Jump to content

Bartor

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

0 Neutral
  1. As an update, it only seems to be called when i start a game called Star Wars Commander. I know the game is authentic, created by Disney. The path it comes from is in a folder called windowsapps.
  2. Hi I am running MBAM premium and recently i have been getting warnings informing me that it is blocking something called control.kochava.com. It doesn't happen very often during a session, usually only a couple of warnings when the pc is first switched on. Is this malware. I have scanned with MBAM and some other software (JET and ADWcleaner) but they don't find anything. Thanks for any help
  3. the computer has been running fine. I hadn't seen any signs of a virus or anything and had run McAfee and MBAM before but wanted to get some expert advice to see if there was anything else I should check to make sure nothing malicious had been planted in it. Thanks you for your advice and guidance.
  4. Sorry, I misread your previous response. I have now attached the ADW cleaner log and the FRST log. There is no log file for SOPHOS. I can not select 'details' as it is greyed out. It just gives me a message saying my pc is clean. AdwCleaner[C2].txt FRST.txt
  5. Thanks Here is the log for the Junkware Removal Tool ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.7 (07.03.2016) Operating System: Windows 10 Home x64 Ran by Richard (Administrator) on 13/08/2016 at 8:33:10.09 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 1 Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} (Registry Value) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 13/08/2016 at 8:37:13.33 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I have attached the logs for ADW Cleaner (note it is [s4] because I have run it before), and FARBAR SOPHOS did not detect anything and said the PC was clean. Addition.txt AdwCleaner[S4].txt
  6. Thanks for replying to my post, I know I was foolish and wont be falling for anything like that again. Here is the log for RKill. Program started at: 08/10/2016 12:35:38 PM in x64 mode. Windows Version: Windows 10 Home Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Windows\Samsung\PanelMgr\SSMMgr.exe (PID: 3776) [WD-HEUR] * C:\Windows\Samsung\PanelMgr\caller64.exe (PID: 3732) [WD-HEUR] 2 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 www.ammyy.com 127.0.0.1 www.realvnc.com 127.0.0.1 www.teamviewer.com 127.0.0.1 www.support.me 127.0.0.1 www.showmypc.com 127.0.0.1 www.aeroadmin.com 127.0.0.1 www.logmein123.com 127.0.0.1 www.infosis.net 127.0.0.1 www.secure.logmeinrescue.com 127.0.0.1 www.aeroadmin.com 127.0.0.1 www.impc.com 127.0.0.1 www.supremocontrol.com 127.0.0.1 www.anydesk.com Program finished at: 08/10/2016 12:38:27 PM Execution time: 0 hours(s), 2 minute(s), and 49 seconds(s) And here is the log for the MBAM scan Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/08/2016 Scan Time: 12:42 Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.08.10.05 Rootkit Database: v2016.08.09.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Enabled OS: Windows 10 CPU: x64 File System: NTFS User: Richard Scan Type: Threat Scan Result: Completed Objects Scanned: 346081 Time Elapsed: 21 min, 52 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Regards Richard
  7. I recently fell for a scam and allowed a 'PC Tech Support' company access to my PC. I have McAfee Internet Security installed and have run a full scan and a rootkit scan using their tool. I also have run a full scan with rootkit with Malwarebytes. Both have come up clean and the only thing they installed is CCleaner. I have changed all passwords to my accounts using a different machine. Is there any other checks I should do just to be sure? Thanks
  8. thanks for your help, hopefully you received my donation as a sign of my appreciation.
  9. it appears to be. since Saturday morning there have been no warnings from malwarebytes. I did do a scan with it which picked up nothing and since resetting the router I have had no fake warnings or pop-ups or anything like that. Thanks
  10. Here is the protection log for Saturday 23rd April when I had the two warnings. I have had no warnings or anything since and looking at the protection logs since that time show nothing. protection log 23rd april.txt
  11. Just an update on the situation, I still have no pop-ups or fake warnings occurring anymore, but I did notice this morning that Malwarebytes blocked tradeexchange.com twice.
  12. thanks for all your time and help, a donation is on its way.
  13. That seems to have done it. I've have done a bit of surfing and no pop-ups yet. Is there anything else I can do to make sure I'm not reinfected?
  14. I have not been able to access the router settings via a browser. I tried last night and I kept getting a message saying it couldn't connect to the page. I do remember before that, when I did get to the logon page for the router it wouldn't accept my password. I thought it was a simple error with the router. There is a pin-hole on the back of the router that enables a manual factory reset that I could press.
  15. Yes, I have a TP Link W8951ND wireless ADSL2+ modem router. Do you think the problem may be in there.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.