Malware causing a hardware and a software problems

wayne64 · August 7, 2017

Hello,

Well, i m gonna get into my story from the beginning :

Last week i noticed a process that had been sucking 25% of my cpu power and using alot my internet connection, i got a little worried so i started investigating, turned out that the name of the process was ISUSPM.exe it was related to the InstallShield Updater.

So i scanned the pc with my antivirus : Nothing found.

I downloaded other file cleaners like roguekiller, hitman, AdwCleaner and others they scanned the computer and found some stuff, some of them quarantined some items and others deleted some (some reports and quarantined items still here)

Then i installed malwarebytes i scanned, and he found some registry stuff and a service scheduler related to this ISUSPM and deleted them.

After all those scans finished i rebooted the pc. Then once i got into the windows logo the fan started to move fast and make a noise.

Most people will say fan noise and heat is a dust problem, but it can't be , cause it happend the moment i finished the scans and rebooted.

Also after 15minutes of usage time, i touched the laptop and it was so hot.

So my thought was maybe those scans deleted system files.

So i deleted malwarebytes and all of the others and restarted to check : But still the same.

I searched the net and came out with nothing.

I was gonna do a clean install of the windows 10, but i came here hoping to get everything fixed and back like it was.

SO SOMETHING SUSPICIOUS HAPPEND TODAY WHEN WRITING THIS TOPIC :

I was scanning some files with virustotal to check them but when i refreshed the page it became like this :

ALSO : When i was trying to post this topic i got a message that the forum was unavailable :

Well now it works but the theme has been changed

Also google and facebook (other sites was working fine) didn't wanna work until i rebooted the router.

So my first thought, that this was the doing of the malware redirecting me ( or its just my luck both sites bugged at the same time)

Well i don't have the malwarebytes log since i deleted everything but reinstalled to check but i found something simillar in a comment in this forum:

Edited August 7, 2017 by wayne64
typo

wayne64 · August 8, 2017

Addition.txt

FRST.txt

Valinorum · August 11, 2017

That is the new page of the Virus Total. It is new for me as well. How is your PC performing?

wayne64 · August 11, 2017

4 hours ago, Valinorum said:

That is the new page of the Virus Total. It is new for me as well. How is your PC performing?

well the fan noise is still here, i tried to scan again with many file scanners for malware remnants everything is clean, only roguekiller displayed ks.sys as a forged file i didn't wanna delete it until someone here tells me what to do

wayne64 · August 15, 2017

Anyone ?

Valinorum · August 16, 2017

Can you post the report of the RogueKiller, please? Sorry for the delay.

wayne64 · August 18, 2017

"results": {
        "processes": [],
        "modules": [],
        "services": [],
        "registry": [],
        "tasks": [],
        "filesystem": [
            {
                "scan_what": 3,
                "scan_how": [
                    1,
                    2,
                    3,
                    9
                ],
                "vendors": [
                    "File.Forged"
                ],
                "status_choice": 0,
                "processed": [
                    {
                        "type": 1,
                        "name": "ks.sys",
                        "path_expanded": "C:\\Windows\\System32\\drivers\\ks.sys",
                        "path_compressed": "%SystemRoot%\\System32\\drivers\\ks.sys",
                        "extra": "",
                        "md5": "2A36F026A670178332B2F24417993C8F",
                        "md5_low_level": "D458B977F8D152766DD58D5ADA747C24",
                        "forged": true,
                        "lnk_target": "",
                        "lnk_args": "",
                        "junc_target": "",
                        "junc_tag": 0,
                        "junc_error": 0,
                        "exists": true,
                        "signed": false,
                        "signer": "",
                        "status_str": "Found",
                        "status_removed": 0
                    }
                ]
            }
        ],

and about the first logs, is there anything wierd or suspicious ?

wayne64 · August 21, 2017

Hey ?

Valinorum · August 21, 2017

Sorry, I did not know how I missed it.

Step # ESET Online Scanner
Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
- Download esetsmartinstaller_enu.exe by clicking here.
- Right-click on the program and choose Run as administrator.
- Accept their terms and condition and proceed.
- Install Add-On/Active X if prompted.
- From the Computer Scan Setting check the following box --
  - Enable detection for potentially unwanted programs
- Click on Advanced Setting --
  - Check the box beside Remove Found Threats;
  - Check the box beside Scan archives
  - Check the box beside Scan for potentially unsafe applications
  - Check the box beside Enable Anti-Stealth Technology
- Click on Start and wait for the virus signature database to update.
- The online scan will begin automatically and can take several hours.
  - Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
- After the Scan finishes --
  - If no threats were found:
    - Put a checkmark in Uninstall application on close.
    - Close the program and report that nothing was found
  - If threats were found:
    - Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
    - Copy and Paste contents of the log file in your next reply.
Note: Enable your security programs afterwards.

wayne64 · August 21, 2017

5 hours ago, Valinorum said:

Sorry, I did not know how I missed it.

Step # ESET Online Scanner
Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
Download esetsmartinstaller_enu.exe by clicking here.

Right-click on the program and choose Run as administrator.

Accept their terms and condition and proceed.

Install Add-On/Active X if prompted.

From the Computer Scan Setting check the following box --
Enable detection for potentially unwanted programs

Click on Advanced Setting --
Check the box beside Remove Found Threats;

Check the box beside Scan archives

Check the box beside Scan for potentially unsafe applications

Check the box beside Enable Anti-Stealth Technology

Click on Start and wait for the virus signature database to update.

The online scan will begin automatically and can take several hours.
Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.

After the Scan finishes --
If no threats were found:
Put a checkmark in Uninstall application on close.

Close the program and report that nothing was found

If threats were found:
Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).

Copy and Paste contents of the log file in your next reply.

Note: Enable your security programs afterwards.

i already have eset as antivirus, isn't the same ?

Valinorum · August 25, 2017

Almost, but it installs the latest signatures before they are shipped to the customers.

wayne64 · August 26, 2017

On 8/25/2017 at 1:35 PM, Valinorum said:

Almost, but it installs the latest signatures before they are shipped to the customers.

So even if my eset gave me a clean scan, i should rescan with the online scanner ?

wayne64 · August 26, 2017

Well, i did the scan to make sure, no threats were found.

After all the scans i've done, and this scan there is still no sign of infection, i think when i scanned with malwarebytes it cleared everything, i think i'm clean.

And my guess is this is a hardware problem, because when i cleaned some of the dust inside the fan, it is not that loud anymore, there is still sound but not loud as it used to be.

What do you think ?

Valinorum · August 28, 2017

I also think that the dust was the hardware issue as for the software part I think you are clean.

wayne64 · August 28, 2017

7 hours ago, Valinorum said:

I also think that the dust was the hardware issue as for the software part I think you are clean.

Thank you so much for your help.

You can go ahead and close the thread.

AdvancedSetup · August 29, 2017

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Malware causing a hardware and a software problems

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information