Author Topic: System Information/Suspicious Files/Explanation  (Read 1560 times)

0 Members and 1 Guest are viewing this topic.

Offline Jaimeallana

  • Newbie
  • *
  • Join Date: Oct 2017
  • Posts: 1
  • Karma: 0
    • View Profile
System Information/Suspicious Files/Explanation
« on: October 06, 2017, 05:35:03 PM »
Tweaking.com - System Information v1.0.2

Date: 10/6/2017
Time: 6:17:59 PM

1. Suspicious Files

--------------------------------------------------------------------------------------------------------------------------------
1. Suspicious Files (Detail Level: Basic) Start
--------------------------------------------------------------------------------------------------------------------------------
-Has No File Version-
File Name: PBL.sys
CRC-32: 8116DA19
MD5 Hash: B3D40C3506E30D93F618B09A7CCBCB01
File Hidden?: Not Hidden
Modified: Thursday, October 01, 2015 3:54:26 PM
File Path: C:\Windows\System32\Drivers\PBL.sys
--------------------------------------------------------------------------------------------------------------------------------
-Has No File Version-
File Name: PBR.sys
CRC-32: 9CF5BD2B
MD5 Hash: 43131ECB68C8F5AB0F6ED41FCE202069
File Hidden?: Not Hidden
Modified: Thursday, October 01, 2015 3:54:26 PM
File Path: C:\Windows\System32\Drivers\PBR.sys
--------------------------------------------------------------------------------------------------------------------------------
1. Suspicious Files End


Any ideas of what this means? Is this a split hardrive perhaps? Is it a virus?

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 7627
  • Location: UK
  • Karma: 110
    • View Profile
Re: System Information/Suspicious Files/Explanation
« Reply #1 on: October 25, 2017, 01:51:30 PM »
The only PBL.sys that I know of is https://www.spamhaus.org/pbl/removal/ but your IP address doesn't appear to be PBL - ISP Maintained.

I don't know about the PBR.sys but they both seem to be in \System32\Drivers

Have you downloaded anything that could have gotten you these, although I appreciate you may not know how long they have been on your computer.

Should they be unwanted programs, download the free version of MBAM - click on Scan in the left pane then on Custom/Configure Scan and check the box for C:

You could perhaps uncheck the box for Archives but there's no telling where this has come from.

This will be a full scan and will take some time to complete.

You could follow that up with a scan with AdwCleaner.

After you click on Scan it may list some items in the lower pane it considers unwanted programs.

If it does and you want to keep any, then just uncheck their boxes.

If it finds anything else to delete, you will see it in its Log.

It will delete those items when you close the log and hit Cleaning and the reboot.

https://www.malwarebytes.com/mwb-download/

https://www.malwarebytes.com/adwcleaner/

« Last Edit: October 25, 2017, 01:57:55 PM by Boggin »