Im not sure what happened?

Discussion in 'Malware Removal Assistance For Windows' started by Redblade8, Jul 5, 2017.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
    Operating System:
    Windows 8
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    7/5/2017
    Current issues and symptoms:
    Vulnerbilities?
    Steps taken in order to remove the infection:
    Not yet
    Logs added to help request:
    • I did not upload the FRST logs (I understand that this will increase the time need it to clean-up the PC)
    Hi, Im not sure what happened to my computer that is offline. I had it hibernated, and when I turned it on today, it went to a black screen instead of my saved session. When I turn it back on, it said that windows was updating. Though I have no windows updates. Next, when I log in, private firewall 7.0 said that gimp had either been changed, or deleted. Next, I ran a vulnerbility scan with Kaspersky, and it said that gimp & virtual box were vulnerable. Is this malware doing this? Why did private firewall say that gimp had been modified, and now kaspersky says that gimp is vulnerable? Is it normal to boot to a black screen from hibernation & for windows to update when there hasnt been any changes made on my end, or an internet connection for that matter?

    Is there anyplace where I can download frst without windows saying that its from an unknown publisher?

    Thanks for reading! I hope that you can help =)
     
  2. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
    Only one of them will run on your system, that will be the right version.


    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.

      [​IMG]
    • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
     
  3. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
    Hi, I have a browser redirection virus that is on my phone, and my computer. When I first got it, it was on my phone, & it was redirecting to adnxs.com. Now its on my computer. Most websites I go to say that there is a certificate mismatch. When I downloaded frst64.exe, it says that publisher is unknown. When I use sigcheck.exe it says that the file is unsigned. When I scan with voodoo shield, frst64.exe comes up as 4 threats detected. That was a while ago that I downloaded that file. Now I have downloaded frst.exe & frst64.exe like you said. It is still unsigned it says from sigcheck.exe. Now it says 2 threats detected on frst64.exe, and 3 threats detected on frst.exe. Both frst.exe & frst64.exe are blocked by windows defender smartscreen. ( windows defender smartscreen prevented an unrecognized app from starting. )

    I was trying to download adaware antivirus to get rid of the browser redirection virus, but voodoo shield said that it was installing from flexerasoftware, and not adaware. My license key email also said that This sender failed our fraud detection checks and may not be who they appear to be. So I'm wondering if I downloaded adaware or something else. If I view the source of the email address it said that it came from a hotmail address.

    Is there anyway I can download the proper version of frst anywhere? Thanks! I greatly appreciate it. =)
     
  4. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
  5. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
    I reset the router today. I'm still getting an unknown publisher on frst. I know that this file should be signed. This is like what happened to Ivo at classicshell, having his program which should be signed, unknown. I'm also getting the redirection problem on another network in my area too. This is a different network & it also redirects.

    Is there anyway to get a proper signed version of frst? Thanks for your help. =)
     
  6. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
    I'm also unable to update my main internet enabled windows 10 machine. It seems that every update that windows has pushed has failed on this computer. The latest updates from microsoft said that they were updating, but then it said that it was undoing the updates. Also, right after the newest updates failed, now malwarebytes premium anti-exploit protection won't turn on. I had to install malwarebytes anti-exploit to fill in that gap.
     
  7. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
  8. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    FRST is safe to use as well as Microsoft's troubleshoot tool. They are not signed and that is why you're getting the warning which is perfectly fine.
     
  9. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
    I read that it should be signed by farbar. Maybe that was an older version? Do you know of its existents? I'll get a log for you soon.
     
  10. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    It is not a signed tool, because digital signature costs some money to acquire.
     
  11. Redblade8

    Redblade8 New Member

    Jul 5, 2017
    7
    0
    Canada
    Windows 8.1
    Kaspersky
    Ok, I can't find a signed version of frst. I'm not sure why someone said that frst should be signed by farbar. I've attached the frst logs for my internet enabled computer. I had a virus on this computer that zone alarm anti-virus picked up. When I went to disinfect, it didn't do anything. Next, zone alarm was giving me an error on every option, scan, tools & etc. I should have written down the error, I didn't. Zone alarm wouldn't pick up the virus again, although it says that 1 virus has been detected & 0 files have been quarantined. My next post will have the frst log for my offline computer, that was in my original post.
     

    Attached Files:

  12. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,444
    2,634
    Malware Removal, Gaming
    Windows 7
    ESET
    Your computer seems clean.
     
Loading...
Similar Threads Forum Date
Apple's Face ID beaten by mask, not an effective security measure Technology News Nov 13, 2017
Need Help Best External Hard Drive Enclosure for 2.5 and 3.5 HDDSs Hardware - Questions & Help Oct 7, 2017
New Rowhammer Attack Bypass Previously Proposed Countermeasures Security News Oct 4, 2017