Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected Computer?


  • Please log in to reply
1 reply to this topic

#1 Pronetheus

Pronetheus

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:56 AM

Posted 23 April 2017 - 06:52 PM

I have had the feeling that my computer has been infected with something for the past few weeks just odd behavior so I ran HitmanPro, and I got the log thats attached below. there is some malware and PUP it found but I cant run the premium verioon of hitmanpro to remove it. I scaned with Malwarebytes and it foundd nothing, is this a serious problem?
 
Thank you,
 
Pronetheus
 
 
START OF LOG
 

HitmanPro 3.7.18.284
www.hitmanpro.com
 
   Computer name . . . . : PROMETHEUS
   Windows . . . . . . . : 10.0.0.14393.X64/8
   User name . . . . . . : PROMETHEUS\anonymous
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2017-04-23 19:24:40
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 49s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 1
   Traces  . . . . . . . : 225
 
   Objects scanned . . . : 3,482,165
   Files scanned . . . . : 148,050
   Remnants scanned  . . : 1,262,733 files / 2,071,382 keys
 
Malware _____________________________________________________________________
 
   C:\Users\anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicrosoftNT.exe
      Size . . . . . . . : 284,160 bytes
      Age  . . . . . . . : 26.0 days (2017-03-28 18:25:12)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : D005948C1E8A0333F207DF0E9D22E4E9BAD227E512857143CB94E07BBF9F8476
      Product  . . . . . : PubgHack
      Publisher
      Description  . . . : PubgHack
      Version  . . . . . : 1.0.0.0
      LanguageID . . . . : 0
    > Bitdefender  . . . : Trojan.Generic.20916402
    > Kaspersky  . . . . : Trojan.MSIL.Agent.acpjt
    > HitmanPro  . . . . : Mal/Generic-S
      Fuzzy  . . . . . . : 117.0
      Startup
         C:\Users\anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicrosoftNT.exe
      Forensic Cluster
          0.0s C:\Users\anonymous\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicrosoftNT.exe
          1.5s C:\Windows\Temp\WERF825.tmp.csv
          1.5s C:\Windows\Temp\WERF846.tmp.txt
          1.9s C:\Users\anonymous\AppData\Local\CrashDumps\PubgHack.exe.27076.dmp
          3.0s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PubgHack.exe_3734b663dc70dfb4a1237b9c767182e8a3062_03df4d60_cab_2c0efde2\
          3.0s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PubgHack.exe_3734b663dc70dfb4a1237b9c767182e8a3062_03df4d60_cab_2c0efde2\Report.wer
         21.2s C:\Windows\Temp\WER450F.tmp.csv
         21.2s C:\Windows\Temp\WER451F.tmp.txt
         21.5s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PubgHack.exe_3734b663dc70dfb4a1237b9c767182e8a3062_03df4d60_162f4655\
         21.5s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PubgHack.exe_3734b663dc70dfb4a1237b9c767182e8a3062_03df4d60_162f4655\Report.wer
         21.6s C:\Users\anonymous\AppData\Local\CrashDumps\PubgHack.exe.26472.dmp
 
 
Suspicious files ____________________________________________________________
 
   C:\Users\anonymous\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953,886 bytes
      Age  . . . . . . . : 147.9 days (2016-11-26 22:55:32)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\anonymous\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138,032 bytes
      Age  . . . . . . . : 147.9 days (2016-11-26 22:55:41)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
 
Potential Unwanted Programs _________________________________________________
 
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage (AmazonBrowserBar)
   HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger)
   HKU\S-1-5-21-3511541188-1935622096-1115675152-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}\ (SaleCharger)
 
