Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possibly infected laptop


  • Please log in to reply

#16
nigella

nigella

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts
Apologies!!! Life has been busy Ive run the two processes you asked for I need to post them. The laptop has not been used since running them. I am hoping to post the log files this evening after Ive been to work thank you
  • 0

Advertisements


#17
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 597 posts

:thumbsup:


  • 0

#18
nigella

nigella

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts

mbam130120

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 13/01/2020
Scan Time: 02:07
Log File: 7c0f6350-35a9-11ea-a802-a0d3c1694068.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.14305
Licence: Trial

-System Information-
OS: Windows 10 (Build 15063.1387)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 289724
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 48 min, 35 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.MySearchDial, HKU\S-1-5-21-4036567448-3610357976-3683549566-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [120], [168579],1.0.14305

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

 

eset130120

 

13/01/2020 09:33:12
Files scanned: 327585
Detected files: 2
Cleaned files: 0
Total scan time 04:08:50
Scan status: Finished
C:\Program Files (x86)\AVG\Antivirus\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

C:\Program Files (x86)\AVG\Antivirus\setup\offertool_x64_ais-c24.vpx Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

 

thank you for being so patient


  • 0

#19
nigella

nigella

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts

mbam130120

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 13/01/2020
Scan Time: 02:07
Log File: 7c0f6350-35a9-11ea-a802-a0d3c1694068.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.14305
Licence: Trial

-System Information-
OS: Windows 10 (Build 15063.1387)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 289724
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 48 min, 35 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.MySearchDial, HKU\S-1-5-21-4036567448-3610357976-3683549566-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [120], [168579],1.0.14305

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

 

eset130120

 

13/01/2020 09:33:12
Files scanned: 327585
Detected files: 2
Cleaned files: 0
Total scan time 04:08:50
Scan status: Finished
C:\Program Files (x86)\AVG\Antivirus\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

C:\Program Files (x86)\AVG\Antivirus\setup\offertool_x64_ais-c24.vpx Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

 

thank you for being so patient


  • 0

#20
nigella

nigella

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts

mbam130120

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 13/01/2020
Scan Time: 02:07
Log File: 7c0f6350-35a9-11ea-a802-a0d3c1694068.json

-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.14305
Licence: Trial

-System Information-
OS: Windows 10 (Build 15063.1387)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 289724
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 48 min, 35 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 1
PUP.Optional.MySearchDial, HKU\S-1-5-21-4036567448-3610357976-3683549566-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [120], [168579],1.0.14305

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

 

eset130120

 

13/01/2020 09:33:12
Files scanned: 327585
Detected files: 2
Cleaned files: 0
Total scan time 04:08:50
Scan status: Finished
C:\Program Files (x86)\AVG\Antivirus\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

C:\Program Files (x86)\AVG\Antivirus\setup\offertool_x64_ais-c24.vpx Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)

 

thank you for being so patient


  • 0

#21
nigella

nigella

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 228 posts

I don't know what you mean. Have you forgotten your Windows password?

I had forgotten the windows password but I found a way to reset it but it involved renaming utilman to utilman1 and then renaming cmd to utilman but now windows will not allow me to rename them back. do you have any ideas as to how I can rename the files?


  • 0

#22
Satchfan

Satchfan

    Trusted Helper

  • Malware Removal
  • 597 posts

Is your account a local account or linked to your microsoft account?

==============================================

I didn't ask for a Malwarebytes log but when checking my last post, I posted the wrong 'fix' so please do the following:

Copy all text in the code box below and paste it into Notepad:

@echo off
del /f /s /q "C:\Program Files (x86)\AVG\Antivirus\setup\aswOfferTool.exe”
del /f /s /q “C:\Program Files (x86)\AVG\Antivirus\setup\offertool_x64_ais-c24.vpx”
del %0

  • save the Notepad file to your desktop and name it delfiles.bat
  • save type as All Files
  • on your desktop, double-click on delfiles.bat to run it, (a black CMD window will flash, then disappear - this is normal).

The files/folders, if found, will have been deleted and the ‘delfile.bat’ file will also be deleted.

Please re-run Eset and post the results.
  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP