Jump to content

"There is a Recommended Update for this PC"


Recommended Posts

  • Replies 84
  • Created
  • Last Reply

Top Posters In This Topic

Alright, follow the instructions below. 

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.

  • Download the attached fixlist.txt file, and save it on your Desktop (or wherever your FRST.exe/FRST64.exe executable is located);
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;

sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:

  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible as a .arn (Autoruns) file;
  • Right-click on the file you saved, select Send to then Compressed (.zip) folder and attach that file in your next reply;

fixlist.txt

Link to post
Share on other sites
Quote

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-06-2017
Ran by Nick (30-06-2017 20:54:06) Run:1
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: dir "C:\Users\Nick\AppData\Local" /a
*****************


========= dir "C:\Users\Nick\AppData\Local" /a =========

 Volume in drive C has no label.
 Volume Serial Number is 3E0E-B6FB

 Directory of C:\Users\Nick\AppData\Local

2017-06-30  07:27 PM    <DIR>          .
2017-06-30  07:27 PM    <DIR>          ..
2017-02-06  04:49 PM    <DIR>          ActiveSync
2017-06-30  07:10 AM    <DIR>          Adobe
2017-04-22  09:28 PM    <JUNCTION>     Application Data [C:\Users\Nick\AppData\Local]
2017-03-14  09:46 PM    <DIR>          Arma 3
2017-03-14  10:23 PM    <DIR>          Arma 3 Launcher
2017-05-12  01:06 PM    <DIR>          Bethesda.net Launcher
2017-02-06  11:42 PM    <DIR>          Black_Tree_Gaming
2017-04-18  07:02 PM    <DIR>          Blizzard Entertainment
2017-03-14  04:48 PM    <DIR>          Bohemia_Interactive
2017-02-06  05:44 PM    <DIR>          CEF
2017-02-06  05:04 PM    <DIR>          Comms
2017-04-22  09:50 PM    <DIR>          ConnectedDevicesPlatform
2017-06-28  11:04 PM    <DIR>          CrashDumps
2017-03-15  09:15 AM    <DIR>          Daybreak Game Company
2017-04-25  11:25 AM    <DIR>          DBG
2017-06-20  06:21 PM                46 desktop.ini
2017-06-06  09:51 PM    <DIR>          Diagnostics
2017-04-14  06:49 PM    <DIR>          Discord
2017-06-12  11:04 PM    <DIR>          DisplayFusion
2017-05-06  05:12 PM    <DIR>          DreadGame
2017-02-08  11:35 AM    <DIR>          Dxtory Software
2017-05-16  10:52 PM    <DIR>          ElevatedDiagnostics
2017-06-01  10:23 AM    <DIR>          En Masse Entertainment
2017-02-08  02:53 PM    <DIR>          Fallout4
2017-04-22  09:28 PM    <JUNCTION>     History [C:\Users\Nick\AppData\Local\Microsoft\Windows\History]
2017-06-30  04:35 PM         6,291,456 IconCache.db
2017-05-12  02:35 PM    <DIR>          id Software
2017-02-23  08:36 PM    <DIR>          Macromedia
2017-06-14  06:02 AM    <DIR>          Microsoft
2017-02-06  05:24 PM    <DIR>          MicrosoftEdge
2017-02-06  05:32 PM    <DIR>          Mozilla
2017-03-01  11:50 AM    <DIR>          New Technology Studio
2017-06-07  12:22 PM    <DIR>          NVIDIA
2017-06-07  12:31 PM    <DIR>          NVIDIA Corporation
2017-02-07  06:49 AM    <DIR>          Origin
2017-05-02  07:50 AM    <DIR>          Packages
2017-06-09  05:28 PM    <DIR>          PAYDAY 2
2017-02-06  05:57 PM    <DIR>          Programs
2017-02-06  04:47 PM    <DIR>          Publishers
2017-02-27  10:56 PM    <DIR>          Rockstar Games
2017-03-15  09:15 AM    <DIR>          SCE
2017-06-14  09:59 PM    <DIR>          Skyrim Special Edition
2017-02-15  12:58 PM    <DIR>          SniperElite4
2017-04-14  06:49 PM    <DIR>          SquirrelTemp
2017-02-06  05:44 PM    <DIR>          Steam
2017-04-13  03:37 PM    <DIR>          SWTOR
2017-04-13  12:27 PM    <DIR>          SWTORPerf
2017-06-30  08:53 PM    <DIR>          Temp
2017-04-22  09:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Nick\AppData\Local\Microsoft\Windows\INetCache]
2017-06-24  08:13 AM    <DIR>          Tempzxpsign17b2acd8d9cf2eb6
2017-06-23  08:41 PM    <DIR>          Tempzxpsign2ad31d6dd0a62759
2017-05-12  11:44 AM    <DIR>          Tempzxpsign79573037f11b3015
2017-06-30  07:27 PM    <DIR>          Tempzxpsign7a9285e0eb636528
2017-06-30  07:27 PM    <DIR>          Tempzxpsign822ba4ad53337b62
2017-06-23  08:40 PM    <DIR>          Tempzxpsign87c089e36c25397f
2017-06-24  08:27 AM    <DIR>          Tempzxpsign8aec3a1e47758c62
2017-05-19  09:52 PM    <DIR>          Tempzxpsign914a7d5cdef8a9e3
2017-05-20  09:40 AM    <DIR>          Tempzxpsign93717ef08232357b
2017-05-19  09:51 PM    <DIR>          Tempzxpsigncf64c629aac57ca5
2017-05-20  09:44 AM    <DIR>          Tempzxpsigne1abf4f76e9eded9
2017-05-12  11:45 AM    <DIR>          Tempzxpsignf6e3401ee0f0bb3f
2017-02-06  04:47 PM    <DIR>          TileDataLayer
2017-06-01  07:40 PM    <DIR>          TslGame
2017-06-30  04:08 PM    <DIR>          Ubisoft Game Launcher
2017-04-12  06:25 PM    <DIR>          UNP
2017-06-01  07:40 PM    <DIR>          UnrealEngine
2017-04-26  01:52 PM    <DIR>          VirtualStore
2017-06-19  09:12 PM    <DIR>          Warframe
               2 File(s)      6,291,502 bytes
              68 Dir(s)  1,241,377,280,000 bytes free

