Jump to content

Recommended Posts

Hi there,

i recently downloaded and ran MalwareBytes on my 3 months old Notebook. The program found a Trojan.Agent.Trace. It was quarantined sucessfully. But i want to ensure that i'm completely safe before i Change all my Passwords. Although I had not downloaded anything suspicious until the scan, in fact hardly anything, it is very strange, for me at least,, that MalwareBytes found a Virus.

I would be grateful, if you could help me with my issue. Please forgive my Errors in English usage. English is not my mother tongue.

 

 

FRST.txt

Addition.txt

MalwareBytes.txt

MalwareBytes2.txt

Link to post
Share on other sites

Hello Zedcom and welcome to Malwarebytes...

My screen name is kevif80, I will help check over your system. Continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download  AdwCleaner  from here: http://www.bleepingcomputer.com/download/adwcleaner/dl/125/ and save to your Desktop

 

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 

Next,

Please download  Junkware Removal Tool from here:  https://downloads.malwarebytes.org/file/jrt/    

Save it to your Desktop...

  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and  Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....


Let me see those logs, also give an update on any remaining issues or concerns...

Thank you,

Kevin....

 

 

Fixlist.txt

Link to post
Share on other sites

Thank  you for the quick Response. I attached the logs.

Issues? None at the moment

Concerns?  Yes, my Notebook behaved strangley in the past few days. Like Twitter said that my pw has to be changed. The touchpad did not respond sometimes and defrag.exe opened from time to time asking me to prompt an Action.

mrt.log

AdwCleaner[C1].txt

Fixlog.txt

JRT.txt

Link to post
Share on other sites

Check here: http://www.tenforums.com/tutorials/8933-optimize-defrag-drives-windows-10-a.html 

See if your hard drive can be optimized, does that make any difference...

For your Touchpad, type touchpad into search function next to start. Tap enter, that should open devices with mouse and touchpad selected. Are your setting like the attached image

touchpad.PNG

Link to post
Share on other sites

No obvious malware or infection was found in your logs, there were remnants from an application named Pokki by developer SweetlLabs. Whilst Pokki is not malicious per se, it does have issues that are definitely suspect. http://www.shouldiremoveit.com/Pokki-5024-program.aspx

If no remaining issues or concerns I guess we can clean up..

Download "Delfix by Xplode" and save it to your desktop.

Or use the following if first link is down:

"Delfix link mirror"

If your security program alerts to Delfix either, accept the alert or turn your security off.

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

Make Sure the following items are checked:

 
  • Remove disinfection tools
  • Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created.
  • Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection


Now click on "Run" and wait patiently until the tool has completed.

The tool will create a log when it has completed. We don't need you to post this.

Any remnant files/logs from tools we have used can be deleted…

Next,

Read the following links to fully understand PC Security and Best Practices, you may find them useful....

Answers to Common Security Questions and best Practices

Do I need a Registry Cleaner?

Take care and surf safe

Kevin... user posted image

 

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.