Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows-Movie maker with a UDP connection.


  • Please log in to reply
8 replies to this topic

#1 Athenakins

Athenakins

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 09 September 2014 - 02:43 PM

I was monitoring my connections using TCPview and I noticed that Windows Movie-maker has established a UDP connection. There were no packets sent or received. But once I logged onto a video chatting website, and then used windows movie maker for vlogging purposes, I noticed there were packets sent and received in the UDP connection by WMM. I have reasons to believe something funny has happened through that site, since I once met someone on that site who described something I did while recording a vlog (I do not publish these vids online or anything, just for myself and immediate family). Am I just being paranoid? Or does this mean something funny?

 

 

P.S. I have also tried downloading wireshark to see if I can trace the IP, but it doesn't get installed in my computer for some reason.



BC AdBot (Login to Remove)

 


#2 Kirbyofdeath

Kirbyofdeath

  • Members
  • 459 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on Earth
  • Local time:06:49 PM

Posted 09 September 2014 - 02:47 PM

Please download Malwarebytes Anti-Malware.

 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log, download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.


#3 Athenakins

Athenakins
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 10 September 2014 - 03:22 AM

I do have Malwarebytes installed on my computer, and ran a scan. It didn't detect anything in this one, but had sometime back. This is the log as asked:
 

Quarantined Items:
===================
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\i.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\s.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: Folder, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\J.xml
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/17 14:31:42, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\q.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCU\Software\AppDataLow\Software\PriceGong
Vendor: PUP.BundleInstaller.PHP, Date: 2013/08/12 15:09:07, Type: File, Location: C:\Users\Bush\Downloads\installer_age_of_empires_ii_gold_edition.exe
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\o.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\J.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\m.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\k.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\p.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\g.xml
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\z.xml
Vendor: PUP.Optional.Softonic.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCU\Software\Softonic\Universal Downloader
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\u.xml
Vendor: PUP.Optional.BestToolbar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\r.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\p.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\u.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\c.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\q.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\f.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\o.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\h.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: Folder, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\n.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\k.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\y.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: Folder, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/17 14:31:42, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: Folder, Location: C:\Users\ForAnidiot\AppData\LocalLow\PriceGong
Vendor: PUP.Optional.BestToolbar.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\d.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\e.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: Folder, Location: C:\Users\Bush\AppData\LocalLow\PriceGong
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\l.xml
Vendor: PUP.Optional.BestToolbar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\x.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{33CC1158-116B-496E-A15D-6A3A25E7EF2E}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\1.xml
Vendor: PUP.RiskwareTool.CK, Date: 2014/05/04 07:34:53, Type: File, Location: C:\Users\Bush\Desktop\F\Winamp\winnap5\cr_wp50.exe
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\l.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\mru.xml
Vendor: Stolen.Data, Date: 2013/08/12 15:09:07, Type: File, Location: C:\Users\Bush\AppData\Roaming\data.dat
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\w.xml
Vendor: PUP.Optional.Softonic.A, Date: 2014/04/20 09:08:35, Type: File, Location: C:\Users\Bush\Downloads\SoftonicDownloader_for_age-of-empires-ii.exe
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\s.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\b.xml
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\t.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\mru.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\m.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: Folder, Location: C:\Users\ForAnidiot\AppData\LocalLow\PriceGong\Data
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\c.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\t.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\a.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: Trojan.Agent.Gen, Date: 2013/08/12 15:09:07, Type: File, Location: C:\Users\Bush\AppData\Roaming\winlogon.exe
Vendor: PUP.RiskwareTool.CK, Date: 2014/05/04 07:34:53, Type: File, Location: C:\Users\Bush\Desktop\F\F\Winamp\winnap5\cr_wp50.exe
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\f.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\b.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\i.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\v.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\a.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\x.xml
Vendor: Malware.Trace, Date: 2013/08/12 15:09:07, Type: Registry Key, Location: HKCU\Software\VB and VBA Program Settings\SrvID
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\d.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{33CC1158-116B-496E-A15D-6A3A25E7EF2E}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCR\CLSID\{33CC1158-116B-496E-A15D-6A3A25E7EF2E}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\h.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\z.xml
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: Registry Key, Location: HKCR\Toolbar.CT2786678
Vendor: PUP.Optional.BestToolbar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\w.xml
Vendor: PUP.Optional.BestToolbar.A, Date: 2014/07/19 12:32:25, Type: Registry Value, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{338B4DFE-2E2C-4338-9E41-E176D497299E}
Vendor: PUP.Optional.uTorrenToolBar.A, Date: 2014/04/20 09:08:35, Type: File, Location: C:\Program Files\uTorrentBar\tbuTor.dll
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\1.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\y.xml
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/04/20 09:08:35, Type: Registry Value, Location: HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\e.xml
Vendor: PUP.Optional.BestToolbar.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Guest.Bush-PC\AppData\LocalLow\PriceGong\Data\v.xml
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.ConduitTB.A, Date: 2014/07/19 12:32:25, Type: Registry Key, Location: HKU\S-1-5-21-145248087-3345893423-668793102-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{30F9B915-B755-4826-820B-08FBA6BD249D}
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\n.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\r.xml
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/19 12:32:25, Type: File, Location: C:\Users\Bush\AppData\LocalLow\PriceGong\Data\g.xml
===============================================================


#4 Kirbyofdeath

Kirbyofdeath

  • Members
  • 459 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on Earth
  • Local time:06:49 PM

Posted 10 September 2014 - 10:21 AM

Please scan your computer with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  •  
  • Click the esetonlinebtn.png button.
  •  
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    •  
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    •  
  •  
  • Check "YES, I accept the Terms of Use."
  •  
  • Click the Start button.
  •  
  • Accept any security warnings from your browser.
  •  
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  •  
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    •  
    • Scan for potentially unsafe applications
    •  
    • Enable Anti-Stealth technology
    •  
  •  
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  •  
  • When the scan completes, click List Threats
  •  
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  •  
  • Click the Back button.
  •  
  • Click the Finish button.


#5 Athenakins

Athenakins
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 10 September 2014 - 12:19 PM

I tried downloading the above twice. Both times while downloading the "Virus signature database" (around 36% complete) It showed up as "Unexpected error 2002" And The only option was to click on the "back" option. I'll try once more, but is there an alternative solution?



#6 Athenakins

Athenakins
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 10 September 2014 - 02:14 PM

I tried using Internet explorer to run it this time, and it shows "Cannot get update. Is proxy configured?" at 98%, twice. Any other option?



#7 Kirbyofdeath

Kirbyofdeath

  • Members
  • 459 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on Earth
  • Local time:06:49 PM

Posted 10 September 2014 - 02:17 PM

Try loading in "Safemode with Networking" then running eset.



#8 Athenakins

Athenakins
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:19 AM

Posted 11 September 2014 - 01:07 AM

It worked! However, I had left the scan on overnight, and my early-rising-energy-saving grandmother switched off the laptop's power, and it powered out, so I couldn't see if the scan had detected and removed anything. The second time I ran it, no threats were found, however at the end of it, I saw a 'manage quarantine' option, and I'm guessing it must have something to do with the earlier scan. I have attached the snapshot, in case it helps. Is there any other way to figure out what the threats were? Thanks a lot for your help!

 

 

eset2.png

eset1.png



#9 Kirbyofdeath

Kirbyofdeath

  • Members
  • 459 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere on Earth
  • Local time:06:49 PM

Posted 12 September 2014 - 03:46 PM

If you have an option to delete those files, then delete them, check if windows movie maker is fixed, and your home free!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users