Jump to content

Suspicious activity on my network but only on this PC


Recommended Posts

  • Root Admin

Hello @Gacrux98

Yeah, this doesn't look good. You're running a Windows 10 English version yet you seem to have a Japanese version of Windows Defender installed.

Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Language: English (United States)

Date: 2021-08-26 03:32:44
Description:
Microsoft Defender Antivirus スキャンは完了する前に停止しました。
スキャン ID: {FFBAA358-E690-46CA-AC84-5423DC662E39}
スキャンの種類: Antimalware
スキャン パラメーター: Quick Scan
ユーザー: NT AUTHORITY\SYSTEM

 

Please run a FULL scan using the following Microsoft scanner.

 

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

Please let me know the results of this scan.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your next reply.

 

 

Once that scan is done, then restart the computer and run this antivirus scanner

Let me have you run a different scanner to double-check.

I would suggest a free scan with the ESET Online Scanner

Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

  • It will start a download of "esetonlinescanner.exe"
  • Save the file to your system, such as the Downloads folder, or else to the Desktop.
  • Go to the saved file, and double click it to get it started. 
  • When presented with the initial ESET options, click on "Computer Scan".
  • Next, when prompted by Windows, allow it to start by clicking Yes 
  • When prompted for scan type, Click on Full scan 
  • Look at & tick  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on the Start scan button.
  • Have patience.  The entire process may take an hour or more. There is an initial update download.
  • There is a progress window display.
  • You should ignore all prompts to get the ESET antivirus software program.   ( e.g. their standard program).   You do not need to buy or get or install anything else.
  • When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
  • Click The blue “Save scan log” to save the log.
  • If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at the bottom).
  • Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

Note: If you do need to do a File Restore from ESET please follow the directions below

[KB2915] Restore files quarantined by the ESET Online Scanner version 3

https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner

 

I'm off work so will check back on you again tomorrow

Thanks

 

Link to post
Share on other sites

  • Root Admin

If off work until Tuesday. Please run the following though and I'll try to check back with you before Tuesday if possible.

 

Please download and run the following Kaspersky antivirus scanner to remove any found threats

Kaspersky Virus Removal Tool

Let me know if it finds anything or not

 

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • Root Admin

Hello @Gacrux98

It's a 3 day Holiday here in the US and I'm spending time with my family. Please try to run the following and I'll check back with  you later in the evening if possible. If not, then on Tuesday for sure.

 

Can you please do the following?

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, place a checkmark on all of the Repair System entries.
  • Then click on the Repair System button and allow it to run and restart the system.

image.png

 

After the restart please do the following

  • Run the MBST Support Tool again.
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click the CLEAN button and follow the onscreen instructions to reinstall Malwarebytes
  • NOTE: Please have patience as it can take a while to remove and reinstall. The computer will restart to complete

 

After the restart please do the following

  • Run the MBST Support Tool again.
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • Root Admin

Please go to Control Panel, Programs, Programs and Features and uninstall the following

Java 8 Update 281
 

 

Then please change your DNS to Google Public DNS

Your current entry: DNS Servers: 192.168.1.1

https://developers.google.com/speed/public-dns/docs/using

 

 

Then let me have you do the following Clean Removal and reinstall of Malwarebytes software.

 

Can you please do the following?

  • Download the Malwarebytes Support Tool or if you already have the program open it again.
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click the CLEAN button and follow the onscreen instructions to reinstall Malwarebytes
  • NOTE: Please have patience as it can take a while to remove and reinstall. The computer will restart to complete

After the restart please do the following

  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Please run FARBAR FRST again and make sure it updates. Then save the attached file FIXLIST.TXT as before to the same location as the Farbar program.

Then click on the FIX button.

fixlist.txt

The computer should restart. When done, please attach the new FIXLOG.TXT file.

 

Let me know how the computer is running now and if there are still any unresolved issues or not.

Thank you @Gacrux98

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.