Jump to content

Infected by 32-Bit Setup Launcher


Recommended Posts

Hi forum,

First of all, sorry for my english, not native.

Recently i have been infected by some virus that seems to be "32-Bit Setup Launcher" on the Task Manager.
It causes the CPU to be constantly at 35% until i open the task manager, moment that the virus seems to be suspended and the CPU usage get backs to 1%.

The symptoms are exactly the same as this guy's post: https://forums.malwarebytes.com/topic/240938-infected-by-a-very-smart-malware/

I have tried to follow the moderator's guide to that guy's case but seems that the fixlist is personalizated for each case and i can't even download it to proceed.

In a logical order, i will download FRST, scan it and post it the results. Hope that somebody can help me with that.

Thanks!

Btw, im doing all of this in "Safe Mode" cause the virus detects the malware removal tools and freeze the PC. I ran the Malware bytes software with no results as well as the rogue killer.
But you better than anyone can tell me which steps to follow.

 

Addition.txt FRST.txt

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled
Turn System Restore ON for Drives in Windows 10 - Immediately.
https://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
<<<>>>

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please run the Farbar program in Normal Mode and post fresh FRST.TXT and Addition.txt for my review.
Make sure the box to create the Addition.txt log is checked.

Let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

Hi Nasdaq!

Thanks for the help.

I activated the System Restore again, ran the fixlist on Safe Mode (Otherwhise the program gets blocked by the malware) and then restarted and run a scan on Normal mode.

There are the files. For now, seems to be almost done cause no more unnamed processes running at the background and i was able to use the FRST tool on normal mode aswell as entering the Malware Bytes page but it stills randomly opening me publishing pages on google chrome.

 

Addition.txt Fixlog.txt FRST.txt

Link to post
Share on other sites

Hi,

Sorry about this late reply.

ATTENTION: System Restore is disabled
Turn System Restore ON for Drives in Windows 10 - Immediately.
https://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
<<<>>>

Windows Windows Defender is also disabled.
Fix that.
===

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset and clean up" > "Restore settings to their original defaults"
 
Restart Chrome.
<<<>>>

Please post the Fixlog.txt and let me know what problem persists.

fixlist.txt

Link to post
Share on other sites

No problem @Nasdaq ! Take as much time as you need. I just asked just in case that you took the problem as resolved and don't answer never again hehehe.

I did the fix and restored Chrome to his original defaults. I give you the fixlog and will take time until tomorrow to see if the problems persists

Thanks for the help!

 

Fixlog.txt

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.