Im not sure what happened?

[Redblade8]

Hi, Im not sure what happened to my computer that is offline. I had it hibernated, and when I turned it on today, it went to a black screen instead of my saved session. When I turn it back on, it said that windows was updating. Though I have no windows updates. Next, when I log in, private firewall 7.0 said that gimp had either been changed, or deleted. Next, I ran a vulnerbility scan with Kaspersky, and it said that gimp & virtual box were vulnerable. Is this malware doing this? Why did private firewall say that gimp had been modified, and now kaspersky says that gimp is vulnerable? Is it normal to boot to a black screen from hibernation & for windows to update when there hasnt been any changes made on my end, or an internet connection for that matter?

Is there anyplace where I can download frst without windows saying that its from an unknown publisher?

Thanks for reading! I hope that you can help =)

 

[TwinHeadedEagle]

Hello,

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
  
  
  
  
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

[Redblade8]

Hi, I have a browser redirection virus that is on my phone, and my computer. When I first got it, it was on my phone, & it was redirecting to adnxs.com. Now its on my computer. Most websites I go to say that there is a certificate mismatch. When I downloaded frst64.exe, it says that publisher is unknown. When I use sigcheck.exe it says that the file is unsigned. When I scan with voodoo shield, frst64.exe comes up as 4 threats detected. That was a while ago that I downloaded that file. Now I have downloaded frst.exe & frst64.exe like you said. It is still unsigned it says from sigcheck.exe. Now it says 2 threats detected on frst64.exe, and 3 threats detected on frst.exe. Both frst.exe & frst64.exe are blocked by windows defender smartscreen. ( windows defender smartscreen prevented an unrecognized app from starting. )

I was trying to download adaware antivirus to get rid of the browser redirection virus, but voodoo shield said that it was installing from flexerasoftware, and not adaware. My license key email also said that This sender failed our fraud detection checks and may not be who they appear to be. So I'm wondering if I downloaded adaware or something else. If I view the source of the email address it said that it came from a hotmail address.

Is there anyway I can download the proper version of frst anywhere? Thanks! I greatly appreciate it. =)

 

[TwinHeadedEagle]

If it is happening on multiple devices, then I suggest to reset your internet router.

How To Reset Your Router

 

[Redblade8]

I reset the router today. I'm still getting an unknown publisher on frst. I know that this file should be signed. This is like what happened to Ivo at classicshell, having his program which should be signed, unknown. I'm also getting the redirection problem on another network in my area too. This is a different network & it also redirects.

Is there anyway to get a proper signed version of frst? Thanks for your help. =)

 

[Redblade8]

I'm also unable to update my main internet enabled windows 10 machine. It seems that every update that windows has pushed has failed on this computer. The latest updates from microsoft said that they were updating, but then it said that it was undoing the updates. Also, right after the newest updates failed, now malwarebytes premium anti-exploit protection won't turn on. I had to install malwarebytes anti-exploit to fill in that gap.

 

[Redblade8]

I'm not sure how to edit my posts, I'm sorry about that. I tried to get the microsoft windows update diagnostics troubleshooter. I went to: https://support.microsoft.com/en-us...68-021e32467565/windows-update-troubleshooter. Voodoo shield said that it blocked an exploit. The file itself isn't signed by microsoft.

 

[TwinHeadedEagle]

FRST is safe to use as well as Microsoft's troubleshoot tool. They are not signed and that is why you're getting the warning which is perfectly fine.

 

[Redblade8]

I read that it should be signed by farbar. Maybe that was an older version? Do you know of its existents? I'll get a log for you soon.

 

[TwinHeadedEagle]

It is not a signed tool, because digital signature costs some money to acquire.

 

[Redblade8]

Ok, I can't find a signed version of frst. I'm not sure why someone said that frst should be signed by farbar. I've attached the frst logs for my internet enabled computer. I had a virus on this computer that zone alarm anti-virus picked up. When I went to disinfect, it didn't do anything. Next, zone alarm was giving me an error on every option, scan, tools & etc. I should have written down the error, I didn't. Zone alarm wouldn't pick up the virus again, although it says that 1 virus has been detected & 0 files have been quarantined. My next post will have the frst log for my offline computer, that was in my original post.

 

[TwinHeadedEagle]

Your computer seems clean.