Cookies _____________________________________________________________________
 
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:254a.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:aaaautoclubsouth.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:acuityplatform.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adadvisor.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adaptv.advertising.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrn.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adfarm1.adition.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adform.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adgrx.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adhigh.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adlegend.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.avocet.io
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kiosked.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.linkedin.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.nexage.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.servebom.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsby.bidtheatre.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adscale.de
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserve.atedra.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechjp.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:adzerk.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:aexp.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:amgdgt.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:basebanner.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidr.io
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:bizrate.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.appier.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:cam.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:chango.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:clickbank.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:connexity.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:contextweb.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:creditcards-com.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ctnsnet.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtry.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:domdex.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:dotomi.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpclk.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:dsp.linksynergy.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.adzerk.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:erne.co
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:everesttech.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:eyereturn.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:eyeviewads.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:flashtalking.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:bleepmylife.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:gssprt.jp
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:gwallet.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ib.mookie1.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:imrworldwide.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ipredictive.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:kau.li
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:korrelate.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:krxd.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:legolas-media.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:link.krxd.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:linksynergy.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:match.rundsp.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:metrigo.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ml314.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:mxptint.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:nexac.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimatic.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimizely.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:outbrain.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:owneriq.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ox-d.studybreakmedia.servedbyopenx.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:pepsico.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool.admedo.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:postrelease.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:rhythmxchange.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:samsungelectronicsamericainc.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:sandbox.bidswitch.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.cpmstar.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:servesharp.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:sitescout.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:skimresources.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:swid.switchads.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap.rubiconproject.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap2-cdn.rubiconproject.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tidaltv.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tremorhub.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:tubemogul.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:turn.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:univide.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:vindicosuite.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:virool.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:vivaki.demdex.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:wtp101.com
   C:\Users\anonymous\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\06URLAWC.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\095QXPBK.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\0HHUIZ1S.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\0Q2BGPA4.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\0USR839E.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\1Y0GL9N6.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\2RTIQW0F.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\2S1AL31O.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\2SMKCUH9.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\32AOA40J.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\390J5EB6.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\3BWYDYZX.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\3JHA1H72.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\58N68QSY.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\5RREJY9E.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\5YIR7RJL.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\6073AI9D.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\63ES7WC3.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\63NPM3TK.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\7E1F7ZIX.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\7GC0WYQ1.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\7V2PD85B.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\7WF5AH3V.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\83SSQV7Y.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\95VF07BW.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\980J6JLL.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\9WA9MXTV.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\BE6KS4YN.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\CT47SP9K.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\CUXD1KSH.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\D0MUIIBF.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\EP9U9FBN.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\F1Q2OUC0.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\F1W9FEJA.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\G9XGQZ7X.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\GEGQVT8L.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\GG9ZALC5.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\GGLB0ZXN.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\GXCBJM8W.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\HELA3HRR.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\HHA2HD6C.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\I1IR89K9.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\IBMY0Z5H.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\J5CRM9GA.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\J6VKKBH6.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\JIGQJADK.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\JWV2WO1L.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\KGB3LNPQ.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\KXNDBNGG.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\L8SCBJYC.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\LL07919S.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\Low\H6LKM53R.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\Low\UII1JO3S.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\LUS72LS7.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\M7788EQR.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\MU1RTOKJ.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\N8EGQNQT.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\O2BGXM8P.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\OOXIYCV2.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\PLSMF8ER.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\PWSFD984.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\Q7OHIKYG.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\R1H9UOJ2.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\RARWYUNA.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\RRZ0WRAC.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\RTMYFSUV.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\SN5XV4YA.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\U09XPBNF.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies酀I9Z.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\UCTSQTK3.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\UZROXRQE.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\V1YGU4IE.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\VJA2U8X0.txt
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\VQC4J48A.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\WE0CGW7Q.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\X6KBL34M.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\X6L04Z7G.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\XG22P0OR.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\YQKLM8EO.cookie
   C:\Users\anonymous\AppData\Local\Microsoft\Windows\INetCookies\ZU8FWTU2.cookie
   C:\Users\anonymous\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!002\MicrosoftEdge\Cookies\T1KXD1J7.txt
 
 
 
 
END OF LOG

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:01:56 AM

Posted 24 April 2017 - 06:58 PM

Most of what is in the log are Third Party cookies. Those can easily be blocked from installing. The malware found may be a false positive identification.

How to disable third-party cookies in all major web browsers

 

Use the programs below to clean, remove adware and remove malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users