• Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About Dnggt56

  • Rank
  1. Hmm, should I be worried? I though it was false positive because it appeared when browsing youtube. But here are new farbar logs, if you could review these to determine if something came from it or if pc has been infected from elsewhere since i uploaded the previous farbar logs. FRST.txt Addition.txt
  2. Alright. What about that youtube warning? Is that also false positive? Im not an expert on noscript, but it seems to be saying that the attack is coming from youtube to google ads site, not that the threat is coming from google ads? If it indeed means that attack is coming from youtube.com, then its 99,99% false positive as youtube is not distributing malware.
  3. Yeah. What about that cross site script warning? What malwarebytes.com has to do with adlice website? I couldnt recreate that warning, i tried going to same site again after resetting noscript but it did not give that warning again.
  4. Also regardin the "setup" folder, in farbar log i can see other entries at the same exact time: 2018-01-05 03:59 - 2018-01-05 04:08 - 000022352 _____ (RW-Everything) C:\WINDOWS\SysWOW64\Drivers\AsrSetupDrv.sys 2018-01-05 03:59 - 2018-01-05 03:59 - 000000000 ____D C:\Users\Amm\Downloads\Setup 2018-01-05 03:59 - 2018-01-05 03:59 - 000000000 ____D C:\Users\Amm\AppData\Local\Comms AsrSetupDrv.sys could be some Asrock motherboard driver file
  5. But what about that Setup folder? Its pretty weird because i didnt download anything that would have created such folder because by the time i saw it i only had installed windows, installed motherboard drivers from motherboards disc, updated windows, installed firefox and added noscript and ublock, and when i downloaded graphic card drivers i noticed that Setup folder which apparently was there all along as its creation time was way earlier than anything i mentioned. Its very weird because the Setup folders creation time is 5.1 03:59 and my pc was not even on at that time, i had it shut down.
  6. FRST.txt Addition.txt scan_180105-185403.txt The noscript pop up warning said Noscript detected a potential cross-site scripting attack from [...] to https://ww.malwarebytes.com Suspicious data: TypeError: ic is undefined,(URL) https://ww.malwarebytes.com/images/mb-logo-2.png I removed the first W from the addresses so that they are not functional in case they lead to malicious code.