Jump to content

clickcomputers2018

Techbench
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. No we don't run anything out of the ordinary besides just recently running tweaking which we do not usually ever use but seemed like it could help correct framework. We have thought of a os reinstall of course. But want to figure this out in case it happens again in the future since our client had it happen on two of his computers. Its obvious he picked it up from somewhere. The customers has tons of freeware for DVD burning, solitaire, etc. . So they most likely definitely got something nasty from that. Another busy day I will post logs your requested tomorrow morning. Thank for everything so far
  2. Sorry for wait. The laptop having this issue is now not letting me download the Malwarebytes support tool from any download link I've used. I'm not sure if it has anything to do with my 4.0.net framework but suspecting. Every time I use the download link, it downloads FRSTEnglish but on any other computer it just downloads the normal Malwarebytes tool. Which I read FRST is used for logs for forums so there must be a reason. I've included the FRST LOGS and Autoruns logs as well as a .net framework repair tool logs and the Malwarebytes notification that I am getting repeatedly. Autoruns logs.zip FRST LOGS.txt
  3. I apologize for slow replies. It has been a very busy day. I will be back tomorrow with the full set of logs for both programs.
  4. I am fine with this being an open forum. Since there is very little info about this issue that I could find. It would be nice if anyone else going through this can find some help.
  5. I am a MSP and have had a customer bring in two of their pc's for the exact same issue. Our clients computer is being attacked/pinged every couple of seconds and it will not stop. The exact Malwarebytes message we are getting is. Domain: 100k0.ddns.net Ip Address: 142.202.240.42 Port:6606 Type: Outbound File: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe Our shop has tried everything to get rid of this nuisance. We have ran Malwarebytes, Superantispyware, ADW cleaner, JRT, Roguekiller, Tweaking, FRST and also deleted the Framework 4.0 folder located in the windows folder. The trojan I assume would not allow permissions to be switched from trusted installer to be able to erase the 4.0 framework folder, we were not able to erase that folder until we moved the drive to another computer. Only then were we able to switch permissions from trusted installer to user. Once that was done the notifications had stopped for an hour or two and didn't notice a single notification while doing the rest of the clean up on the computer. After the hour or two wait the notifications started back up again. The notifications still come and full force even when not connected to any internet either. Our shop has been working on this for a couple days now and have read many forums trying to find solutions but there are non. Any help you can provide will be immensely appreciated. We would like to find out the root of this problem so we can prevent it for clients in the future and also of course a solution. -Thank you
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.