lamiko Posted January 9 ID:1610259 Share Posted January 9 Addition.txt FRST.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 9 ID:1610315 Share Posted January 9 Hello. My name is Maurice. I will guide you. Removing pesky malware can be an involved set of tasks over separate runs. Have much patience. Follow my directions. Please don't run any other scans, download, install or uninstall any programs while I'm working with you. Only run the tools I guide you to. Do not run online games while case is on-going. Do not do any free-wheeling web-surfing. The removal of malware isn't instantaneous, please be patient. Cracked or or hacked or pirated programs are not only illegal, but also will make a computer a malware victim. Having such programs installed, is the easiest way to get infected. It is the leading cause of ransomware encryptions. It is at times also big source of current trojan infections. Please uninstall them now, if any are here, before we start the cleaning procedure. Please stick with me until I give you the "all clear". If your system is running Discord, please be sure to Exit out of it while this case is on-going. Do these 2 steps so that ALL folders & Files are set to SHOW, plus also, Turn OFF Windows Fast start. 1. Show-Hidden-Folders-Files-Extensions https://forums.malwarebytes.com/topic/299345-show-hidden-folders-files-extensions/ 2. Disable-Fast-Startup https://forums.malwarebytes.com/topic/299350-disable-fast-startup/ 3. First some housekeeping, and then one Scan. There will be more later after all this. Start Malwarebytes. Click Settings ( gear ) icon. Next, let us make real sure that Malwarebytes does NOT register with Windows Security Center Click the Security Tab. Scroll down to "Windows Security Center" Click the selection to the left for the line "Always register Malwarebytes in the Windows Security Center". { We want that to be set as Off .... be sure that line's radio-button selection is all the way to the Left. thanks. } This will not affect any real-time protection of the Malwarebytes for Windows 😃. now Click the General tab. Under Application updates, click the Check for updates button. When it shows a new version available, Accept it and let it proceed forward. Be sure it succeeds. If prompted to do a Restart, just please follow all directions. Let me know how that goes. Next, the Malwarebytes scan Next, click the small x on the Settings line to go to the main Malwarebytes Window. Next click the blue button marked Scan. When the scan phase is done, be real sure you Review and have all detected lines items check-marked on each line on the left. That too is very critical. >>>>>> 👉 You can actually click the topmost left check-box on the very top line to get ALL lines ticked ( all selected). <<<< 💢 Please double verify you have that TOP check-box tick marked. and that then, all lines have a tick-mark Then click on Quarantine button. Then, locate the Scan run report; export out a copy; & then attach in with your reply. See https://support.malwarebytes.com/hc/en-us/articles/360038479194-View-Reports-and-History-in-Malwarebytes-for-Windows-v4 ( 4 ) Let's do one scan with Malwarebytes Adwcleaner to check for adwares. Just before pressing that "scan" button, be sure that Chrome & Edge, or other web browser are Closed. It will not take much time, First download & save it guide & download link Then be sure to close all web browsers after the download & before launching the tool. Then go to where the EXE file is saved. Start Adwcleaner. Then do a scan with Adwcleaner Guide article NOTE: IF Adwcleaner in the results shows "no items" flagged, then please click on the button marked "Run Basic Repair" Attach the clean log from Adwcleaner when all completed. Link to post Share on other sites More sharing options...
lamiko Posted January 10 Author ID:1610526 Share Posted January 10 The Malwarebytes runs smoothly , The Malwarebytes has updated the database and I was able to start scanning. The Program did not restart scanMalwerebytes.txt AdwCleaner[S27].txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 10 ID:1610584 Share Posted January 10 Hello. Those scan results are very good. As a next step, I suggest the following: This is for a scan with ESET Onlinescanner (free). ESET is a well-respected, well-known entity and tool. ESET Onlinescanner checks for viruses, other malware, adwares, & potentially unwanted applications. This here you can start & once it is under way, you can leave the machine alone & let it run over-night. No need to keep watch once it starts the actual scan run. Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. If upon launching the Esetonlinescanner, there is a windows-message box displaying A driver cannot load on this device. Driver ehdrv.sys then, please, TICK the check-box "Don't show this message again" and then, click the Close button on that window-box. The ESET scan will proceed forward. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on CUSTOM scan and select C drive to be scanned Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You may step away from machine &. Let it be. That is, once it is under way, you should leave it running. It will run for several hours. At screen "Detections occurred and resolved" click on blue button "View detected results" On next screen, at lower left, click on blue "Save scan log" View where file is to be saved. Provide a meaningful name for the "File name:" On last screen, set to Off (left) the option for Periodic scanning Click "save and continue" Please attach the report file so I can review Link to post Share on other sites More sharing options...
