How can I remove this virus?
SS&D ran this automatically today. It shows this virus. I clicked on Fix All selected.
I then ran SS&D again. This virus was still there.
...chris
How can I remove this virus?
SS&D ran this automatically today. It shows this virus. I clicked on Fix All selected.
I then ran SS&D again. This virus was still there.
...chris
Hi
If what you say has been found on your computer, then there isn't much I can do to help out.
I've located an article about the infection you listed, the names of these infections change very often, as well as the extensions shown to indicate the infection.
https://www.enigmasoftware.com/vxloc...mware-removal/
also
https://www.bleepingcomputer.com/for...-files/page-79
From here about all I can suggest is to try and attempt to run a couple of scans to find/identify whats on the machine.
~~~~~~~~~~~~~~~~~
Run Malwarebytes Anti-Malware
You may have Malwarebytes Anti-Malware installed but if not, you can download it from here:
- run the program
- click on the ‘Dashboard’ to make sure everything is up to date, (it is not necessary to upgrade to the premium version of MBAM)
- click on the ‘Scan’ tab, (directly below the Dashboard tab)
- select the Threat Scan option
- slick the Scan Now button
- Threat Scan will begin
- when the scan has completed Look over the list of items found, if anything looks legit but has a bad file extension after it's name, uncheck for it to be removed and if malware was found, click the Quarantine Selected button to allow MBAM to quarantine what was found
- if prompted to restart the computer, close all other programs and click Yes to restart your computer
- once you are back at your desktop, open MBAM once more
- click on the ‘Reports’ tab
- double-click on the most recent Scan Report
- click on Export, then Copy to Clipboard
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Download and run AdwCleaner
Download AdwCleaner from here and save it to your desktop.
you can download AdwCleaner here: https://malwarebytes.com/adwcleaner
run AdwCleaner by clicking on Scan Now
when it has finished, Look over the list of items found, if anything looks legit but has a bad file extension after it's name, uncheck for it to be removed, leave everything that was found checked, (ticked), then click on Clean and Repair
if it asks to reboot, allow the reboot
on reboot, click on View Log File; please attach the content of the log to your next reply.
============================================
Please post these 2 logs when finished.
Windows Insider MVP Consumer Security 2009 - 2017
Please do not PM me for Malware help, we all benefit from posting on the open board.
I downloaded and ran Anti-Malware.
I told me that the SHA-2 update was missing so I chose to download and run the legacy version.
The prompts differed from what you listed, e.g. no Dashboard, but I did do a Scan.
The report is below:
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 3/5/22
Scan Time: 8:43 PM
Log File: c751fa40-9cee-11ec-9a80-74d02b282604.json
-Software Information-
Version: 4.3.0.98
Components Version: 1.0.1273
Update Package Version: 1.0.51929
License: Trial
-System Information-
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Molly\Chris
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 166852
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 37 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Still need to do AdwCleaner
Prompts for Anti-Malware were somewhat different from those you listed.
I found no choice but to start a 14-day trial of Premium.
I read in the enigmasoftware.com article that VxLock sometimes masquerades as IE. I almost never ran IE.
...chris
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-05-2022
# Duration: 00:00:14
# OS: Windows 7 Professional
# Scanned: 32048
# Detected: 6
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
PUP.Optional.Legacy HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
I look forward to your further help.
...chris
I recognize none of the registry entries. Perhaps you do.