Avast WEBforum
Other => Viruses and worms => Topic started by: REDACTED on August 23, 2016, 02:27:33 AM
-
For weeks now I get the same malware every day. I run Malwarebytes, it finds the malware, and I remove it. The next day the same malware is on the computer. This happens even when I'm not surfing the web, so something on my computer keeps reinstalling the malware. I was told that I should post my log here, so here it is. I appreciate any help in identifying the cause of this and eliminating it. Whatever this is, we believe that it's responsible for my wife's credit card information being stolen. Please let me know if you require any further information:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/22/2016
Scan Time: 12:26 AM
Logfile: Virus.txt
Administrator: Yes
Version: 2.2.1.1043
Malware Database: v2016.08.22.02
Rootkit Database: v2016.08.15.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Nathan and Beth
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 468131
Time Elapsed: 27 min, 28 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 3
PUP.Optional.ArcadeFrontier, C:\Users\Nathan and Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl, Quarantined, [0f0b1f2ff7a371c57db11e8fab57dd23],
PUP.Optional.ArcadeFrontier, C:\Users\Nathan and Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\3.0.605_0, Quarantined, [0f0b1f2ff7a371c57db11e8fab57dd23],
PUP.Optional.ArcadeFrontier, C:\Users\Nathan and Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\3.0.605_0\_metadata, Quarantined, [0f0b1f2ff7a371c57db11e8fab57dd23],
Files: 2
PUP.Optional.ArcadeFrontier, C:\Users\Nathan and Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\3.0.605_0\_metadata\computed_hashes.json, Quarantined, [0f0b1f2ff7a371c57db11e8fab57dd23],
PUP.Optional.ArcadeFrontier, C:\Users\Nathan and Beth\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl\3.0.605_0\_metadata\verified_contents.json, Quarantined, [0f0b1f2ff7a371c57db11e8fab57dd23],
Physical Sectors: 0
(No malicious items detected)
(end)
-
One quick check: do you have Google Drive Sync running?
Please follow the directions for scans in this topic and attach as many of the logs as you can run.
Logs to assist in cleaning malware (https://forum.avast.com/index.php?topic=53253.0)
FRST.txt, Addition.txt, Malwarebytes Anti-Malware log and aswMBR.txt. Thanks.
-
One quick check: do you have Google Drive Sync running?
Please follow the directions for scans in this topic and attach as many of the logs as you can run.
Logs to assist in cleaning malware (https://forum.avast.com/index.php?topic=53253.0)
FRST.txt, Addition.txt, Malwarebytes Anti-Malware log and aswMBR.txt. Thanks.
I will have to run the virus scans once I get home today, but yes I am running google drive sync. Is that a problem?
-
MBAM removes it and then Google Drive Sync replaces it. You may need to clear the Drive storage but the logs should show what is happening.