Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

infected with bestfaustcaptcha [Solved]


  • This topic is locked This topic is locked

#46
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts

All four of those were uninstalled.

 

Can't think of any other questions other than the ones I posted earlier.

 

thnx


  • 0

Advertisements


#47
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

Hello.
 
About Malwarebytes, do you have the Licence Key/Licence ID for your lifetime subscription? If no, you will need to sign in to your Malwarebytes account here. Let me know if you were able to do that. 
 
Now, since there are no other questions...

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.

  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.

  • 0

#48
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts

re Malwarebytes - I have the original disk which has the product ID & Key on it.

 

Ran into a problem with KpRm.

 

Tried this twice and the results were the same. I got it download to the desktop, but when attempting to get it to run the pc would freeze up with the small spinning circle replacing the mouse cursor.

 

Couldn't get Ctrl-Alt-Delete to come up or get the pc to shut down - had to force a shutdown again.

 

It didn't completely freeze up the processor, but there was clearly something going on that wasn't normal.


  • 0

#49
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

I have the original disk which has the product ID & Key on it.

 
So you can use them to activate the Premium version (Open Malwarebytes, click the little gear at the top right, then the tab Account. It should have the option to activate).
 
 

Ran into a problem with KpRm.

 
I hope you gave it some time.
 

 

It wouldn't hurt to do the following, then try KpRm again:

Run Deployment Image Servicing and Management (DISM)

  • Click on the Start button and in the search box, type Command Prompt
  • When you see Command Prompt on the list, right-click on it and select Run as administrator
  • Enter the command below and press on Enter;
DISM /Online /Cleanup-Image /RestoreHealth
  • Let the scan run until the end (100%). Depending on your system, it can take some time.
  • Please post here the result you got (screenshot).

When DISM finishes, you can then run SFC from the same command prompt window, but full instructions as if starting fresh:

  • Click on the Start button and in the search box, type Command Prompt
  • When you see Command Prompt on the list, right-click on it and select Run as administrator
  • Enter the command below and press on Enter
sfc /scannow
  • Let the scan finish.
  • You will normally get one of the following results:
    Windows Resource Protection did not find any integrity violations
    Windows Resource Protection found corrupt files and successfully repaired them
    Windows Resource Protection found corrupt files but was unable to fix some of them
    Windows Resource Protection could not perform the requested operation
    
    Please post the result you got (screenshot).

  • 0

#50
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts

RE Malwarebytes - thnx for that info. I'll look into that later today.

 

I did give it some time - but it was not what I'd call a normal reaction to other downloads, then run. 

 

I also have the log of sfc scan - but it apparently is too large to paste into this window.

 

Screenshot (9).png

 

Screenshot (10).png


  • 0

#51
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

SFC found corrupted files and corrected them. No need to post the log.

 

Try to run KpRm now.


  • 0

#52
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts
# Run at 2/6/2022 10:43:29 AM
# KpRm (Kernel-panik) version 2.9.3
# Run by scodo from C:\Users\scodo\OneDrive\Desktop
# Computer Name: SCOTTSOFFICEDES
# OS: Windows 10 X64 (19043) 
# Number of passes: 1
 
- Checked options -
 
    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines
 
- Create Registry Backup -
 
   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\scodo\NTUSER.dat backed up
 
     [OK] Registry Backup: C:\KPRM\backup\2022-02-06-10-43-29
 
- Delete Tools -
 
 
  ## AdwCleaner
     [OK] C:\Users\scodo\OneDrive\Desktop\AdwCleaner.exe deleted
     [OK] C:\AdwCleaner deleted
 
  ## FRST
     [OK] C:\Users\scodo\OneDrive\Desktop\Addition.txt deleted
     [OK] C:\Users\scodo\OneDrive\Desktop\Fixlog.txt deleted
     [OK] C:\Users\scodo\OneDrive\Desktop\FRST.txt deleted
     [OK] C:\Users\scodo\OneDrive\Desktop\FRST64 (2).exe deleted
     [OK] C:\Users\scodo\Downloads\FRST64.exe deleted
     [OK] C:\FRST deleted
 
- Restore System Settings -
 
     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files
 
- Restore UAC -
 
     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value
 
- Clear Restore Points -
 
   ~ [OK] RP named Scheduled Checkpoint created at 02/01/2022 16:51:51 deleted
   ~ [OK] RP named Restore Point Created by FRST created at 02/03/2022 23:29:28 deleted
   ~ [OK] RP named Restore Point Created by FRST created at 02/04/2022 10:56:05 deleted
   ~ [OK] RP named AdwCleaner_BeforeCleaning_05/02/2022_09:23:21 created at 02/05/2022 14:23:22 deleted
   ~ [OK] RP named Dell SupportAssist OS Recovery Plugin for Dell Update created at 02/05/2022 16:14:31 deleted
   ~ [OK] RP named Dell SupportAssist Remediation created at 02/05/2022 16:15:05 deleted
   ~ [OK] RP named Removed Dell Update for Windows Universal. created at 02/05/2022 16:15:29 deleted
     [OK] All system restore points have been successfully deleted
 
- Create Restore Point -
 
     [OK] System Restore Point created
 
- Display System Restore Point -
 
   ~ [I] RP named KpRm created at 02/06/2022 15:44:01
 
-- KPRM finished in 40.80s --

  • 0

#53
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

Good! 
 
Every obstacle is for good!

wLPkDda.gif


Now your computer is clean, here are some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!

  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
  • Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
  • Do not open any files without being certain of what they are!

5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. You have now the built-in Windows 10 antivirus, Windows Defender. Together with Malwarebytes, if you run it occasionally, depending on how often you use your computer, can keep you safe.

Happy safe computing. ZZZQehw.gif


I'm glad I was able to help you.


  • 1

#54
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts

All good.

 

Activated Malwarebytes Premium - the product ID and Key worked. Thnx for that suggestion.

 

I'm guessing you would recommend having all four Real Time Protections on and running (web, malware, ransomware, and exploit)?

 

Again, thnx for your help and really appreciate your prompt replies to my posts!

 

Excellent experience


  • 1

#55
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

 

I'm guessing you would recommend having all four Real Time Protections on and running (web, malware, ransomware, and exploit)?

 

I have the Exploit on. Where do you see the other options?

 

Since your main antivirus solution is Microsoft Defender, you have to make sure that in Settings (Security tab selected), the option under the title Windows Security Center is NOT checked.

 

Also, it's good to have these settings:

 

Under the title Scan Options, ALL the options are checked.
Under the title Potentially unwanted items ALL options are set to Always.

  • 0

Advertisements


#56
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts

All verified - thnx.

 

Screenshot (11).png

 

 


  • 0

#57
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

Oh, absolutely! I was looking in Settings. Yes, to all.

 

:thumbsup:


  • 0

#58
scewter

scewter

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 149 posts

Excellent.


  • 0

#59
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,225 posts

 

Excellent experience

 

And you are most welcome!


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP