Jump to content


  • Content Count

  • Joined

  • Last visited

About buznog

  • Rank
    New Member
  1. Thanks for asking Everything seems good, except for the problem with Acrobat crashing--which may have appeared by coincidence after the malware took over. mb3 hasn't issued any realtime warnings, and nothing is reported in the threat scan I just did. Cheers !
  2. Hi there, Fixlog.txt is attached After the reboot initiated by FRST, I got a real-time warning from mb3 that a website had been blocked (see "Blocked website.txt") – but it was not one of the sites it had been warning me about before. After doing a further reboot, as you recommended, I ran a threat scan that reported 21 PUPs (see "Scan report.txt"), but stupidly I didn’t ask it to quarantine them. Some hours later I returned to the PC and tried to do a search – and discovered that Bazz Search SafeFinder had hijacked Chrome. I performed a second scan, this time with quarantine ("Scan with quarantine.txt"). I ran the mb support tool (which previously had crashed) and am attaching the logs it grabbed. No problems with Windows or Office activation. So it looks like you have gotten this evil thing out of my digital life, for which I am truly grateful! I’m not certain whether I can turn on syncing again on the (now featureless) Chrome browser on the infected pc. Also, OK to turn it on again on the Chrome installations on my laptop and phone? One last thing, which may be unrelated, but… on the second day of the malware invasion my Acrobat DC began to crash after having one or more files opened, with the attached error message. I purchased a new copy, did the uninstall/reinstall with their tech support, and the new version ran fine. But now I’m getting the same error again. Scan with quarantine.txt mbst-grab-results 2.zip Scan report.txt Blocked website.txt Fixlog.txt
  3. Every few minutes the malware I'm infected with tries to open websites like pool.minexmr.com This leads MWB "real-time protection" to report it has blocked the website, but it does not quarantine the malware itself, which is not detected when it does a threat scan. The signs and effects of the malware are as reported in previous posts in this forum - see InstallShield Virus keeps on coming back By MatthewCostanilla, January 6 2019; and Infected by a very smart malware By xRaydenx, December 26, 2018 An executable file creates a process visible in Task Manager: File = c:\Windows\SysWOW64\InstallShield\setup.exe Process = "32-bit Setup Launcher" Highly disturbing consequences, including: Running mb3 and doing a scan right after bootup works, but finds nothing. If mb3 is run again it freezes up and cannot be killed by Task Mgr. The Support Tool freezes if run. Browsers freeze when attempting to run malware-related searches or to open malware-related websites My Windows and Office365 both lost their activation (others haven't reported this) Things I have tried: Following the first steps advised in the most recent of the posts mentioned earlier, I attempted to run mb3 in Safe Mode with Networking. It opened but with all layers disabled. When I tried to repair it with the Support Tool, the tool froze but it turned out that mb3 itself was completely removed. I am attaching the logs gathered by the Support Tool; details of the non-results of the last scan done in Normal Mode after bootup; and an example of the websites that mb3 blocks in real time. Any help you can offer would be much appreciated! Threat Scan.txt Websites Blocked.txt mbst-grab-results.zip
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.