|
Post by puppet on Sept 29, 2016 7:04:23 GMT -8
I have 3 com surrogates that show up then go away and leave one, I don't know if I have a virus or not, also about a week ago I had some heur.ADVML.C show up that was caused by a english patcher for a game which I think might have been a false positive but I just want to be sure. I would rather be safe then sorry. Also my OS is Windows 10 Home 64bit FRST.txt wikisend.com/download/396654/FRST.txtAddition.txt wikisend.com/download/573694/Addition.txt
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Sept 30, 2016 0:03:53 GMT -8
I'm not seeing anything directly in your logs; if you want, please run the following two scanners and just have them scan (but not clean or delete anything): FIRSTRead carefullyDownload Adwcleaner from here to your desktop and run a scan. You may have to right click adwcleaner.exe and choose "Run as Administrator" from the menu. (Click the Scan button to start the scanning). It will create a log after it is finished scanning. If not (or if it just asks for you to uncheck what you don't wanted deleted), there is a LogFile button in the middle of the main window; click that and it will make the log file. Once the report file is made, you can leave AdwCleaner running (but don't delete anything yet) or you can close it down (we can always get a fresh scan done before the deletions). ONE SCAN ONLY, PLEASEAttach or paste the log back here for review and further instructions. Thanks. SECONDMalwarebytes' Anti-MalwarePlease download the latest version of Malwarebytes' Anti-Malware from HereDouble Click on the mbam-setup.exe file to install the application. Do not check on the Trial of Professional version. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link Once the program has loaded and updated, select " Scan Now >>" to start the scan. The scan may take some time to finish, so please be patient. If any malware is found, you will be presented with a screen like the one below. Please click on the Save results > link in the bottom right hand corner and select the Text file(*.txt) from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop). After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that. Please attach the report file to a post here; I will review the file and script what needs to be removed.
|
|
|
Post by puppet on Sept 30, 2016 6:12:52 GMT -8
When I did the Malwarebytes scan it only scanned 342,655 file's, was there something I needed to change in the setting's at all for the scan before hand, cause it feel's like the scan might have just stopped for some reason, though I could be wrong. I haven't messed with the setting's but was just wondering if I needed to. Thank you for your time and help. AdwCleanerS0.txt (1.85 KB) MalwarebytesScan.txt (1.03 KB) I also have Norton Security, so I don't know if that would mess with any of the scan's or not, I didn't need to give permission at all, but it show's Malwarebytes was blocked once it got around to C:\Program Files (x86)\Norton Security\Engine\22.8.0.50\ns.exe cause of unauthorized access blocked (Access Process Data) do you think that might have stopped it from scanning? I didn't turn off Norton at all, but it never popped up showing it was blocked other then in the history. I'm keeping ADWCleaner open rather then closing it or removing the Registry or Google Chrome stuff until you tell me to. My computer turned off for a windows update I didn't notice, so I hope that doesn't mess with anything it closed ADWCleaner.
|
|
|
Post by puppet on Sept 30, 2016 6:44:55 GMT -8
Also I forgot and accidentally downloaded ADWcleaner and Malwarebytes to my C drive then rather on the Desktop, is that fine?
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Sept 30, 2016 22:00:56 GMT -8
You can have AdwCleaner Clean whatever it finds; the items found are leftovers and should be removed. Let me know how your system is running after that.
Oh, and it is fine that you downloaded the programs to the drive.
|
|
|
Post by puppet on Sept 30, 2016 22:10:36 GMT -8
I had ADWCleaner clean and restart PC, the only thing that showed up was a windows 10 notification for my audio but it seems to be fine, other then that my computer seems normal,I think it's cause it had to close all program's. Anything else I need to do? Thank you for you time and help. Though my taskmanager still has the com surrogate thing, I'm guessing that might just be normal stuff? Also here are the .txt for AdwCleaner AdwCleanerS1.txt (1.92 KB) AdwCleanerC0.txt (1.93 KB)
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Sept 30, 2016 22:23:38 GMT -8
Yes;, I believe that you are seeing normal behavior. Your logs seem to be clean and what the scanners are finding (while cleaned up) is certainly nothing to get worried about. Please keep the tools we have used (AdwCleaner and Malwarebytes) and run the periodically to help keep your system clean.
Unless you have some other issues, I would say you are good to go.
|
|
|
Post by puppet on Oct 1, 2016 5:30:08 GMT -8
Thank you I wasn't sure if it was normal or not since I never noticed it before, I had turned off my computer for the night and it all is working normal, sorry if I wasted your time, I was just worried after the english patch thing got quarantined by norton which I think was a false positive considering how it edits files. Thank you for your time and help dbrisen.
|
|
|
Post by puppet on Oct 1, 2016 5:37:39 GMT -8
I opened my c drive to check some stuff and there's Windows.old, is that something created from ADWCleaner?
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 1, 2016 19:38:49 GMT -8
Windows.old is made by either the Free Upgrade to Win10 or by the last Major Update (the Win10 Anniversary Update). Windows will delete this folder automatically after 30 days have passed from the time you got the upgrades / updates. You can also clear this and other unneeded files from your system by running Disk Cleanup. You can find a good set of instructions on Disk Cleanup (and other functions of Windows 10) here.
|
|