Jump to content

Recommended Posts

Hello. Malwarebytes found 2 malwares but it coudln't remove them. I just did a Restore of my Computer since my Windows Defender had disappeared, so I'm a bit paranoid when it comes to malwares recently (this is the 2nd time my Windows Defender disappears).

Attached are the scans of both Malwarebytes and FRST. I also run Adwcleaner and cleaned.

I'd love if I could get some help, thank you very much.

Addition.txt FRST.txt Malwarebytes text.txt

Link to post
Share on other sites

5 minutes ago, Gart10 said:

Malwarebytes found 2 malwares but it coudln't remove them.

Those 2 look like attachments in email. You will have to delete them from the email interface to get rid of them.

Another why I will not use windows 10 email app and have actually uninstalled it.

As for your other "issues" a malware removal expert will be along to assist further.

Edited by Porthos
Link to post
Share on other sites

1 minute ago, Porthos said:

Those 2 look like attachments in email. You will have to delete them from the email interface to get rid of them.

Another why I will not use windows 10 email app and have actually uninstalled it.

I'm sorry, I'm not entirely sure what you mean. These are 2 attachments from an hotmail account? (The one that I receive notifications about on this laptop, if you understand what I mean). And is there a way to understand which attachments are they, as in from what email?

Link to post
Share on other sites

3 minutes ago, Gart10 said:

I don't think that's what caused the disappearance of my Windows Defender last 2 times, sadly.

@AdvancedSetupwill assist with that issue. But since those 2 items were the only things found by MB I figured I would assist you in correcting that. MB can not clean those for you.

Edited by Porthos
Link to post
Share on other sites

  • Root Admin

Let's go ahead and do a scan from Microsoft and see if they find anything else.

Please close all open applications and run the following

 

 

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

Please let me know the results of this scan.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your next reply.

 

 

Link to post
Share on other sites

2 minutes ago, AdvancedSetup said:

Let's go ahead and do a scan from Microsoft and see if they find anything else.

Please close all open applications and run the following

a

 

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

Please let me know the results of this scan.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your next reply.

Started a complete scan, will update when it's over. I just want to point out that the icon for Windows Defender disappeared, and if I go into Windows Security, and click on first square (Virus and Threats protection), it says Malwarebytes is active but no sign of Microsoft Defender. Unsure if it's normal or not, this is the first time I use/activate Malwarebytes

Link to post
Share on other sites

9 hours ago, AdvancedSetup said:

Let's go ahead and do a scan from Microsoft and see if they find anything else.

Please close all open applications and run the following

 

 

The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

Please let me know the results of this scan.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your next reply.

 

 

Sorry about the late reply, the scan took a long time. Attached is the file you asked and I also attached the screenshot of the end result (it's probably the same thing but I'm not an expert). I see there is something about Windows Defender in the name of this Virus, this might be what I was looking for? 

Screenshot_1.png

msert.log

Link to post
Share on other sites

3 minutes ago, AdvancedSetup said:

Hello @Gart10
 

Google Chrome needs to be cleaned up.

 

Please follow the directions from the following topic and let us know if that corrects the issue for you.

 

Thank you

 

Done, thank you very much. Did you miss the reply about the Windows Defender scan, right above the Google Chrome scan?

Link to post
Share on other sites

Just now, AdvancedSetup said:

Yes, I saw. Sorry. That is normal. Microsoft saw a key that was not set as the default and restored the setting. It is not an infection or anything to worry about.

Cheers

 

So it was not the thing responsible for my Microsoft Defender disappearing? I really hoped it was.

Link to post
Share on other sites

  • Root Admin

How is the computer running now?

Are there still any signs of an infection or other issues?

 

SecurityCheck by glax24              

I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications.

  • Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe
  • If Microsoft SmartScreen blocks the download, click through to save the file
  • This tool is safe.   Smartscreen is overly sensitive.
  • If SmartScreen blocks the file from running click on More info and Run anyway
  • Right-click  with your mouse on the Securitycheck.exe  and select "Run as administrator"  and reply YES to allow to run & go forward
  • Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file.  Attach it with your next reply.
  • You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt

 

image.png

image.png

image.png

 

Thank you

 

 

Link to post
Share on other sites

  • Root Admin

Please download the following tool

Farbar Service Scanner and run it on the computer with the issue
http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/

 

Make sure the following options are checked:

  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender

Click "Scan"

It will create a log (FSS.txt) in the same directory the tool is run.
Please attach the log to your next reply.

 

Link to post
Share on other sites

4 minutes ago, AdvancedSetup said:

How is the computer running now?

Are there still any signs of an infection or other issues?

Thank you

 

No signs of infection or issues.

Before posting, I did a fresh install of Windows so I would expect to not have issues for now. I asked because this is the 2nd time that I have had this problem of WD disappearing, so that kinda makes me think it's still in there somehow, even after a fresh install (if possible)? Or else it could be I just got the same malware twice from the same website.

I attached both files requested

SecurityCheck.txt FSS.txt

Link to post
Share on other sites

  • Root Admin

Okay, it depends on how you want Windows Defender to run. Even now it's not set to really run. But it's also designed not to run if another antivirus product is installed.

 

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2109.6-0\MsMpEng.exe"".

 

So, assuming nothing is wrong with Windows Defender there is a setting in Malwarebytes to allow Windows Defender to run alongside Malwarebytes which many people do.

With this disabled in Malwarebytes Settings, Windows Defender should run as though it was the only antivirus.

image.png

 

Let me check your other log, back in a bit.

 

 

Link to post
Share on other sites

  • Root Admin

Please review the following to either update, uninstall, or otherwise address as appropriate for your system.


--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Office 365 - it-it v.16.0.11929.20394 Warning! Download Update
How Install Office updates?


NVIDIA GeForce Experience 3.20.2.34 v.3.20.2.34 Warning! Download Update


--------------------------- [ AdobeProduction ] ---------------------------
Adobe Creative Cloud v.4.7.0.400 Warning! Download Update

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.