Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HijackThis Log: Please Help Diagnose


  • This topic is locked This topic is locked
26 replies to this topic

#16 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 13 December 2016 - 10:12 AM

It should run fine with it enabled.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


BC AdBot (Login to Remove)

 


m

#17 NotEvenRemotelyAGeek

NotEvenRemotelyAGeek
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 13 December 2016 - 10:35 AM

Hi again, I made an executive decision and let the Kaspersky scan complete before starting the Malwarebytes installation.

 

Note that the MBAM dashboard and menu options have changed from the description in the instructions you provided–but I found the log file.  Here it is:

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 12/13/16
Scan Time: 9:53 AM
Logfile: MBAM log 1.txt
Administrator: Yes
 
-Software Information-
Version: 3.0.4.1269
Components Version: 1.0.39
Update Package Version: 1.0.718
License: Trial
 
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: ZLenovo\Zo\u00c3\u00ab
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 403281
Time Elapsed: 3 min, 3 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
********
I have no other outstanding problems to report.  Just wondering, however, about the Vulnerability Report that Kaspersky generates.  It identifies four particular files as "vulnerable".  Not sure whether I need to act on it.
 
N.E.R.A.G.


#18 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 13 December 2016 - 11:55 AM

I made an executive decision and let the Kaspersky scan complete before starting the Malwarebytes installation.

 

I didn't realise that it was scanning - good decision.

 

That report wasn't complete but if you say there were no threats and Kaspersky also found none I would say all is well.

 

Please let me know if you're happy that all is well and, if so, I'll send instructions to tidy up.

 

Satchfan


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#19 NotEvenRemotelyAGeek

NotEvenRemotelyAGeek
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 13 December 2016 - 12:19 PM

Hi Satchfan,

 

Just the Kaspersky Vulnerability Report... it identifies four files as "vulnerable" and suggests that I download the updates to 7-zip.  Should I do this?

 

Thank you!



#20 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 13 December 2016 - 05:02 PM

Can you send me the Kaspersky Vulnerability Report so that I can see which files it identified.

 

suggests that I download the updates to 7-zip.  Should I do this?

 

I should wait until I see the result of the report.


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#21 NotEvenRemotelyAGeek

NotEvenRemotelyAGeek
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 13 December 2016 - 05:17 PM

Hi Satchfan,

 

I can't seem to post a screen shot that identifies the problem files found on my computer.  Is there an option to attach a jpg file?

When I dig further, here's the background information that comes up:

 

KLA10823

DENIAL OF SERVICE AND ARBITRARY CODE EXECUTION VULNERABILITIES IN 7-ZIP

Updated: 06/14/2016

CVSS ? 6.8

Detect date ? 06/01/2016

Severity ? High

Description

Improper processing of UDF files was found in 7zip. By exploiting this vulnerability malicious users can cause a denial of service or execute arbitrary code. This vulnerability can be exploited remotely via specially crafted UDF file.

Technical details

This vulnerability related to CInArchive::ReadFileItem method in Archive/Udf/UdfIn.cpp. It can be exploited via specially formed PartitionRef field in the Long Allocation Descriptor in a UDF file.

Affected products

7-Zip 9.20

7-Zip 15.05 beta

Solution

Update to the latest version.

Get 7-Zip

Impacts ? ACE [?]

DoS [?]

Related products 7-Zip

CVE-IDS ?

CVE-2016-2335



#22 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 13 December 2016 - 05:40 PM

DENIAL OF SERVICE AND ARBITRARY CODE EXECUTION VULNERABILITIES IN 7-ZIP

 

That is quite a usual threat report from many antivirus companies and if you google it you'll find a lot of, (technical), information. I understand that there is an apparent flaw in 7-zip that is a potential threat and they are trying to fix it, which is probably why Kaspersky is suggesting updating it.

 

I'm not remotely an expert on these matters but I would personally not be concerned.

 

Are you happy to tidy up?


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#23 NotEvenRemotelyAGeek

NotEvenRemotelyAGeek
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 13 December 2016 - 09:06 PM

Okay, let's tidy up.

 

NotEvenRemotelyAGeek



#24 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 14 December 2016 - 03:11 AM

Your computer appears to be clean. Please follow these steps to tidy up your computer.


Uninstall AdwCleaner

  • double click on adwcleaner.exe to run the tool
  • click on Uninstall
  • confirm with Yes.

===================================================

Download & run Delfix

  • download Delfix from here to remove many of the tools we've used during the cleaning process.
  • ensure “Remove disinfection tools” is checked.

Also place a checkmark next to:


o    Create registry backup
o    Purge system restore

  • click the Run button.

You can delete all other logs and programs we’ve used that are on your desktop. Just click on them and press Delete.

===================================================

Recommended programs

SpywareBlaster. SpywareBlaster protects against bad ActiveX, it immunizes your PC against them. It blocks over 11,000 bad sites and uses no resources of your computer.

======================

Update and run Malwarebytes. This really is an excellent program that you should also update and run on a regular basis, probably weekly.

===================================================

I also recommend that you read the following:

Best Practices for Safe Computing - Prevention of Malware Infection by miekiemoes

Simple and easy ways to keep your computer safe and secure on the Internet  by Lawrence Abrams

===================================================

You can start a topic in the Windows forum with any remaining problems and explain that you have been checked for malware and there was none present.

I will keep this open for 24 hours in case you have any problems, after which I’ll close the topic.

Safe computing

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#25 NotEvenRemotelyAGeek

NotEvenRemotelyAGeek
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:50 AM

Posted 14 December 2016 - 08:19 AM

Thank you, Satchfan!



#26 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 14 December 2016 - 08:24 AM

You're welcome. :hello:


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#27 satchfan

satchfan

  • Malware Response Team
  • 2,543 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:10:50 AM

Posted 16 December 2016 - 04:08 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users