1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress Help with "Russian websites" malware

Discussion in 'Virus & Other Malware Removal' started by SquanchyGuy, Aug 7, 2017.

Advertisement
  1. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    31,244
    Thanks for the log. Seen a few things there, but can you run this for me, and we'll see what it shows:

    Please run the MGA Diagnostic Tool and post back the report it creates:
    • Download MGADiag to your desktop.
    • Double-click on MGADiag.exe to launch the program
    • Click "Continue"
    • Ensure that the "Windows" tab is selected (it should be by default).
    • Click the "Copy" button to copy the MGA Diagnostic Report to the Windows clipboard.
    • Paste the MGA Diagnostic Report back here in your next reply.

    eddie
     
  2. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    31,244
    Hiya

    Got your message (y)

    As its been a while, and other things are happening, can we get a fresh FRST log. Delete the version that you have, and get a fresh one here. Posting the speech here for ease of use ;)

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

    Thanks

    eddie
     
  3. SquanchyGuy

    SquanchyGuy Thread Starter

    Joined:
    May 22, 2017
    Messages:
    15
    Thanks a lot! Here you go, the logs! Glad to be in contact with you again.
     

    Attached Files:

  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    31,244
    Thanks for the logs :)

    I've spotted a few things to clear up, but a couple spring to the front, so we need to look at them first.

    You have this, or had as its showing as no file:

    Аrdаmаx Keylogger

    Is this something that you have installed? If not, then we need to get this removed, and you should log onto another computer and change any passwords etc.

    Also, you have Driver Booster installed. Its a program from Iobit, and I suggest to remove this, as it is known that it may install extra unwanted programs.

    I'll wait for the reply on the Keylogger before I post, just in case you know about it.

    eddie
     
  5. SquanchyGuy

    SquanchyGuy Thread Starter

    Joined:
    May 22, 2017
    Messages:
    15
    Hi Eddie! Yes, I used Ardamax Keylogger in the past, in my workplace just in case because lot of people used other's computers, or even steal them. It happened that, in fact, someone was using my PC but I don't longer need it. If you say so, I'll delete it. I thought I'd uninstalled DB... You told me to do it before. Sorry about that, I'll uninstall it right now.
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...

Short URL to this thread: https://techguy.org/1194343