Jump to content

Windows Infected


Nemi5150
 Share

Recommended Posts

A girl I am helping opened an attachment to a phishing email and got infected with a trojan (several actually). It started because Windows Defender wanted to reset the settings in chrome and asked. I then ran a scan using Windows Defender and it found a ton of trojans. I removed them all and downloaded Malwarebytes. I ran the scan using Malwarebytes and it was clean. I reran Windows Defender and it found a couple more trojans. Then Malwarebytes (which was running in the background) periodically was blocking an outbound connection to a site (attached). I would like some help to make sure I got everything, if someone could. 

 

Attached is the following:

  • Malwarebytes scan report
  • Malwarebytes Blocked site summary
  • FRST.txt
  • Addition.txt

 

Any help would be appreciated!

 

 

FRST.txt

Addition.txt

MWB.blockedSite.txt

MWB.scan.txt

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove these programs in bold via the Control Panel > Programs > Programs and Features.
App Explorer (HKU\S-1-5-21-547725178-2149078600-563960083-1001\...\Host App Service) (Version: 0.273.2.988 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-21-547725178-2149078600-563960083-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02152019142747469\...\Host App Service) (Version: 0.273.2.988 - SweetLabs) <==== ATTENTION

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset and clean up" > "Restore settings to their original defaults"
 
Restart Chrome.
<<<>>>

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

I was at the location yesterday but had to leave. I know you guys don't like people you are helping to make changes outside of the replies you give, but I had to leave. I saw the ATTENTION markers in the logs so I removed that product using the uninstall functionality in add/remove programs. I also reset Chrome settings from the dialog that appeared from Windows Explorer, so I think both of these are done. 

I was there an hour and did not see any blocked outbound attempts in Malwarebytes. I have a message to the person to let me know if they get any other outbound blocks or prompts to reset Chrome again. I am glad you seem to have found nothing more than I did in this logs. I will post again if anything new develops. Thank you for looking at this. 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.