Jump to content

"There is a Recommended Update for this PC"


Recommended Posts

  • Replies 84
  • Created
  • Last Reply

Top Posters In This Topic

Alright, follow the instructions below. 

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;

sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:

  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible as a .arn (Autoruns) file;
  • Right-click on the file you saved, select Send to then Compressed (.zip) folder and attach that file in your next reply;

fixlist.txt

Link to post
Share on other sites
Quote

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by Nick (30-06-2017 20:54:06) Run:1
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: dir "C:\Users\Nick\AppData\Local" /a
*****************


========= dir "C:\Users\Nick\AppData\Local" /a =========

 Volume in drive C has no label.
 Volume Serial Number is 3E0E-B6FB

 Directory of C:\Users\Nick\AppData\Local

2017-06-30  07:27 PM    <DIR>          .
2017-06-30  07:27 PM    <DIR>          ..
2017-02-06  04:49 PM    <DIR>          ActiveSync
2017-06-30  07:10 AM    <DIR>          Adobe
2017-04-22  09:28 PM    <JUNCTION>     Application Data [C:\Users\Nick\AppData\Local]
2017-03-14  09:46 PM    <DIR>          Arma 3
2017-03-14  10:23 PM    <DIR>          Arma 3 Launcher
2017-05-12  01:06 PM    <DIR>          Bethesda.net Launcher
2017-02-06  11:42 PM    <DIR>          Black_Tree_Gaming
2017-04-18  07:02 PM    <DIR>          Blizzard Entertainment
2017-03-14  04:48 PM    <DIR>          Bohemia_Interactive
2017-02-06  05:44 PM    <DIR>          CEF
2017-02-06  05:04 PM    <DIR>          Comms
2017-04-22  09:50 PM    <DIR>          ConnectedDevicesPlatform
2017-06-28  11:04 PM    <DIR>          CrashDumps
2017-03-15  09:15 AM    <DIR>          Daybreak Game Company
2017-04-25  11:25 AM    <DIR>          DBG
2017-06-20  06:21 PM                46 desktop.ini
2017-06-06  09:51 PM    <DIR>          Diagnostics
2017-04-14  06:49 PM    <DIR>          Discord
2017-06-12  11:04 PM    <DIR>          DisplayFusion
2017-05-06  05:12 PM    <DIR>          DreadGame
2017-02-08  11:35 AM    <DIR>          Dxtory Software
2017-05-16  10:52 PM    <DIR>          ElevatedDiagnostics
2017-06-01  10:23 AM    <DIR>          En Masse Entertainment
2017-02-08  02:53 PM    <DIR>          Fallout4
2017-04-22  09:28 PM    <JUNCTION>     History [C:\Users\Nick\AppData\Local\Microsoft\Windows\History]
2017-06-30  04:35 PM         6,291,456 IconCache.db
2017-05-12  02:35 PM    <DIR>          id Software
2017-02-23  08:36 PM    <DIR>          Macromedia
2017-06-14  06:02 AM    <DIR>          Microsoft
2017-02-06  05:24 PM    <DIR>          MicrosoftEdge
2017-02-06  05:32 PM    <DIR>          Mozilla
2017-03-01  11:50 AM    <DIR>          New Technology Studio
2017-06-07  12:22 PM    <DIR>          NVIDIA
2017-06-07  12:31 PM    <DIR>          NVIDIA Corporation
2017-02-07  06:49 AM    <DIR>          Origin
2017-05-02  07:50 AM    <DIR>          Packages
2017-06-09  05:28 PM    <DIR>          PAYDAY 2
2017-02-06  05:57 PM    <DIR>          Programs
2017-02-06  04:47 PM    <DIR>          Publishers
2017-02-27  10:56 PM    <DIR>          Rockstar Games
2017-03-15  09:15 AM    <DIR>          SCE
2017-06-14  09:59 PM    <DIR>          Skyrim Special Edition
2017-02-15  12:58 PM    <DIR>          SniperElite4
2017-04-14  06:49 PM    <DIR>          SquirrelTemp
2017-02-06  05:44 PM    <DIR>          Steam
2017-04-13  03:37 PM    <DIR>          SWTOR
2017-04-13  12:27 PM    <DIR>          SWTORPerf
2017-06-30  08:53 PM    <DIR>          Temp
2017-04-22  09:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Nick\AppData\Local\Microsoft\Windows\INetCache]
2017-06-24  08:13 AM    <DIR>          Tempzxpsign17b2acd8d9cf2eb6
2017-06-23  08:41 PM    <DIR>          Tempzxpsign2ad31d6dd0a62759
2017-05-12  11:44 AM    <DIR>          Tempzxpsign79573037f11b3015
2017-06-30  07:27 PM    <DIR>          Tempzxpsign7a9285e0eb636528
2017-06-30  07:27 PM    <DIR>          Tempzxpsign822ba4ad53337b62
2017-06-23  08:40 PM    <DIR>          Tempzxpsign87c089e36c25397f
2017-06-24  08:27 AM    <DIR>          Tempzxpsign8aec3a1e47758c62
2017-05-19  09:52 PM    <DIR>          Tempzxpsign914a7d5cdef8a9e3
2017-05-20  09:40 AM    <DIR>          Tempzxpsign93717ef08232357b
2017-05-19  09:51 PM    <DIR>          Tempzxpsigncf64c629aac57ca5
2017-05-20  09:44 AM    <DIR>          Tempzxpsigne1abf4f76e9eded9
2017-05-12  11:45 AM    <DIR>          Tempzxpsignf6e3401ee0f0bb3f
2017-02-06  04:47 PM    <DIR>          TileDataLayer
2017-06-01  07:40 PM    <DIR>          TslGame
2017-06-30  04:08 PM    <DIR>          Ubisoft Game Launcher
2017-04-12  06:25 PM    <DIR>          UNP
2017-06-01  07:40 PM    <DIR>          UnrealEngine
2017-04-26  01:52 PM    <DIR>          VirtualStore
2017-06-19  09:12 PM    <DIR>          Warframe
               2 File(s)      6,291,502 bytes
              68 Dir(s)  1,241,377,280,000 bytes free