lamiko Posted January 12 Author ID:1610980 Share Posted January 12 Hello scanEset.txt Link to post Share on other sites More sharing options...
Solution Maurice Naggar Posted January 12 Solution ID:1611027 Share Posted January 12 The ESET Onlinescanner no threat; no virus. 😃 One other scan here. TrendMicro HouseCall scan from this Link First, Download & Save to your Downloads folder the appropriate HouseCallLauncher Once the download is complete, go to where the Housecalllauncher is saved & double-click it to start it. The program will check with TrendMicro & do a update run. Next it will show the Disclosure window. Click Next to proceed. The end user license agreement is presented. Click the Accept radio button & click Next to proceed. I suggest a CUSTOM scan on C drive. IF you wish a Full scan or a Custom scan, first click on the Settings then you can select which drives you want to include in the scan. The default is a Quick scan. Click Scan now when ready. The scan progress will then be displayed. Monitor the progress or just leave it alone until it finishes this phase. When the scan phase has completed, if any items are tagged, you will see a list, showing the file & its location, the classification of the threat, the type, risk, and Action option. If you see an item that you know is safe, you can click the Action , and select Ignore. When all done & ready, click the Fix now button. The "Summary" at the end at "Review Results" is what matters. Link to post Share on other sites More sharing options...
lamiko Posted January 17 Author ID:1612058 Share Posted January 17 Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 17 ID:1612089 Share Posted January 17 (edited) That is great. So, tell me, How is the system now ? I would highly suggest to insure that this pc is all up-to-date with security updates & cumulative updates on Windows. select the Windows Start button, and then go to Settings > Update & Security > Windows Update . and click Check for Updates. Have much patience. Note, do not take any update that has "PREVIEW' in its description or title. DO take those that may mention "Feature Update" or "enablement package", or "Cumulative Update"fs. Those optional updates you will need to affirmatively select. Edited January 24 by Maurice Naggar 1 Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 21 ID:1612793 Share Posted January 21 Hello. Kindly provide a status update. Link to post Share on other sites More sharing options...
lamiko Posted January 22 Author ID:1612896 Share Posted January 22 Hello I'm sorry I'didnt reply because I couldn't PrintScreenInWindows.zip Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 22 ID:1612948 Share Posted January 22 I got your screen grab images. Because of the language difference I basically only read English and some French.....I would like you to take a few minutes to run this Inquiry report. Hopefully I can better get a handle on the status of Windows Updates. Please run the following custom script. Read all of this before you start. The meaning of the "Fix button" operation here is just to run a custom script just for this particular machine. NOTE-1: This is a report collection only, It makes no changes. It should not take a lot of time. It should run very quickly. FRST64.exe program location: Desktop C:\Users\Admin\Desktop folder. The tool is already on system. That is what we will use. Please download the attached fixlist.txt file and save it to Desktop Fixlist.txt<- < - - - - NOTE. It's important that both files, FRST64, and fixlist.txt are in the same location or the fix will not work. Right-click with your mouse on FRST64 and select "Run as Administrator" and reply Yes and allow it to proceed when prompted. That is important. next, press the Fix button just once and wait. You will see a green-color scroll display while FRST is running. The tool will make a log on the Desktop folder (Fixlog.txt) . Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version. Attach FIXLOG.txt with next reply. AND please advise as to overall status of the Windows, at this point in time. Link to post Share on other sites More sharing options...
