Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Riskware.Istealer - Malwarebytes unable to remove


  • Please log in to reply
18 replies to this topic

#1 lastm4n

lastm4n

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 09 March 2016 - 12:47 PM

Any assistance would be greatly appreciated.
Windows 8.1 pro user.
 
 
 Riskware.Istealer continues to be detected by p Malwarebytes and quarantines the file.
But the file never actually is removed. 
 
 What should i do?


Edited by lastm4n, 09 March 2016 - 12:48 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 09 March 2016 - 12:53 PM

Welcome to BC...

 

You've likely downloaded some pirated/ hacked software. Best to run all the programs below to find

and remove adware, malware and unwanted programs.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • When MBAM is finished scanning it will display a screen that displays any malware that it has detected.
  • Click the Remove Selected button.
  • MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR  REVIEW.

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 09 March 2016 - 01:42 PM

Thnx for your quickly responce.
I forgot to say that,when i scan with malwarebytes and is detecting the riskware im always remove it and for few days,malwarebytes doesnt find something but then is finding again the riskware.
I already did the step 2 and malwarebytes didnt find something suspicious.
Should i continue in step 3?

I have one pirated game,no software.


Edited by lastm4n, 09 March 2016 - 01:51 PM.


#4 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 09 March 2016 - 02:41 PM

Run all of the scans. Video Games are software, too.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 10 March 2016 - 01:10 PM

Malwarebytes results:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Scan, 10-Mar-16 1:58 AM, SYSTEM, ADMIN, Manual, Start:10-Mar-16 1:46 AM, Duration:11 min 36 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, 
 
(end)



Adwcleaner results:

# AdwCleaner v5.101 - Logfile created 10/03/2016 at 19:59:30
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Steve - ADMIN
# Running from : C:\Users\Steve\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
*************************
 
C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [906 bytes] - [10/03/2016 19:59:30]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [781 bytes] - [10/03/2016 19:57:17]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S2].txt - [1087 bytes] - [10/03/2016 19:58:58]
 
########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1183 bytes] ##########


Junkware removal tool results:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 8.1 Pro x64 
Ran by Steve (Administrator) on 10-Mar-16 at 20:05:13.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 3 
 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Steve\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\Windows\prefetch\DRIVERTOOLKIT.EXE-522A3A6D.pf (File) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10-Mar-16 at 20:06:52.39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



I cant click on the eset online scanner,when i open the page with control.

Edited by lastm4n, 10 March 2016 - 01:12 PM.


#6 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 10 March 2016 - 01:22 PM

ESET Online Scanner

 

To run ESET Online Scanner in a browser other than Internet Explorer, you'll need to download ESET Smart Installer.

This application installs and launches ESET Online Scanner in a separate window.


Edited by buddy215, 10 March 2016 - 01:23 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 10 March 2016 - 01:25 PM

ok


Edited by lastm4n, 10 March 2016 - 01:26 PM.


#8 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 10 March 2016 - 02:27 PM

No log from eset.



#9 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 10 March 2016 - 02:47 PM

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 10 March 2016 - 03:54 PM

Windows startups :
 

Yes HKCU:Run ASRock A-Tuning
Yes HKCU:Run ASRockRuefi
Yes HKCU:Run StartMenuX OrdinarySoft "C:\Program Files\Start Menu X\StartMenuX.exe"
Yes HKCU:Run uTorrent BitTorrent Inc. "C:\Users\Steve\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
Yes HKLM:Run AvastUI.exe AVAST Software "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
Yes HKLM:Run IAStorIcon Intel Corporation "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
Yes HKLM:Run ISCT Tray Intel Corporation C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
Yes HKLM:Run Raptr Raptr, Inc "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
Yes HKLM:Run RTHDVCPL Realtek Semiconductor "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
Yes HKLM:Run StartCN Advanced Micro Devices, Inc. "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
Yes HKLM:Run XFast LAN cFos Software GmbH C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
 
 
Scheduled Tasks:

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task AsrSP.exe C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\AsrSP.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task MSIAfterburner MICRO-STAR INTERNATIONAL CO., LTD. C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
Yes Task Optimize Start Menu Cache Files-S-1-5-21-2734263802-836661591-912667868-1001
Yes Task SafeZone scheduled Autoupdate 1448210368 C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate
Yes Task SafeZone scheduled Autoupdate 1448213940 C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate


Uninstall:


