GeekPolice Tech TutorialsLog in

 


[INACTIVE] Likely have a virus

Share

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Do you still need help with this?

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Yes I do I am sorry I was away for couple of days.  My computer keeps shutting overnight all the google chrome windows I have open when I go to bed and MBam keeps not wanting to open when I click on the icon. I had to wait overnight for log to post here. I believe this is the same PUP that is showing up everyday too even though I clean it, it keeps coming back.
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/22/17
Scan Time: 2:51 AM
Log File: 011466da-cf5a-11e7-94af-002427fe8997.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3318
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 449274
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 8 min, 5 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
PUP.Optional.ASK, C:\USERS\JOANN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Replaced, [526], [454825],1.0.3318

Physical Sector: 0
(No malicious items detected)


(end)

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
My computer keeps shutting overnight all the google chrome windows I have open when I go to bed

The best thing you can do for your computer is to shut it down on a regular basis.

ESET Online Scanner
Note : If you use Internet Explorer to get the ESET Online Scanner, you won't have to download, nor install the tool, as everything will be ran in a contextual (pop-up) window of Internet Explorer. However, for every other browsers, you will have to download and install ESET Online Scanner. In this set of instruction, I'll use Google Chrome to download it and run it (since a lot of people will do it), however, except for the download and installation procedure, the same instructions applies if you use Internet Explorer. Please note that two or three prompts will appear if you use Internet Explorer asking you to reload the page, authorize the application, execute it, etc. Accept all of them in order to run ESET Online Scanner.

    Download and execute ESET OnlineScan (on this window, click on ESET Smart Installer to trigger the download). People accessing this URL via Internet Explorer will start the integration process of ESET Online Scanner in their browser;
    Once the installation is done (it requires Admin Rights), check the following settings (two of them are under Advanced Settings, click on it to display them) :

        Enable detection of potentially unwanted applications;
        Scan archives;
        Scan for potentially unsafe applications;
        Optional : If you want to scan more drives, click on Change... and select the drives you want to include in the scan;

  

    After you're done checking these options, click on Start and ESET Online Scanner will download it's virus signature database before starting the scan;
   

    Once done, the scan will start automatically. Detections will appear at the bottom of the window. ESET Online Scanner can have an extremely long scan time that can last between 2 or 3 hours. So if you start the scan, do not interrupt it, let it complete until the end;
   

    After the scan is finished, a summary window will appear to give you the information about the scan. Then you'll have to the option to see what threads were found and to manage the threats that were quarantined;
   


    Click on List of found threats, it'll display every threat identified during that scan, their type and what action was taken against them. Click on Copy to clipboard to copy these results on our clipboard and post them in your next reply;
   


    Once you're done, click on the Back button;
    Check both checkboxes at the bottom: Uninstall application on close and Delete quarantined files before clicking on the Finish button;

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
I dont have enough space to download I am going to take my computer into repair shop and have them look at things so I will be unable to reply for a few days

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Joann Anderson wrote:
I dont have enough space to download I am going to take my computer into repair shop and have them look at things so I will be unable to reply for a few days

If you don't free up some space you will continue to have problems. Just unload some of the stuff on your C drive as in my earlier suggest and you will save a few dollars.

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
I just got my computer back and I put in a new back up hard drive in it. I really only have programs on the main drive, very little stuff other then that which I have stored on a portable hard drive.  Would I be able to move some programs over beside Windows which I upgraded to windows 10 as well.

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Your programs will probably run better on the same drive that houses your OS but everything else can be save on your other drive.

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Do you require any additional help with this computer?

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
I had a 4 tb secondary hard drive installed to give me extra space and I just looked at it and it only has 1.96 tb of space left on it . This is IMPOSSIBLE because I have not saved anything to it. I was about to move some stuff over to it just now which is how I noticed this. Something is very wrong and I don't know what it is. Something is filling up space that shouldn't be and I have no clue how to fix it. This is the same thing that happened to my main hard drive, there was no way it should have been full with what I had on it.

Also mbam keeps picking up same virus everyday (Today it found two), which I quarantine but it keeps finding it the very next day. Also when I click quarantine it, mbam shuts down all tabs I have open in chrome.

Here is what it found today 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 12/8/17
Scan Time: 2:44 AM
Log File: 8dc843a6-dbeb-11e7-ae6c-704d7b881b5f.json
Administrator: Yes
 
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3442
License: Premium
 
-System Information-
OS: Windows 10 (Build 16299.64)
CPU: x64
File System: NTFS
User: System
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 318875
Threats Detected: 2
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 17 min, 44 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 2
PUP.Optional.ASK, C:\USERS\JOANN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, No Action By User, [472], [454825],1.0.3442
PUP.Optional.ASK, C:\USERS\JOANN\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [472], [454825],1.0.3442
 
Physical Sector: 0
(No malicious items detected)
 
 

(end)

Last edited by Joann Anderson on 8th December 2017, 5:32 pm; edited 1 time in total (Reason for editing : Added info)

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Joann Anderson wrote:
I had a 4 tb secondary hard drive installed to give me extra space and I just looked at it and it only has 1.96 tb of space left on it . This is IMPOSSIBLE because I have not saved anything to it. I was about to move some stuff over to it just now which is how I noticed this. Something is very wrong and I don't know what it is. Something is filling up space that shouldn't be and I have no clue how to fix it. This is the same thing that happened to my main hard drive, there was no way it should have been full with what I had on it.


I think you have a Master Boot Record (MBR) disk which supports disk size up to 2 TB you need to convert disk to GPT to work with disk larger than 2 TB.

How to Convert MBR to GPT Disk in Windows 10/8/7

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
The MBAM log shows "No action by user". Are you cleaning these pups?

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Yes I did quarantine them I just double checked in the program, they both show as being quarantined.

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Oh dear God I have no idea how to do this even looking at the link you posted I do not understand anything it is saying >,<

"I think you have a Master Boot Record (MBR) disk which supports disk size up to 2 TB you need to convert disk to GPT to work with disk larger than 2 TB.

How to Convert MBR to GPT Disk in Windows 10/8/7 "

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Backup all files stored at 4 TB disk and open Disk Management by typing Diskmgmt.msc into Start Menu or Run dialog box.  

From  Disk Management delete all partitions from 4 TB disk and right click 4 TB disk and select "Convert to GPT Disk". after converting to disk to GPT disk you can create partitions.

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
[mod]Due to inactivity this thread is locked. If you need more help, please send me a pm.[/mod]

descriptionRe: [INACTIVE] Likely have a virus

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum