Jump to content

Spectro

Members
  • Posts

    16
  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

534 profile views
  1. I think it's this: https://www.googleplaymusicdesktopplayer.com/
  2. Most of the top Google results are from either here or BleepingComputer so I'm worried this might be malware. http://prntscr.com/dcztbj
  3. JavaRa 1.16 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Tue Aug 04 18:49:11 2015 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\JavaSoft Found and removed: SOFTWARE\JreMetrics ------------------------------------ Finished reporting.
  4. Here's the Security Check log. Results of screen317's Security Check version 1.006 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 80 Java 8 Update 51 Adobe Flash Player 18.0.0.209 Mozilla Firefox (40.0) Google Chrome (44.0.2403.125) Google Chrome (45.0.2454.15) ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
  5. I was having difficulty submitting these by pasting them so I've uploaded them instead. Working on the next one. FRST.txt Addition.txt
  6. Sorry I took so long. Here's this log: C:\$Recycle.Bin\S-1-5-21-361222585-474574350-3564557297-1001\$R0G6BBP.exe Win32/Bundled.Toolbar.Google.D potentially unsafe applicationC:\$Recycle.Bin\S-1-5-21-361222585-474574350-3564557297-1001\$RT9QW6Q.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
  7. There's no slow down or anything. I haven't noticed any sign of infection either. ESET has been running for three hours straight and has only detected Google.D Toolbar. Should I keep going or cancel and go to the next step?
  8. # AdwCleaner v4.208 - Logfile created 30/07/2015 at 21:42:41 # Updated 09/07/2015 by Xplode # Database : 2015-07-26.2 [server] # Operating system : Windows 10 Pro (x64) # Username : Kevin - SPECTRO-PC # Running from : C:\Users\Kevin\Desktop\MBAM Stuff\AdwCleaner\AdwCleaner.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpbbadllenpbjfnekhipioenfiplmfph ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.10240.16384 -\\ Mozilla Firefox v40.0 (x86 en-US) -\\ Google Chrome v45.0.2454.15 [C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Homepage] : ************************* AdwCleaner[R0].txt - [7268 bytes] - [30/07/2015 21:38:43] AdwCleaner[R1].txt - [7327 bytes] - [30/07/2015 21:41:18] AdwCleaner[s0].txt - [1000 bytes] - [30/07/2015 21:42:41] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1059 bytes] ########## -----MBAM log----- Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/30/2015 Scan Time: 9:52 PM Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.07.31.01 Rootkit Database: v2015.07.30.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Kevin Scan Type: Threat Scan Result: Completed Objects Scanned: 376538 Time Elapsed: 52 min, 21 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  9. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.5.4 (07.27.2015:1) OS: Windows 10 Pro x64 Ran by Kevin on Thu 07/30/2015 at 21:18:10.59 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks Successfully deleted: [Task] C:\WINDOWS\system32\tasks\update-S-1-5-21-361222585-474574350-3564557297-1001 Successfully deleted: [Task] C:\WINDOWS\system32\tasks\update-sys Successfully deleted: [Task] C:\WINDOWS\Tasks\update-S-1-5-21-361222585-474574350-3564557297-1001.job Successfully deleted: [Task] C:\WINDOWS\Tasks\update-sys.job ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_585CBC2D9CEE64E85FE3A6084EF9DC86 ~~~ Registry Keys ~~~ Files Successfully deleted: [File] C:\Users\Kevin\Appdata\Local\google\chrome\user data\default\local storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage Successfully deleted: [File] C:\Users\Kevin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage Successfully deleted: [File] C:\Users\Kevin\Appdata\Local\google\chrome\user data\default\local storage\hxxp_st.chatango.com_0.localstorage-journal ~~~ Folders Successfully deleted: [Folder] C:\Users\Kevin\Appdata\Local\crashrpt ~~~ Chrome Successfully deleted: [Folder] C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod Successfully deleted: [Folder] C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: bigefpfhnfcobdlfbedofhhaibnlghod cjpalhdlnbpafiamejdnhcphjbkeiagm [C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Kevin\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [ bigefpfhnfcobdlfbedofhhaibnlghod, cjpalhdlnbpafiamejdnhcphjbkeiagm ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Thu 07/30/2015 at 21:32:06.26 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  10. All good, I guess? Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/30/2015 Scan Time: 6:16 AM Logfile: Administrator: Yes Version: 2.1.8.1057 Malware Database: v2015.07.30.02 Rootkit Database: v2015.07.29.02 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Kevin Scan Type: Threat Scan Result: Completed Objects Scanned: 377781 Time Elapsed: 20 min, 8 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  11. FYI, I've since removed the qBittorrent software. I'll generate new logs if necessary.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.