Need Help Removing Virus/Malware - Virus, Trojan, Spyware, And ...

#1 DominoPunkyHeart

• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 05 January 2022 - 05:19 PM

Attached Files

• Addition.txt 56.05KB 4 downloads
• FRST.txt 40.63KB 13 downloads

• Back to top

BC AdBot (Login to Remove)

• 
• BleepingComputer.com
• Register to remove ads

#2 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 05 January 2022 - 07:24 PM

Hi DominoPunkyHeart   My name is polskamachina and I would like to you to the Malware Removal Forum. I will be helping you with your malware issues. What follows below are some ground rules for this forum.   I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-8 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message. Some points for you to keep in mind:

• Do NOT run any tools unless instructed to do so.
• We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine. Running any additional tools may detect false positives, interfere with our tools, cause unforeseen damage, or system instability.
• Do not attach logs or use code boxes, just copy and paste the text into your replies to me.
• I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
• Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
• NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
• NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Let me review your situation and I will get back to you soon with further instructions. polskamachina

If I have made your computing life easier, please consider making a contribution.

• Back to top

#3 DominoPunkyHeart

• Topic Starter
• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 05 January 2022 - 07:38 PM

    Thank you very much, polskamachina for considering to help me with this situation.   I will be going offline shortly for sleep, but I will be checking for your replies as soon as I wake again - and I will keep in touch until my problem is resolved.  After reading your message, you can be sure that I won't try to remove the possible malware without your help.  Again, thank you for assisstance with this issue, I greatly appreciate it!

• Back to top

#4 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 06 January 2022 - 12:23 PM

Hi DominoPunkyHeart  Going over your logs I noticed that you have μTorrent installed.

• Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
• They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
• Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
• The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again. I would recommend that you uninstall μTorrent, however that choice is up to you. If you do not wish to remove it, then please DO NOT USE IT DURING OUR MALWARE REMOVAL PROCESS. Directions for removal are here.   Next:

• Highlight the text below in its entirety and press Ctrl-C to copy it to your clipboard:

• Run FRST64
• Click on Fix
• When the fix completes, you will be asked to restart your computer. Please allow the restart.
• When your computer reboots back to your Desktop, the file Fixlog.txt will have been placed into your Downloads folder
• Copy and paste (do not attach) that file into your next reply to me

Next:

• Download AdwCleaner and save it to your Desktop
• Right-click on AdwCleaner.exe and select Run as Administrator
• Accept the EULA (I accept), then click on Scan Now
• Let the scan complete
• Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
• Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
• Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
• Close all other open windows and allow it to restart
• After the restart, Notepad will open with the AdwCleaner cleaning log
• Please copy and paste the contents of that log into your next reply to me

In summary I will need from you:

• Fixlog.txt
• AdwCleaner cleaning log
• How is your computer performing now?

Let me know if you have any questions.

polskamachina

If I have made your computing life easier, please consider making a contribution.

• Back to top

#5 DominoPunkyHeart

• Topic Starter
• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 07 January 2022 - 05:49 AM

Hello polskamachina,   

The other day when I booted up my laptop to check for your replies, I noticed my malware program Malwarebytes started running a scan so I let it do it on its own.  When it finished, it caught several trojans that I believe were causing my problem.  For the last few days I haven't noticed any problems with my laptop computer at all!  Thankfully, I think Malwarebytes has saved it by removing those virus torjans.  I thank you for your help with everything, but I may not actually need to use your fix now if my laptop is running okay again, unless you recommend I do something from here?  Also, I don't believe utorrent had caused this because I haven't used it in a while.  I may very well delete it since I haven't really been using it lately, but I was always careful about using it for only specific downloads.  If you want, I can show you my logs again just to be sure everything is completely clear?  Again, I thank you for your help and I will certainly come here again if I need any help in the future.  

-DominoPunkyHeart

• Back to top

#6 Maurice Naggar

Eradicator de malware

• 
• Malware Response Team
• 2,155 posts
• OFFLINE

• Gender:Male
• Location:USA
• Local time:12:59 PM

Posted 07 January 2022 - 10:44 AM

• Back to top

#7 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 07 January 2022 - 12:29 PM

Hi DominoPunkyHeart

If you want, I can show you my logs again just to be sure everything is completely clear?

Yes, please show me the Malwarebytes log. The procedure for exporting the report is as follows:

• Open Malwarebytes for Windows.
• Click the Scanner card.
• Click the Reports tab.
• At the top-right of the Scan reports, you can Hide reports with no detections by checking the box.
• Hover your cursor over the report you want to view (the one with the most recent date) and click the eye icon (  ).
• A Summary window displays to show the scan results and the date and time executed. For more details, click the Advanced tab in this window.
• To download the full report, click Export, and click Copy to Clipboard
• Paste your report into your next reply to me

Next:

• Run FRST64
• Click on Scan
• When the scan completes, copy and paste FRST.txt and Addition.txt into your next reply to me

In summary I will need the following logs from you:

• Latest Malwarebytes removal report
• FRST.txt
• Addition.txt

Let me know if you have any questions.

polskamachina

If I have made your computing life easier, please consider making a contribution.

• Back to top

#8 DominoPunkyHeart

• Topic Starter
• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 07 January 2022 - 08:27 PM

• Back to top

#9 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 08 January 2022 - 02:50 PM

Hi DominoPunkyHeart   Good job posting the logs. I forgot to ask you to complete the tasks I asked you to do at the beginning. I will repost it here with some slight modifications to the code based on your previous Malwarebytes scan.results.   Next:

• Highlight the text below in its entirety and press Ctrl-C to copy it to your clipboard:

• Run FRST64
• Click on Fix
• When the fix completes, you will be asked to restart your computer. Please allow the restart.
• When your computer reboots back to your Desktop, the file Fixlog.txt will have been placed into your Downloads folder
• Copy and paste (do not attach) that file into your next reply to me

Next:

• Download AdwCleaner and save it to your Desktop
• Right-click on AdwCleaner.exe and select Run as Administrator
• Accept the EULA (I accept), then click on Scan Now
• Let the scan complete
• Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
• Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
• Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
• Close all other open windows and allow it to restart
• After the restart, Notepad will open with the AdwCleaner cleaning log
• Please copy and paste the contents of that log into your next reply to me

In summary I will need from you:

• Fixlog.txt
• AdwCleaner cleaning log
• How is your computer performing now?

Let me know if you have any questions.   polskamachina

Edited by polskamachina, 09 January 2022 - 12:35 AM.

If I have made your computing life easier, please consider making a contribution.

• Back to top

#10 DominoPunkyHeart

• Topic Starter
• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 09 January 2022 - 12:30 AM

Hi polskamachina, here are the logs from both the fixlog and also the AdwareCleaner as you requested.  Hopefully everything is clean and clear for my laptop.    Currently my laptop seems to be running okay, and I hope it is fixed.

• Back to top

#11 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 09 January 2022 - 01:07 PM

Hi DominoPunkyHeart,   We're almost at the finish line.   ESET Online Scanner:

