[DR M]

Merry Christmas to you.
 

I'll be more diligent about checking in from now on.

 
Yes, please. It will make things easier and the procedure more effective.


1. Run AdwCleaner (Scan mode)

Download AdwCleaner and save it to your desktop.

• Double click AdwCleaner.exe to run it.
• Click Scan Now.
  • When the scan has finished, a Scan Results window will open.
  • Click Cancel (at this point do not attempt to Quarantine anything that is found)
• Now click the Log Files tab.
  • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.
  • Please post the contents of the file in your next reply.

 

2. Run Malwarebytes (Scan mode)

• Open Malwarebytes you have already installed.
• Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
  

  Under the title Scan Options, all the options are checked.
  Under the title Windows Security Center (Premium only) the option is NOT checked.
  Under the title Potentially unwanted items all options are set to Always.

• Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
• When finished, you will see the Threat Scan Summary window open.

If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.

• Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
• Find the report with the most recent date and double click on it.
• Click on Export and then Copy to Clipboard.
• Paste its content here, in your next reply.

 

In your next reply, please post:

• The AdwCleaner[S0*].txt
• The Malwarebytes report

[Advertisements]

Gotcha.

Hope you had/have a merry Christmas btw! 

 

 

 

Malwarebytes

www.malwarebytes.com

 

-Log Details-

Scan Date: 12/25/21

Scan Time: 9:06 PM

Log File: 93f78aaa-6609-11ec-b302-309c23d3a5d9.json

 

-Software Information-

Version: 4.5.0.152

Components Version: 1.0.1538

Update Package Version: 1.0.48974

License: Free

 

-System Information-

OS: Windows 10 (Build 19044.1415)

CPU: x64

File System: NTFS

User: DESKTOP-FG8Q7DG\Moi

 

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 325591

Threats Detected: 0

Threats Quarantined: 0

Time Elapsed: 3 min, 20 sec

 

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

 

-Scan Details-

Process: 0

(No malicious items detected)

 

Module: 0

(No malicious items detected)

 

Registry Key: 0

(No malicious items detected)

 

Registry Value: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Data Stream: 0

(No malicious items detected)

 

Folder: 0

(No malicious items detected)

 

File: 0

(No malicious items detected)

 

Physical Sector: 0

(No malicious items detected)

 

WMI: 0

(No malicious items detected)

 

 

(end)

Attached Files

•  AdwCleanerS03.txt   1.61KB   139 downloads

Edited by SpaghettiOs, 25 December 2021 - 11:14 PM.

[SpaghettiOs]

Gotcha.

Hope you had/have a merry Christmas btw! 

 

 

 

Malwarebytes

www.malwarebytes.com

 

-Log Details-

Scan Date: 12/25/21

Scan Time: 9:06 PM

Log File: 93f78aaa-6609-11ec-b302-309c23d3a5d9.json

 

-Software Information-

Version: 4.5.0.152

Components Version: 1.0.1538

Update Package Version: 1.0.48974

License: Free

 

-System Information-

OS: Windows 10 (Build 19044.1415)

CPU: x64

File System: NTFS

User: DESKTOP-FG8Q7DG\Moi

 

-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 325591

Threats Detected: 0

Threats Quarantined: 0

Time Elapsed: 3 min, 20 sec

 

-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Detect

PUM: Detect

 

-Scan Details-

Process: 0

(No malicious items detected)

 

Module: 0

(No malicious items detected)

 

Registry Key: 0

(No malicious items detected)

 

Registry Value: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Data Stream: 0

(No malicious items detected)

 

Folder: 0

(No malicious items detected)

 

File: 0

(No malicious items detected)

 

Physical Sector: 0

(No malicious items detected)

 

WMI: 0

(No malicious items detected)

 

 

(end)

Attached Files

•  AdwCleanerS03.txt   1.61KB   139 downloads

Edited by SpaghettiOs, 25 December 2021 - 11:14 PM.

[DR M]

Hi, Spaghetti.
 
Thank you for the wishes. I hope you had a nice time too.
 
Let's now see fresh FRST logs.

• Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
• Press Scan button and wait for a while.
• The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
• Please attach the content of these two logs in your next reply.

 

Questions:

 

Are you getting the same warnings from Defender?

 

How is the computer running now? Do you have any other issues?

[SpaghettiOs]

I ran windows security and the warning is gone. It says "No current threats."

Computer is running fine. When I first noticed the security warning, there would be brief moments where my pc would freeze or lag for a few seconds throughout the day, but it doesn't do that anymore. I think whatever it is that you did worked! 

Attached Files

•  Addition_26-12-2021 01.59.52.txt   69.3KB   134 downloads
•  FRST_26-12-2021 01.59.52.txt   68.46KB   139 downloads

[DR M]

Glad to hear that the computer is running fine now.

 

I will need some time to review your fresh logs and be back to you when I am ready, possibly tonight, my time.

[DR M]

Hi, Spaghetti.
 
Just one thing for you to do, as a directive was mistyped before:

FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

• Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.

Start::
CreateRestorePoint:
CloseProcesses:
Hosts:
EmptyTemp: 
End::

• Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
• Press the Fix button once and wait.
• FRST will process fixlist.txt
• When finished, it will produce a log fixlog.txt on your Desktop.
• Please post the log in your next reply.

[SpaghettiOs]

Hey, DR M

 

K, I ran the scan.

Attached Files

•  Fixlog_26-12-2021 07.45.43.txt   1.19KB   138 downloads

[DR M]

Hi, Spagheti/Lasagna.
 
Let's finish it.

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.

• Right-click kprm_(version).exe and select Run as Administrator.
• Read and accept the disclaimer.
• When the tool opens, ensure all boxes under Actions are checked.
• Under Delete Quarantines select Delete Now, then click Run.
• Once complete, click OK.
• A log will open in Notepad titled kprm-(date).txt.
• Please copy and paste its contents in your next reply.

[SpaghettiOs]

Hi Dr M,

 

Here's the log.

Edited by SpaghettiOs, 28 December 2021 - 07:07 AM.

[DR M]

I'm afraid you forgot to attach the log.

[SpaghettiOs]

oh, it appears so. 

 

sorry about that, here it is.

Attached Files

•  kprm-20211227230939.txt   2.43KB   134 downloads

[DR M]

Excellent!

Now your computer is clean, here are some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!

• Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
• Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
• Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
• Do not open any files without being certain of what they are!

5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. You have now the built-in Windows 10 antivirus, Windows Defender. Together with Malwarebytes, if you run it occasionally, depending on how often you use your computer, can keep you safe.

Happy safe computing.



I'm glad I was able to help you.

[SpaghettiOs]

Thanks so much for the additional tips and for doing what you do and donating your time and brains to help out people like me. You're awesome!

[DR M]

You are very welcome, Spaghetti! 

 

Take care, stay safe!