A-Tuning v2.0.271 ASRock Inc. 21-Nov-15 162 MB 2.0.271
Adobe Acrobat Reader DC Adobe Systems Incorporated 16-Feb-16 195 MB 15.010.20059
Adobe Flash Player 21 NPAPI Adobe Systems Incorporated 10-Mar-16 10.5 MB 21.0.0.182
AMD Install Manager Advanced Micro Devices, Inc. 06-Jan-16 26.3 MB 5.00
APP Shop v1.0.21 ASRock Inc. 20-Sep-15 11.5 MB 1.0.21
Asmedia ASM104x USB 3.0 Host Controller Driver Asmedia Technology 19-Sep-15 2.42 MB 1.16.15.0
Asmedia ASM106x SATA Host Controller Driver Asmedia Technology 19-Sep-15 124 KB 2.0.8.0000
ASRock App Charger v1.0.6 ASRock Inc. 19-Sep-15 1.32 MB 1.0.6
ASRock Restart to UEFI v1.0.5 20-Sep-15 3.24 MB 1.0.5
ASRock SmartConnect v1.0.7 ASRock Inc. 20-Sep-15 3.02 MB 1.0.7
ASRock XFast RAM v3.0.3 ASRock Inc. 20-Sep-15 12.0 MB
Auslogics Disk Defrag Professional Auslogics Software Pty Ltd 05-Dec-15 28.5 MB 4.7.0.0
Avast Free Antivirus AVAST Software 24-Nov-15 11.1.2241
Battle.net Blizzard Entertainment 25-Jan-16
CCleaner Piriform 19-Sep-15 5.09
Counter-Strike: Global Offensive Valve 26-Nov-15
ESET Online Scanner v3 10-Mar-16
Google Chrome Google Inc. 19-Sep-15 48.0.2564.116
Grand Theft Auto V 22-Nov-15 60.7 GB 1
H1Z1 Daybreak Games 19-Sep-15
H1Z1: King of the Kill Daybreak Game Company 22-Feb-16
Hard Disk Sentinel PRO HDS 19-Sep-15
Hearthstone Blizzard Entertainment 25-Jan-16
Heaven Benchmark version 4.0 Unigine Corp. 28-Sep-15 274 MB 4.0
Intel® Management Engine Components Intel Corporation 19-Sep-15 11.0.0.1153
Intel® Network Connections 20.2.3001.0 Intel 26-Sep-15 39.8 MB 20.2.3001.0
Intel® Processor Graphics Intel Corporation 25-Sep-15 10.18.14.4222
Intel® Rapid Storage Technology Intel Corporation 20-Sep-15 13.1.0.1058
Intel® Smart Connect Technology Intel Corporation 20-Sep-15 31.1 MB 5.0.10.2907
MacX HD Video Converter Pro For Windows 5.9.1 Digiarty Software, Inc. 24-Jan-16 134 MB
Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 09-Mar-16 66.1 MB 2.2.0.1024
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 22-Sep-15 4.89 MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 22-Sep-15 6.88 MB 8.0.59192
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 22-Sep-15 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 19-Sep-15 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 20-Sep-15 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 Microsoft Corporation 19-Sep-15 15.2 MB 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Corporation 19-Sep-15 12.2 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Corporation 06-Jan-16 20.4 MB 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 25-Nov-15 20.5 MB 11.0.60610.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 19-Sep-15 17.3 MB 11.0.50727.1
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Corporation 19-Sep-15 20.5 MB 12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 Microsoft Corporation 19-Sep-15 17.1 MB 12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 Microsoft Corporation 22-Feb-16 24.4 MB 14.0.23506.0
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 Microsoft Corporation 22-Feb-16 20.6 MB 14.0.23506.0
Microsoft Xbox One Controller for Windows Microsoft Corporation 06-Jan-16 1.75 MB 1.0.2
MSI Afterburner 4.1.1 MSI Co., LTD 20-Sep-15 4.1.1
NVIDIA PhysX NVIDIA Corporation 29-Nov-15 160 MB 9.14.0702
OpenOffice 4.1.2 Apache Software Foundation 10-Nov-15 341 MB 4.12.9782
Origin Electronic Arts, Inc. 19-Sep-15 9.7.2.53208
PowerISO Power Software Ltd 22-Nov-15 6.4
RadeonPro 1.0 (Build 1.1.1.0) 29-Oct-15 26.5 MB
Raptr 19-Sep-15
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 14-Nov-15 6.0.1.7560
RivaTuner Statistics Server 6.4.0 Unwinder 07-Jan-16 6.4.0
Rocket League Psyonix 29-Nov-15
Rockstar Games Social Club Rockstar Games 23-Nov-15 1.1.6.8
Rust Facepunch Studios 09-Feb-16
Skype™ 7.18 Skype Technologies S.A. 18-Feb-16 140 MB 7.18.112
Start Menu X version 5.72 OrdinarySoft 20-Dec-15 17.6 MB 5.72
Steam Valve Corporation 19-Sep-15 2.10.91.91
VLC media player VideoLAN 23-Oct-15 2.2.1
WinRAR 5.30 beta 6 (64-bit) win.rar GmbH 22-Nov-15 5.30.6
XFast LAN v10.09 cFos Software GmbH, Bonn 20-Sep-15 10.09
µTorrent BitTorrent Inc. 05-Mar-16 3.4.5.41865
 