• Download ESET Online Scanner from the ESET website by clicking the ONE-TIME-SCAN button on that webpage
• Double-click the esetonlinescanner.exe file you downloaded to run the application
• Select product language
• Click Get started and confirm the User access control dialog of Windows
• In the Terms of use screen, click Accept if you agree to the Terms of use. After accepting the terms of use, the shortcut for ESET Online Scanner is created on your Desktop
• Click Get started in the welcome screen
• Select whether or not you want to join the Customer Experience Improvement Program, and whether or not to enable the feedback system, then click Continue
• Select the Full Scan type
• Select the choice to enable detections of potentially unwanted applications (PUA)
• After the detection module updates are downloaded, the scan starts. Scan progress is shown via the progress bar along with the path and title of file being scanned. You can pause or cancel the scan at any time
• Note: The scan make take several hours depending on how many files are on your computer..When the scan has finished and if threats have been detected, click Save scan log and save the text file with a unique name such as, ESET results.txt  thenclick Continue.
• Copy and paste the contents of this ESET results report into your next reply to me (If no threats were detected, you do not need to save the results)
• The following steps are optional and are not required
  • If there has been no ESET security product detected on your machine, and your user account has administrator privileges, ESET Online Scanner will offer you to turn on Periodic scan. This choice is up to you
  • In the Thank you for using ESET Online Scanner screen you can rate the application and leave feedback. In addition, to delete all detection modules and settings of ESET Online Scanner configured in previous steps, select Delete application's data on closing
  • Click Submit and close if you rated the application and/or left a feedback, or click Close without feedback
• Click Finish to exit ESET Online Scanner

Next:

• Run FRST64
• Click on Scan
• When the scan completes, please copy and paste FRST.txt and Addition.txt into your next reply to me

 In summary I will need from you:

• ESET scan log (if threats were found)
• FRST.txt
• Addition.txt

 Let me know if you have any questions.   polskamachina

If I have made your computing life easier, please consider making a contribution.

• Back to top

#12 DominoPunkyHeart

• Topic Starter
• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 09 January 2022 - 06:09 PM

Hey polskamachina, here are the logs you've asked for after I've done the scans.   Please let me know how everything looks for my laptop, and thank you for all the help you've been giving me!

• Back to top

#13 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 09 January 2022 - 11:28 PM

Hi DominoPunkyHeart  

Did your ESET scan report any detections? If not, we can proceed to the finishing steps.

polskamachina

If I have made your computing life easier, please consider making a contribution.

• Back to top

#14 DominoPunkyHeart

• Topic Starter
• 
• Members
• 10 posts
• OFFLINE

• Local time:01:59 PM

Posted 09 January 2022 - 11:54 PM

Hi polskamachina

No the ESET scan didn't report anything.  I did however, have a problem with Malwarebytes being installed on my computer and it recognized the quarantine items in Malwarebytes previous scan logs back when it cleared them off my computer.  It didn't seem to find any new problems and the scan was clean.

-DominoPunkyHeart

• Back to top

#15 polskamachina

• 
• Malware Response Team
• 5,965 posts
• OFFLINE

• Gender:Male
• Location:California
• Local time:10:59 AM

Posted 10 January 2022 - 04:21 PM

Hi DominoPunkyHeart I noticed that both Malwarebytes and ESET antivirus programs are both enabled. In theory, they're supposed to behave nicely together but if it were my machine, I would choose one and stick with that.   Next:

It didn't seem to find any new problems and the scan was clean.

That's good news. Glad to hear you're back up to speed now. Your computer appears to be all clean.   Please continue with the following steps that will remove all the diagnostic tools you used to scan and clean your system.

• Download KpRm by Kernel-Panik and save it to your desktop
• Right-click kprm_2.9.3.exe and select Run as Administrator
• Read and accept the disclaimer
• When the tool opens, ensure all boxes under Actions are checked
• Under Delete quarantines select Delete now, then click Run
• Once complete, click OK.
• A log will open in Notepad named kprm-(date).txt.
• Please copy and paste the contents of that file into your next reply to me

Let me know if you have any questions.   polskamachina

If I have made your computing life easier, please consider making a contribution.

• Back to top

• Page 1 of 2
• 1
• 2

• Next

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

1. BleepingComputer Forums
2. → Security
3. → Virus, Trojan, Spyware, and Malware Removal Help
4. Privacy Policy
5. Rules ·

• 
• Help

Community Forum Software by IP.Board

Sign In

• Use Twitter

• Need an account? Register now!
• Username
• Forum Password I've forgotten my password
• Remember me This is not recommended for shared computers
• Sign in anonymously Don't add me to the active users list
• Privacy Policy