 

 

DESKTOP-THQGQTJ.zip

Link to post
Share on other sites

In that case, it doesn't look like it exists. What was the process associated with the file location? Mshta.exe again?

Link to post
Share on other sites

Did you download and/or install anything on your system while we were doing the clean-up? Or visit any website that redirected you somewhere else?

Link to post
Share on other sites

Alright well so far we know that the pop-up came back and disappeared right away after. Let's give it a couple more days of monitoring to see if it comeback.

Link to post
Share on other sites
Quote

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-07-2017
Ran by Nick (04-07-2017 13:19:00) Run:2
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: dir "C:\Users\Nick\AppData\Local" /a
*****************


========= dir "C:\Users\Nick\AppData\Local" /a =========

 Volume in drive C has no label.
 Volume Serial Number is 3E0E-B6FB

 Directory of C:\Users\Nick\AppData\Local

2017-06-30  07:27 PM    <DIR>          .
2017-06-30  07:27 PM    <DIR>          ..
2017-02-06  04:49 PM    <DIR>          ActiveSync
2017-07-04  08:02 AM    <DIR>          Adobe
2017-04-22  09:28 PM    <JUNCTION>     Application Data [C:\Users\Nick\AppData\Local]
2017-03-14  09:46 PM    <DIR>          Arma 3
2017-03-14  10:23 PM    <DIR>          Arma 3 Launcher
2017-05-12  01:06 PM    <DIR>          Bethesda.net Launcher
2017-02-06  11:42 PM    <DIR>          Black_Tree_Gaming
2017-04-18  07:02 PM    <DIR>          Blizzard Entertainment
2017-03-14  04:48 PM    <DIR>          Bohemia_Interactive
2017-02-06  05:44 PM    <DIR>          CEF
2017-02-06  05:04 PM    <DIR>          Comms
2017-04-22  09:50 PM    <DIR>          ConnectedDevicesPlatform
2017-06-28  11:04 PM    <DIR>          CrashDumps
2017-03-15  09:15 AM    <DIR>          Daybreak Game Company
2017-04-25  11:25 AM    <DIR>          DBG
2017-06-20  06:21 PM                46 desktop.ini
2017-06-06  09:51 PM    <DIR>          Diagnostics
2017-04-14  06:49 PM    <DIR>          Discord
2017-07-01  02:42 PM    <DIR>          DisplayFusion
2017-05-06  05:12 PM    <DIR>          DreadGame
2017-02-08  11:35 AM    <DIR>          Dxtory Software
2017-05-16  10:52 PM    <DIR>          ElevatedDiagnostics
2017-06-01  10:23 AM    <DIR>          En Masse Entertainment
2017-02-08  02:53 PM    <DIR>          Fallout4
2017-04-22  09:28 PM    <JUNCTION>     History [C:\Users\Nick\AppData\Local\Microsoft\Windows\History]
2017-06-30  04:35 PM         6,291,456 IconCache.db
2017-05-12  02:35 PM    <DIR>          id Software
2017-02-23  08:36 PM    <DIR>          Macromedia
2017-06-14  06:02 AM    <DIR>          Microsoft
2017-02-06  05:24 PM    <DIR>          MicrosoftEdge
2017-02-06  05:32 PM    <DIR>          Mozilla
2017-03-01  11:50 AM    <DIR>          New Technology Studio
2017-06-07  12:22 PM    <DIR>          NVIDIA
2017-06-07  12:31 PM    <DIR>          NVIDIA Corporation
2017-02-07  06:49 AM    <DIR>          Origin
2017-05-02  07:50 AM    <DIR>          Packages
2017-06-09  05:28 PM    <DIR>          PAYDAY 2
2017-02-06  05:57 PM    <DIR>          Programs