 


#11 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 10 March 2016 - 04:24 PM

Disable these Window Startups: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes HKCU:Run uTorrent BitTorrent Inc. "C:\Users\Steve\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED

Yes HKLM:Run Raptr Raptr, Inc "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup

 

Disable these Scheduled Tasks:

Yes Task Adobe Acrobat Update Task Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task Optimize Start Menu Cache Files-S-1-5-21-2734263802-836661591-912667868-1001
 
Uninstall these programs:
ESET Online Scanner v3 10-Mar-16
µTorrent BitTorrent Inc. 05-Mar-16 3.4.5.41865 (VERY RISKY to use for downloading free stuff...may be illegal, too)
 

If you still have the pirated game you downloaded, that Riskware.Istealer will likely show up whenever you start the game. I expected

Eset to identify it...but it didn't.

All in all the computer only had a little adware...I think you are good to go after doing the above.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 11 March 2016 - 10:18 AM

Thank you so much for the help!
One last question before to lock this.

Do i have now the riskware or is removed?Should i do something else?


Edited by lastm4n, 11 March 2016 - 10:22 AM.


#13 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 11 March 2016 - 10:25 AM

If it shows up again in the MBAM scan please note its location or post the MBAM log showing it.

You're welcome...


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#14 lastm4n

lastm4n
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:00 PM

Posted 22 March 2016 - 10:00 AM

It showed up again today.
 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
 
Error, 22-Mar-16 1:47 AM, SYSTEM, ADMIN, Protection, IsLicensed, 13, 
Protection, 22-Mar-16 1:47 AM, SYSTEM, ADMIN, Protection, Malware Protection, Stopping, 
Protection, 22-Mar-16 1:47 AM, SYSTEM, ADMIN, Protection, Malware Protection, Stopped, 
Error, 22-Mar-16 4:21 PM, SYSTEM, ADMIN, Protection, IsLicensed, 13, 
Protection, 22-Mar-16 4:21 PM, SYSTEM, ADMIN, Protection, Malware Protection, Stopping, 
Protection, 22-Mar-16 4:21 PM, SYSTEM, ADMIN, Protection, Malware Protection, Stopped, 
Update, 22-Mar-16 4:34 PM, SYSTEM, ADMIN, Manual, Remediation Database, 2016.3.10.1, 2016.3.18.1, 
Update, 22-Mar-16 4:34 PM, SYSTEM, ADMIN, Manual, IP Database, 2016.3.14.1, 2016.3.21.3, 
Update, 22-Mar-16 4:34 PM, SYSTEM, ADMIN, Manual, Domain Database, 2016.3.16.6, 2016.3.21.11, 
Update, 22-Mar-16 4:34 PM, SYSTEM, ADMIN, Manual, Malware Database, 2016.3.16.5, 2016.3.22.6, 
Scan, 22-Mar-16 4:46 PM, SYSTEM, ADMIN, Manual, Start:22-Mar-16 4:34 PM, Duration:11 min 34 sec, Threat Scan, Completed, 1 Malware Detection, 0 Non-Malware Detections, 
Error, 22-Mar-16 4:47 PM, SYSTEM, ADMIN, Protection, IsLicensed, 13, 
Protection, 22-Mar-16 4:47 PM, SYSTEM, ADMIN, Protection, Malware Protection, Stopping, 
Protection, 22-Mar-16 4:47 PM, SYSTEM, ADMIN, Protection, Malware Protection, Stopped, 
 
(end)


#15 buddy215

buddy215

  • Moderator
  • 13,313 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:00 AM

Posted 23 March 2016 - 07:32 AM

That is not the scan log.

  • Click on the History tab >> Application Logs.
  • Double click on the scan log which shows the Date and time of the scan that showed the infections.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users