 

 

DESKTOP-THQGQTJ.zip

Link to post
Share on other sites

Did you download and/or install anything on your system while we were doing the clean-up? Or visit any website that redirected you somewhere else?

Link to post
Share on other sites

Alright well so far we know that the pop-up came back and disappeared right away after. Let's give it a couple more days of monitoring to see if it comeback.

Link to post
Share on other sites
Quote

Fix result of Farbar Recovery Scan Tool (x64) Version: 04-07-2017
Ran by Nick (04-07-2017 13:19:00) Run:2
Running from C:\Users\Nick\Downloads
Loaded Profiles: Nick (Available Profiles: Nick)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: dir "C:\Users\Nick\AppData\Local" /a
*****************


========= dir "C:\Users\Nick\AppData\Local" /a =========

 Volume in drive C has no label.
 Volume Serial Number is 3E0E-B6FB

 Directory of C:\Users\Nick\AppData\Local

2017-06-30  07:27 PM    <DIR>          .
2017-06-30  07:27 PM    <DIR>          ..
2017-02-06  04:49 PM    <DIR>          ActiveSync
2017-07-04  08:02 AM    <DIR>          Adobe
2017-04-22  09:28 PM    <JUNCTION>     Application Data [C:\Users\Nick\AppData\Local]
2017-03-14  09:46 PM    <DIR>          Arma 3
2017-03-14  10:23 PM    <DIR>          Arma 3 Launcher
2017-05-12  01:06 PM    <DIR>          Bethesda.net Launcher
2017-02-06  11:42 PM    <DIR>          Black_Tree_Gaming
2017-04-18  07:02 PM    <DIR>          Blizzard Entertainment
2017-03-14  04:48 PM    <DIR>          Bohemia_Interactive
2017-02-06  05:44 PM    <DIR>          CEF
2017-02-06  05:04 PM    <DIR>          Comms
2017-04-22  09:50 PM    <DIR>          ConnectedDevicesPlatform
2017-06-28  11:04 PM    <DIR>          CrashDumps
2017-03-15  09:15 AM    <DIR>          Daybreak Game Company
2017-04-25  11:25 AM    <DIR>          DBG
2017-06-20  06:21 PM                46 desktop.ini
2017-06-06  09:51 PM    <DIR>          Diagnostics
2017-04-14  06:49 PM    <DIR>          Discord
2017-07-01  02:42 PM    <DIR>          DisplayFusion
2017-05-06  05:12 PM    <DIR>          DreadGame
2017-02-08  11:35 AM    <DIR>          Dxtory Software
2017-05-16  10:52 PM    <DIR>          ElevatedDiagnostics
2017-06-01  10:23 AM    <DIR>          En Masse Entertainment
2017-02-08  02:53 PM    <DIR>          Fallout4
2017-04-22  09:28 PM    <JUNCTION>     History [C:\Users\Nick\AppData\Local\Microsoft\Windows\History]
2017-06-30  04:35 PM         6,291,456 IconCache.db
2017-05-12  02:35 PM    <DIR>          id Software
2017-02-23  08:36 PM    <DIR>          Macromedia
2017-06-14  06:02 AM    <DIR>          Microsoft
2017-02-06  05:24 PM    <DIR>          MicrosoftEdge
2017-02-06  05:32 PM    <DIR>          Mozilla
2017-03-01  11:50 AM    <DIR>          New Technology Studio
2017-06-07  12:22 PM    <DIR>          NVIDIA
2017-06-07  12:31 PM    <DIR>          NVIDIA Corporation
2017-02-07  06:49 AM    <DIR>          Origin
2017-05-02  07:50 AM    <DIR>          Packages
2017-06-09  05:28 PM    <DIR>          PAYDAY 2
2017-02-06  05:57 PM    <DIR>          Programs
2017-02-06  04:47 PM    <DIR>          Publishers
2017-02-27  10:56 PM    <DIR>          Rockstar Games
