Jump to content

Recommended Update for this PC malware

Kennc

By Kennc
in Resolved Malware Removal Logs

 Share

Recommended Posts

Kennc

Kennc

Posted
Posted

Hey guys

Basically a "there is a recommended update for this PC" just popped up in my laptop right now. Right that time I know it was a virus or anything that is harmful in my computer. Too bad I didn't screencap it before I "end task" it in my task manager. I searched some ways in the internet on how to deal with a similar situation as I am and found something here in the forums of malwarebytes. I attached the screencap of the guy with the username "delskorch" for references. I also installed malwarebytes and found alot of theats. I attached the log files. My primary concern now is am I really safe now to the virus I mentioned above? What are the stuff I should do next to ensure the safeness of my pc? 

Thanks alot!

Btw,  I'm willing to buy a subscription in malwarebytes.

updates_scam.png.63fe73ab4cdfc8f309c4a1192c80602e.png

SCAN REPORT.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Thanks for those logs Kennc, continue as follows:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Protection Scroll to and make sure the following are selected:
    Scan for Rootkits
    Scan within Archives
     
  • Scroll further to Potential Threat Protection make sure the following are set as follows:
    Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
    Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
     
  • Click on the Scan make sure Threat Scan is selected,
  • A Threat Scan will begin.
  • With some infections, you may or may not see this message box.
    'Could not load DDA driver'
     
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
  • If asked to restart your computer to complete the removal, please do so
  • When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more to retrieve the log.


To get the log from Malwarebytes do the following:
 
  • Click on the Reports tab > from main interface.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select user posted imageRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

32 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

64 Bit version:
https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs, also tell me if there are any remaining issues or concerns....

Thank you,

Kevin

 

fixlist.txt

Link to post
Share on other sites
Kennc

Kennc

Posted
  • Author
Posted

Here's the log from malwarebyte and attached the fixlog file. Ill send other logs in the next reply. 

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 10/18/17
Scan Time: 3:27 AM
Log File: f71e2ed0-b3ee-11e7-b77a-64006aff33e1.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3035
License: Trial

-System Information-
OS: Windows 10 (Build 15063.540)
CPU: x64
File System: NTFS
User: DESKTOP-AJQNKA4\Kenneth Camaro

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 440169
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 2 min, 11 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)


(end)

Fixlog.txt

Link to post
Share on other sites
Kennc

Kennc

Posted
  • Author
Posted

Adwcleaner log

# AdwCleaner 7.0.3.1 - Logfile created on Wed Oct 18 10:37:44 2017
# Updated on 2017/29/09 by Malwarebytes 
# Database: 10-17-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

 

MSRT log

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.53, October 2017 (build 5.53.14306.0)
Started On Wed Oct 18 03:43:21 2017

Engine: 1.1.14104.0
Signatures: 1.251.1312.0
Run Mode: Interactive Graphical Mode
 

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

Thank s for the update, lets try your system in "Clean Boot" mode, that is basically all none system services disabled. Any that affect security or internet connection can be left active...

Full instructions at the following link, expand option for Windows 10, re-boot when clean boot is set. Let me know the outcome...

https://support.microsoft.com/en-gb/help/929135/how-to-perform-a-clean-boot-in-windows

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted

If clean boot makes your system faster and more responsive it is now a process of elimination to find which non MS service(s) was affecting your system...

Go through the process again, this time with all MS services hidden again enable the top half of non MS services, re-boot and see how your system responds, if still ok the top half can be left enabled.

Repeat again, enable so many of the bottom half then re-boot. Continue until you locate the problem service(s). A process of elimination, a bit long winded but worth the effort. Let me know the outcome...

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.