lamiko Posted January 24 Author ID:1613392 Share Posted January 24 I've tagged a post from January 17 Thank you Fixlog.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 24 ID:1613464 Share Posted January 24 7 hours ago, lamiko said: I've tagged a post from January 17 Sorry, It is not real clear to me what you mean by that line. But the Fixlog report looks good. I believe this system is in the clear. Let us just get this fresh readout report. SecurityCheck by glax24 I would like you to run a tool named SecurityCheck to inquire about the current security update status of some applications. Download SecurityCheck by glax24: https://tools.safezone.cc/glax24/SecurityCheck/SecurityCheck.exe If Microsoft SmartScreen blocks the download, click through to save the file This tool is safe. Smartscreen is overly sensitive. If SmartScreen blocks the file from running click on More info and Run anyway Right-click with your mouse on the Securitycheck.exe and select "Run as administrator" and reply YES to allow to run & go forward Wait for the scan to finish. It will open a text file named SecurityCheck.txt Close the file. Attach it with your next reply. You can find this file in a folder called SecurityCheck, C:\SecurityCheck\SecurityCheck.txt Thank you Link to post Share on other sites More sharing options...
lamiko Posted January 25 Author ID:1613661 Share Posted January 25 🙂 SecurityCheck.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 25 ID:1613743 Share Posted January 25 We are ready to wrap-up this case. But first, we do cleanup of the tools I had you use. 👌💢 Temporarily disable Microsoft SmartScreen to download the next software below Let's go ahead and do some clean-up work and remove the tools and logs we've run. Please download KpRm by kernel-panik and save it to your desktop. right-click kprm_2-15.exe and select Run as Administrator. Read and accept the disclaimer. When the tool opens, ensure all boxes under Actions are checked. Under Delete Quarantines select Delete Now, then click Run. Once complete, click OK. Your system is good-to-go. 😎 Sincerely. Link to post Share on other sites More sharing options...
Maurice Naggar Posted January 25 ID:1613744 Share Posted January 25 We're glad that we were able to assist you. The following information will help you to keep your computer and data safer as well as improve your overall privacy Recommend using a Password Manager for all websites, etc. that require a password. Never use the same password on more than one site. https://www.howtogeek.com/780233/best-password-manager/ Make sure you're backing up your files https://forums.malwarebytes.com/topic/136226-backup-software/ Keep all software up to date - PatchMyPC - https://patchmypc.com/home-updater#download https://patchmypc.com/about-us Keep your Operating System up to date and current at all times - https://support.microsoft.com/en-us/windows/windows-update-faq-8a903416-6f45-0718-f5c7-375e92dddeb2 Further tips to help protect your computer data and improve your privacy: https://forums.malwarebytes.com/topic/258363-tips-to-help-protect-from-infection/ Please consider installing the following Content Blockers for your Web browsers if you haven't done so already. This will help improve overall security Malwarebytes Browser Guard Google Chrome: https://chrome.google.com/webstore/detail/malwarebytes-browser-guar/ihcjicgdanjaechkgeegckofjjedodee Microsoft Edge: https://support.malwarebytes.com/hc/en-us/articles/4413298736787-Install-Malwarebytes-Browser-Guard-on-Microsoft-Edge-browser Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/malwarebytes/ uBlock Origin Google Chrome: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm Microsoft Edge: https://microsoftedge.microsoft.com/addons/detail/ublock-origin/odfafepnkmbhccpbejgmiehpchacaeak Mozilla Firefox: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin Cybersecurity basics & protection Everything you need to know about cybercrime https://www.malwarebytes.com/cybersecurity Further reading if you'd like to keep up on the malware threat scene: Malwarebytes Blog https://blog.malwarebytes.com/ Hopefully, we've been able to assist you with correcting your system issues. Thank you for using Malwarebytes. Please tell your friends and family if they too need assistance with malware removal If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Please review the following to help you better protect your computer and privacy Tips to help protect from infection Thank you Link to post Share on other sites More sharing options...
Recommended Posts