2017-03-15  09:15 AM    <DIR>          SCE
2017-06-14  09:59 PM    <DIR>          Skyrim Special Edition
2017-02-15  12:58 PM    <DIR>          SniperElite4
2017-04-14  06:49 PM    <DIR>          SquirrelTemp
2017-02-06  05:44 PM    <DIR>          Steam
2017-04-13  03:37 PM    <DIR>          SWTOR
2017-04-13  12:27 PM    <DIR>          SWTORPerf
2017-07-04  01:18 PM    <DIR>          Temp
2017-04-22  09:28 PM    <JUNCTION>     Temporary Internet Files [C:\Users\Nick\AppData\Local\Microsoft\Windows\INetCache]
2017-06-24  08:13 AM    <DIR>          Tempzxpsign17b2acd8d9cf2eb6
2017-06-23  08:41 PM    <DIR>          Tempzxpsign2ad31d6dd0a62759
2017-05-12  11:44 AM    <DIR>          Tempzxpsign79573037f11b3015
2017-06-30  07:27 PM    <DIR>          Tempzxpsign7a9285e0eb636528
2017-06-30  07:27 PM    <DIR>          Tempzxpsign822ba4ad53337b62
2017-06-23  08:40 PM    <DIR>          Tempzxpsign87c089e36c25397f
2017-06-24  08:27 AM    <DIR>          Tempzxpsign8aec3a1e47758c62
2017-05-19  09:52 PM    <DIR>          Tempzxpsign914a7d5cdef8a9e3
2017-05-20  09:40 AM    <DIR>          Tempzxpsign93717ef08232357b
2017-05-19  09:51 PM    <DIR>          Tempzxpsigncf64c629aac57ca5
2017-05-20  09:44 AM    <DIR>          Tempzxpsigne1abf4f76e9eded9
2017-05-12  11:45 AM    <DIR>          Tempzxpsignf6e3401ee0f0bb3f
2017-02-06  04:47 PM    <DIR>          TileDataLayer
2017-06-01  07:40 PM    <DIR>          TslGame
2017-07-02  04:50 PM    <DIR>          Ubisoft Game Launcher
2017-04-12  06:25 PM    <DIR>          UNP
2017-06-01  07:40 PM    <DIR>          UnrealEngine
2017-04-26  01:52 PM    <DIR>          VirtualStore
2017-06-19  09:12 PM    <DIR>          Warframe
               2 File(s)      6,291,502 bytes
              68 Dir(s)  1,204,586,766,336 bytes free

========= End of CMD: =========


==== End of Fixlog 13:19:00 ====

 

Link to post
Share on other sites

Unfortunately these logs are clean and do not show any signs of infection.

Is that pop-up showing up randomly, or solely when you browse the web?

Link to post
Share on other sites

When it came back, I couldn't find any traces of it in the logs I asked you. As if it had been deleted/quarantined already. Can you check with your Antivirus/Antimalware if they deleted/quarantined it back then (it was on June 30th).

Link to post
Share on other sites
Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 6/30/17
Protection Event Time: 9:24 PM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2268
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: time2play-online.net
IP Address: 199.101.135.115
Port: [53181]
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

(end)

Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 6/30/17
Protection Event Time: 9:24 PM
Log File:
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.141
Update Package Version: 1.0.2268
License: Premium

-System Information-
OS: Windows 10
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: time2play-online.net
IP Address: 199.101.135.115
Port: [53181]
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

 

(end)

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.


Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.