Jump to content

s1.toupdate15.com malware issue


Recommended Posts

Hello, recently i have tried installing far cry 4 on piratebay. After i installed, it just didnt work so I deleted it and shortly after my chrome started opening up this random website. I opened up malwarebytes and I cleaned everything but it keeps on detecting the s1.toupdate15.com website.

 

I have put the export in the file below

ff.txt

Link to post
Share on other sites

Hi. My name is Maurice. I will be guiding you.

Please always just Attach each report file as an attachment.

Please download the Farbar Recovery Scan Tool 64-bit and save it to your desktop.

 

Right-click on FRST64.exe and select Run as Administrator to start the tool , and reply YES to allow it to proceed and run.

 

_Windows 10 users will be prompted about Windows *SmartScreen protection* - click line More info information on that screen and click button Run anyway on next screen._

 

Click YES when prompted by Windows U A C prompt to allow it to run.

 

Note: If you are prompted by Windows SmartScreen, click More info & followup & choose Run anyway.

 

Approve the Windows UAC prompt on Windows Vista and newer operating systems by clicking on Continue or Yes. 

 

Click Yes when the *disclaimer* appears in FRST.

The tool may want to update itself - in that case you'll be prompted when the update is completed and ready to use.

 

Make sure that Addition options is *checked* - the configuration should look exactly like on the screen below (do not mark additional things unless asked).

 

Press Scan button and wait.

The tool will produce 2 logfiles on your desktop: FRST.txt , Addition.txt 

 

Click OK button when it shows up. Close the Notepad windows when they show on screen. The tool saves the files.

 

Please attach these 2 files to your next reply.

Thank you.

Link to post
Share on other sites

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

 

It will start a download of "esetonlinescanner.exe"

Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.

 

When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan

Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button.

Have patience. The entire process may take an hour or more. There is an initial update download.

There is a progress window display.

You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom).

Press Continue when all done. You should click to off the offer for “periodic scanning”.

Link to post
Share on other sites

I need for you to attach the log from ESET.

To view the log after ESET Online Scanner has been closed, Show hidden files and folders must be enabled in File Explorer. New logs are appended to the existing log files when multiple scans are run. The path to the log file is the following: C:\Users\username\AppData\Local\Temp\log.txt

Link to post
Share on other sites

It is always important to get report files.  Regardless of your language.

The ESET removed all items it detected. There were adwares + potentially unwanted types + 1 trojan on drive E. 

As a next step, to checkout your system a bit more, a scan with Sophos.

Download Sophos Free Virus Removal Tool   and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

 

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...

Double click the icon and select Run

Click Next

Select I accept the terms in this license agreement, then click Next twice

Click Install

Click Finish to launch the program

Once the virus database has been updated click Start Scanning

If any threats are found click Details, then View log file... (bottom left hand corner)

Copy and paste the results in your reply

Close the Notepad document, close the Threat Details screen, then click Start cleanup

Click Exit to close the program

If no threats were found please confirm that result....

 

The Virus Removal Tool scans the following areas of your computer:

 

Memory, including system memory on 32-bit (x86) versions of Windows

The Windows registry

All local hard drives, fixed and removable

Mapped network drives are not scanned.

Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

 

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Please be sure to attach that log.

Cheers.

Link to post
Share on other sites
37 minutes ago, jasa11 said:

Hello, 

 

just finished the scan and it found 0 threats.

edit: its also been more than an hr since i started up my pc and so far no threats came in the malwarebytes program

Link to post
Share on other sites

Thanks. I understand that the SOPHOS tool found no threats. 

I would suggest that you run a FULL  option scan using the Microsoft Safety scanner. Use the directions from next link , with only difference being a FULL scan.

 

Then when done attach the report.

 

https://forums.malwarebytes.com/topic/270795-malware-found-and-quarantined-but-report-says-no-action-by-user/?do=findComment&comment=1440485

Link to post
Share on other sites
  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.