Exploits - malware

[steve55]

hello

first of all please dont judge my english 😅

so the thing is i used a program that was recomended by malwarebytes in a topic i found, and malwarebytes found some but not all and i wanted to ask you guys for help

this is what the program found. so what should i do reinstall my pc ,or are these threats deleted ? because i see partially 😯

 

 

msert.log

[Maurice Naggar]

Hello    

First, if English is not your usual language, then please make use of a online translation   like   https://translate.google.com/

Please take some time, and describe with more detail as to what all started on your machine ?  what was / what is the main major thing ?

Provide more detail.

 

also, let me know what Version of Windows is on this machine ?

Does it also have installed Malwarebytes for Windows ?

 

NOTE:  The Microsoft Safety scanner tool is just one tool.   It is not the only or total solution.

The MS Safety scanner found and removed some threats.   Other threats it only partially removed.

I hope to get more detail from you.

[steve55]

thank you and its just the spell error xD

so what all started was a backup of my iphone i made, it was jailbroken, I think while installing tweaks i slipped up on a virus that infected my pc after i connected my phone to my pc.

I see iphoneOS on those infections, because when i looked into those backups i saw a "PADFRE-DECRYPT.TXT" file that is a know threat so i was able to remove it and also thanks to malwarebytes and eset that i have installed and have a premium version of it.

but thanks to microsoft safety scanner i found out there were serious threats on my pc and from there on out i uderstood my phone braught more then only my backup and this ecryption trojan.

but the main thing is there exploits, i did not see anything wrong on my pc everything worked fine until i discovered it. i found out the same day about that virus i had so i took action and found this thread with the microsoft scanner and did a scan so i dont think there is any damage, i also removed every thing that had somthing to do with apple on my pc because the threats were only found inside my main apple folder. 

so malwarebytes did found some threats motly the .txt files but it did not find those serious threats and now im concerned because i was stupidly realy putting all my trust in malwarebytes wich is is a bad thing to do because ofcourse it cant protect me from everything

 

i did another scan with that program and malwarebytes but this time its clean, but how can i be completely sure do you have any sugestions (this is the veryfirst time this happend to me i am very carefull about everything i do i use a password manager, an anti virus and anti malware just because it makes it so easy and i have knowledge about how to spot threats and how to remove them i but this time i am concerned about my safety because i dont know anything about this).

 

Microsoft Windows 10 Pro    
10.0.19041 Build 19041    

 

[Maurice Naggar]

Lets go real slow & real careful.   I cannot help you on your phone.   Keep that disconnected from your Windows machine  for the time being  & until this case is closed.

Lets focus and only take one thing at a time.

You said 

Quote

i did another scan with that program and malwarebytes but this time its clean

 

I have no idea what other security tool is on this machine  / what the resident antivirus is,  etc, etc, etc

 

Get and run the FARBAR  F R S T  report tool and attach the 2 report files back here after you have run it.

See  https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/

 

[steve55]

done

what does this do ?

FRST.txt Addition.txt

[Maurice Naggar]

Good morning.

FRST is just a report tool.  It lets your helper, me, to know some details, such as, what is running currently on the Windows.  It helps me to help you.

It is a widely used tool in the security community.  This run was just a report.  It did not make changes.

.

Let me ask you.  This computer has ESET Security antivirus.   I would like you to do one scan with ESET.

Then let me know the result from that.

[   NEXT ]

I would like you to do a new scan with Malwarebytes for Windows.  One of the major goals here is to have it remove all that it detects.  If it finds anything that is.

Start Malwarebytes from the Windows  Start menu.

Click Settings ( gear icon)   at the top right of Malwarebytes window.   We want to see the SETTINGS window.

Then click the Security tab.   Look for the section "Automatic Quarantine".   Be sure it is clicked On   ( to the far right side)

 

Then scroll down to the section Potentially Unwanted items.   We need the next 2 lines   ( for P U P  & for P U  M)  to be set to "Always ( Recommended) ".

You can make the change by clicking on the down-arrow selection list-control.   We want all P U P  &  P U M to be marked for removal.

 

Next, click the small x on the Settings line   to go to the main Malwarebytes Window.

Next click the blue button marked Scan.

When the scan phase is done,  ( if it finds anything), be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical.

You can actualy click the topmost left  check-box  on the very top line to get ALL lines  ticked   ( all selected).

 

Then click on Quarantine selected.

Then, locate the Scan run report;  export out a copy;  & then attach in with your  reply.

See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4

 

 

 

[steve55]

hello

so it got worse i have bugs my pc is slow and i even witnesed my screen flickering i am not taking any risk and i am gonna do a complete wipe i have all my inportand data on a cloud it is jhust gonna take a while to put everything back, also eset crashed when i started a full scan that is where i made up my mind...

i thank you for your help

but i am afraid of loosing anything my pc does not feel right anymore

[Maurice Naggar]

OK.   I am understanding that you have already proceeded to wipe the system,  and start over with a new Operating system install.

 

I presume the ESET Security antivirus is a paid for license.  If so, be very sure ESET is newly installed immediately right after the Windows is reinstalled.

[Maurice Naggar]

I believe you had written last Tuesday saying that you were about to do a system wipe and >>  redo the whole system builld.

Here are my usual best practices on keeping pc safe.

Backup is your best friend.  Keep backups of your system on a regular basis to offline storage & keep those safe. https://forums.malwarebytes.com/topic/136226-backup-software/

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".
Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).

Free games & free programs are like "candy". We do not accept them from "strangers".

Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 

Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

 

Stay safe.  I wish you all the best.   😎

Sincerely,

Maurice

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you