2017-02-06  04:47 PM    <DIR>          Publishers
2017-02-27  10:56 PM    <DIR>          Rockstar Games
2017-03-15  09:15 AM    <DIR>          SCE
2017-06-14  09:59 PM    <DIR>          Skyrim Special Edition
2017-02-15  12:58 PM    <DIR>          SniperElite4
2017-04-14  06:49 PM    <DIR>          SquirrelTemp
2017-02-06  05:44 PM    <DIR>          Steam
2017-04-13  03:37 PM    <DIR>          SWTOR
2017-04-13  12:27 PM    <DIR>          SWTORPerf
2017-07-04  01:18 PM    <DIR>          Temp
2017-04-22  09:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Nick\AppData\Local\Microsoft\Windows\INetCache]
2017-06-24  08:13 AM    <DIR>          Tempzxpsign17b2acd8d9cf2eb6
2017-06-23  08:41 PM    <DIR>          Tempzxpsign2ad31d6dd0a62759
2017-05-12  11:44 AM    <DIR>          Tempzxpsign79573037f11b3015
2017-06-30  07:27 PM    <DIR>          Tempzxpsign7a9285e0eb636528
2017-06-30  07:27 PM    <DIR>          Tempzxpsign822ba4ad53337b62
2017-06-23  08:40 PM    <DIR>          Tempzxpsign87c089e36c25397f
2017-06-24  08:27 AM    <DIR>          Tempzxpsign8aec3a1e47758c62
2017-05-19  09:52 PM    <DIR>          Tempzxpsign914a7d5cdef8a9e3
2017-05-20  09:40 AM    <DIR>          Tempzxpsign93717ef08232357b
2017-05-19  09:51 PM    <DIR>          Tempzxpsigncf64c629aac57ca5
2017-05-20  09:44 AM    <DIR>          Tempzxpsigne1abf4f76e9eded9
2017-05-12  11:45 AM    <DIR>          Tempzxpsignf6e3401ee0f0bb3f
2017-02-06  04:47 PM    <DIR>          TileDataLayer
2017-06-01  07:40 PM    <DIR>          TslGame
2017-07-02  04:50 PM    <DIR>          Ubisoft Game Launcher
2017-04-12  06:25 PM    <DIR>          UNP
2017-06-01  07:40 PM    <DIR>          UnrealEngine
2017-04-26  01:52 PM    <DIR>          VirtualStore
2017-06-19  09:12 PM    <DIR>          Warframe
               2 File(s)      6,291,502 bytes
              68 Dir(s)  1,204,586,766,336 bytes free

========= End of CMD: =========


==== End of Fixlog 13:19:00 ====

 

Link to post
Share on other sites

Unfortunately these logs are clean and do not show any signs of infection.

Is that pop-up showing up randomly, or solely when you browse the web?

Link to post
Share on other sites

When it came back, I couldn't find any traces of it in the logs I asked you. As if it had been deleted/quarantined already. Can you check with your Antivirus/Antimalware if they deleted/quarantined it back then (it was on June 30th).

Link to post
Share on other sites
Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 6/30/17
Protection Event Time: 9:24 PM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2268
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: time2play-online.net
IP Address: 199.101.135.115
Port: [53181]
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

(end)

Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 6/30/17
Protection Event Time: 9:24 PM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2268
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: time2play-online.net
IP Address: 199.101.135.115
Port: [53181]
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

(end)

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.