I have performed a scan using Farbar Recovery Scan Tool but don't know what else to go from there to obtain the fixlog? Pls help! I am attaching my First and Additional reports.
FRST log performed but I have no clue how to get fixlog.txt?
- Thread starter shangrilada
- Start date
- Status
- Nov 5, 2019
- 1,436
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
After the restart of the computer execute this:
Clean the Windows Defender Quarantine folder.
How to: Delete/Restore quarantined files.
Follow the directives on the page to delete all the files in the quarantine folder.
Restart the computer when done.
<<<>>>
Please post the Fixlog.txt
Let me know what problem persists with this computer.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
After the restart of the computer execute this:
Clean the Windows Defender Quarantine folder.
How to: Delete/Restore quarantined files.
Restore quarantined files in Microsoft Defender Antivirus
You can restore quarantined files and folders in Microsoft Defender Antivirus.
docs.microsoft.com
Follow the directives on the page to delete all the files in the quarantine folder.
Restart the computer when done.
<<<>>>
Please post the Fixlog.txt
Let me know what problem persists with this computer.
Hi Nasdaq, while I noticed a huge improvement and it seems like most of the most annoying part of the virus has been eradicated. There's the occasional split second screen flicker like a script or something was being executed. I am still getting these strange notification to approve changes to my powershell.exe to have access to root directories , etc... any ideas?
This mesg pops up in the middle of playing league of legends and this has never happened before the virus infected my system.
This mesg pops up in the middle of playing league of legends and this has never happened before the virus infected my system.
Last edited:
- Nov 5, 2019
- 1,436
Hi,
This scan may take an hour or two. Execute it when you know you will not need the computer.
ESET Online Scanner using Internet Explorer:
Note: You will need to disable your currently installed Anti-Virus, how to do so can be found here.
Let me know if the problem persists.
This scan may take an hour or two. Execute it when you know you will not need the computer.
ESET Online Scanner using Internet Explorer:
Note: You will need to disable your currently installed Anti-Virus, how to do so can be found here.
Enable detection of potentially unwanted applications
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology
Remove found threats
Scan archives
Scan for potentially unsafe applications
Enable Anti-Stealth technology
- Click Change next to Current scan targets:[/*]
- Place a check mark in any additional drive you wish to scan then click OK.[/*]
- Click Start.[/*]
- ESET will then download updates and begin scanning your computer.[/*]
- If no threats are found simply click Uninstall application on close and hit Finish.[/*]
- If threats are found click List of found threats.[/*]
- Click Export to text file.[/*]
- Save the file on your Desktop as ESET.txt.[/*]
- Click Back.[/*]
- Check Uninstall application on close and Delete quarantined files.[/*]
- Click Finish.[/*]
- Close the ESET Online Scanner window.[/*]
- Copy and paste the contents of ESET.txt into your reply, if any threats were detected. There will be no log, if no threats were detected.[/*]
Let me know if the problem persists.
Thanks, I will give this a try tomorrow as it is now 11:41pm here in Western Australia. FYI, I did perform an online virus scanner (not ESET) but another one, I think it was Kaspersky. I've also ran AVAST rescue disk virus scanner and while it did detect some viruses/Trojans/etc, this particular virus went undetected.
Just a quick update - just right now when I boot up my PC, the same script that we eradicated yesterday is now back again. Attaching a screen shot of what I see.
Just a quick update - just right now when I boot up my PC, the same script that we eradicated yesterday is now back again. Attaching a screen shot of what I see.
Attachments
link provided would not work for some reason, getting :
999-204840768601503561
I went to the site manually and that worked - scanning now.
SOMETHING IS WRONG
Server Error 403. Access denied. You are not allowed to see this page.999-204840768601503561
I went to the site manually and that worked - scanning now.
Last edited:
performed this scan twice!
first time found 31 instances, 2nd time found 7 but unfortunately after a reboot the virus script has come back stronger than before...stronger being a bit more obvious with multiple signs of its activities.
beginning to think this is a fairly new virus or it's that good to have evaded detection from various antivirus softwares.
I realized I used Chrome to perform the ESET online scan and not MS Internet Explorer. When you said MSIE, is that the same is MS Edge? Either case I am not sure how much difference it would make seeing that the process to perform the scan involves downloading a exe file and then running that exe file locally without the need for any web browser.
first time found 31 instances, 2nd time found 7 but unfortunately after a reboot the virus script has come back stronger than before...stronger being a bit more obvious with multiple signs of its activities.
beginning to think this is a fairly new virus or it's that good to have evaded detection from various antivirus softwares.
I realized I used Chrome to perform the ESET online scan and not MS Internet Explorer. When you said MSIE, is that the same is MS Edge? Either case I am not sure how much difference it would make seeing that the process to perform the scan involves downloading a exe file and then running that exe file locally without the need for any web browser.
Last edited:
so interestingly I decided to check my restore point options and there was an automatic restored point just 7 days after this virus infected my system. I performed the restore and it appears the virus is no where to be seen now. fingers crossed and hope this was all I needed to do 
- Status
Similar threads
- Locked
