads - AdwCleaner - ToolsLib
https://www.malwarebytes.com/adwcleaner/
Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click Scan Now
Click on Quarantine for all it finds.
Reboot.
Please Copy & Paste the contents of that logfile with your next reply.
https://i.imgur.com/qERgl4y.gif
Step 2: Run Malwarebytes Anti-Malware ( MBAM ) Use Threat Scan. Make sure Rootkit scan is on.
Download Malwarebytes 4.4.0.220
Malwarebytes Anti-Malware 4.4.0.220 Free Download - FreewareFiles.com - Security/Privacy Category
Malwarebytes Anti-Malware 4.4.0.220 Screenshot - Freeware Files.com
Malwarebytes Cybersecurity for Home and Business | Malwarebytes
Forum
Malwarebytes Forums
FAQ - Malwarebytes won't run or failed to resolve my issues
https://forums.malwarebytes.com/topi...lve-my-issues/
Scanning, you will get something like this.
https://i.imgur.com/4NZ5Qw0.gif
https://i.imgur.com/rRfr1oD.gif
https://i.imgur.com/tShE6tQ.gif
https://i.imgur.com/iJZHDC0.gif
After a restart ( if required ) Copy & Paste the contents of the scan into your reply.
If too large, upload to a site of your choosing.
Follow these directions, until you get to Export.
https://support.malwarebytes.com/hc/...s/360038479194
Ok.
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-18-2021
# Duration: 00:00:04
# OS: Windows 10 Pro N
# Scanned: 31976
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Do you want me to do this?
Malware Log, just found my utorrent stuff, I don't really want to get rid of it but I can if you think it will help
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 6/18/21
Scan Time: 4:18 PM
Log File: 2e3caf18-d001-11eb-959e-3c7c3fda6618.json
-Software Information-
Version: 4.4.0.117
Components Version: 1.0.1308
Update Package Version: 1.0.41863
License: Trial
-System Information-
OS: Windows 10 (Build 19043.1052)
CPU: x64
File System: NTFS
User: DESKTOP-6KHEBOF\Steven
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 272543
Threats Detected: 6
Threats Quarantined: 0
Time Elapsed: 1 min, 16 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 1
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent, No Action By User, 1328, 645365, , , , , ,
Registry Value: 1
PUP.Optional.OpenCandy, HKU\S-1-5-21-3572946782-47499781-3206882523-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|uTorrent, No Action By User, 1328, 645365, , , , , ,
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 4
PUP.Optional.OpenCandy, C:\DOCUMENTS AND SETTINGS\PUBLIC\Desktop\µTorrent.lnk, No Action By User, 1328, 645365, , , , , 057E12BF984674515D6CF0E923CC02CA, 8F20311C2F82BB5DAE5E7FBCA05E56DD388806ABA030CC493F2D1E0F9633B9BE
PUP.Optional.OpenCandy, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\µTorrent.lnk, No Action By User, 1328, 645365, , , , , 6988E694395214EAA02EAE88DE66C487, F9F17C98D2A2055796089401A35C0F1AFF6B7302223D049E474FDA95FD122903
PUP.Optional.OpenCandy, C:\USERS\STEVEN\APPDATA\ROAMING\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk, No Action By User, 1328, 645365, , , , , ABB4845D2155D28FEF32945F9F1CFC9B, 8A9219C7E39DC47C348AC635112A8350B239385A0436BA8FB75F645DDC69C80C
PUP.Optional.OpenCandy, C:\PROGRAM FILES (X86)\UTORRENT\UTORRENT.EXE, No Action By User, 1328, 645365, 1.0.41863, E246B8C9C28268B68F5E2CBB, dds, 01294868, AB6BC52B9BD6EF0106847CDE0566A9A3, 829876EFB609475CE4F59110C66EA49C7A9A7D437F16AC7048E65F649B4D5E64
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
"Malware Log, just found my utorrent stuff, I don't really want to get rid of it but I can if you think it will help"
Just noticed that, yes please, you won't lose anyhthing, other than those nasties.
Next step.
Run ESET Online Scanner, Copy and Paste the contents of the log in your reply please. This scan may take a very long while, so please be patient. Maybe start it before going to work or bed.
Make sure these options are checked/ticked in Advanced settings.
Remove found threats, Scan archives, Scan for potentially unsafe applications, Enable Anti-Stealth technology.
Free Virus Scan | Online Virus Scan from ESET | ESET
How do I use the ESET Online Scanner?
[KB2921] Install and run ESET Online Scanner version 3
How can I view the log file from ESET Online Scanner?
[KB405] ESET Online Scanner version 3 FAQ
[KB3233] Scan your computer and export scan logs in ESET Windows home products
15. The ESET Online Scanner saves a log file after it completes a scan. This log file can be reviewed or sent to ESET for further analysis. To save the log file, click Save scan log and select the save location. You can also click View scan details to see the information. To view the log after ESET Online Scanner has been closed, Show hidden files and folders must be enabled in File Explorer. New logs are appended to the existing log files when multiple scans are run. The path to the log file is the following: C:\Users\username\AppData\Local\Temp\log.txt
Can I select the destination of the scan?
Yes, the new version of ESET Online Scanner provides an option to select the destination of the scan (scan targets). This option can be found under Advanced settings.
Configure ESET this way & disable your AV.
https://i.imgur.com/wZF1Ppi.gif
How to Temporarily Disable your Anti-virus
In Windows 10, go to Settings > Update & Security > Virus & threat protection settings, and turn off the “Real-time protection” option. Windows Defender is now called Microsoft Defender Antivirus.
[Solution] How to Disable Windows Defender Antivirus on Win 10
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides
All done.
No place to select options on the online scan (that I could see, only proxy settings) the FAQ said it had all those options on so I assume its all on by default. Log as follows, anti-virus off.
18:05:25 CmlLineScanner cannot load dll:C:\Users\Steven\AppData\Local\ESET\ESETOnlineScanner\esets_apiW The specified module could not be found.
18:05:27 # product=EOS
# version=8
# ESETOnlineScanner.exe=10.20.7.0
# country="Australia"
# lang=1033
18:06:54 Updating
18:06:54 Update Init
18:06:56 Update Download
18:11:55 esets_scanner_reload returned 0
18:11:55 g_uiModuleBuild: 49845
18:11:55 Update Finalize
18:11:55 Call m_esets_charon_send
18:11:55 Call m_esets_charon_destroy
18:11:55 Updated modules version: 49845
18:12:04 Scanner engine: 49845
18:57:46 Call m_esets_charon_send
18:57:46 Call m_esets_charon_destroy
18:57:56 # product=EOS
# version=8
# ESETOnlineScanner.exe=10.20.7.0
# country="Australia"
# lang=1033
19:11:49 # product=EOS
# version=8
# ESETOnlineScanner.exe=10.20.7.0
# country="Australia"
# lang=1033
19:12:43 Updating
19:12:43 Update Init
19:12:52 Update Download
19:13:11 esets_scanner_reload returned 0
19:13:11 g_uiModuleBuild: 49847
19:13:11 Update Finalize
19:13:11 Call m_esets_charon_send
19:13:11 Call m_esets_charon_destroy
19:13:12 Updated modules version: 49847
19:13:21 Scanner engine: 49847
19:39:18 Call m_esets_charon_send
19:39:18 Call m_esets_charon_destroy
Eset seems incomplete, never mind, as long as it did it's job.
Here is the MS link from your addition logs, use to see what Microsoft Defender says now.
https://www.microsoft.com/en-us/wdsi...2&enterprise=0