Need Some Help--found A Malicious Web Site

I clicked on something in facebook and realized immediately I had found a malicious site.

My Chrome was hijacked so I ran the couple of pre-scans and am including those results as well since I have no clue what I have infected myself with.

The TDSSKiller log will not upload--error says the file is empty and I did get no findings. I can rerun it and see if I can get a log if you need it.

Thanks in advance for your help!

Laura / Stiina59

 

Here is the MGLog file

 

OK, have run the two scans. I'm attaching the logs as requested. My system seems to be running OK, except my internet connection seems slow. Prior to running the Adv Cleaner, the virus was systematically taking my hardware out. My pen table was first and they typically take my wireless adapter next. I reinstalled my pen tablet and it is now working fine. I may need to reinstall my wireless too? I'm only showing 1 bar when I normally get 3.

Thanks again for your help!

Laura / Stiina59

 

Dang it, I wasn't fast enough. It's taken my network adapter out and I can't find the disk. I have it, but probably didn't put it away where it belongs. Grrrrr. Will respond when I get my PC back on line.

 

Ok, was able to find driver and get back on line. I've had to do back handsprings to get here, though. I installed the driver 3 times before I went to services and didn't find the one that was disabled. I ended up doing a system restore to July 26. Then I couldn't get this thing out of Safe Mode boot. I couldn't get the <F8> to work, so I had to set up safe mode in Control Panel, but once I got everything back to normal, I couldn't find where I had changed the boot mode and the searches wouldn't work because I was in Safe Mode. I really hate Windows, even more so now! It only took me 3 hours to do what 30 min. should have taken care of.

I was able to run the Rogue Killer and get the new result. Do I need to run it again after the restore point return? I tried to run the FRST64. but it wouldn't go--that was before the restore. I didn't try to run it after in case it would mess things up.

I'm sure the system restore has totally messed up what you were trying to do, but it was the only way I could get my drivers back and working.

Let me know what I should do next.

Thanks in advance!

Laura / Stiina59

 

With the system restore, I lost the downloaded scanning tools. I'm tearing my hair out--I can't locate the FRST64 software. Everything I'm finding is the 32 bit version which won't run on my computer. Can you tell me where to find it?

Thanks!
Laura

 

I understood that I had to download all the files again, but that FRST64 is very well hidden! I finally found a link to it from another thread. I just kept trying to find it.

I'm attaching the scan results that you asked for. I'm hoping by doing the system restore that I also got rid of that nasty thing. I refuse to pay a ransom request!!

Thanks for your help.

Laura

 

I forgot about it, I'm sorry. It's what freaked me out and got me moving to try to prevent a total wipeout of my HDD. I was so focused on backing up and cleaning, I lost that detail. [[[Me shrinking in embarrassment]]] Does that change things? BTW I get calls all the time with those scammers trying to access my computer...I guess I'm getting numb to some of it. I didn't take a screen shot, just immediately shut my internet down and started working on things. All I know is I got a message that I need to call some phone number to obtain technical help to clean up the infection. That's when my pen tablet quit working and my wireless adapter began acting up. I've seen this before and the first time it happened, I ended up losing everything. (Not the threat, just the critter that ate up my HDD.) I also noticed that my Avira had been disabled. Again, my apologies for missing that detail!

Laura

 

1. I know the scammers put things onto your PC if you give them access--I get the calls all the time, just saying that I've become indifferent to it, but I do get very rude with them.
2. I was redirected to a web site that said I had been infected and that I needed to call technical support at some phone number. I don't remember what it said, just the bells and whistles went off and I knew I had gone to a bad place.

I ran the Rogue Killer twice as directed. The second time had more detections...hmmmm. Log attached.

After rebooting, I ran the FRST64 and invoked the Fix using your fixlist.txt file from my desktop.

I ran the eSet Online Scan, but after several hours (and I was careful to not do anything on my computer) it stalled and crashed. I must have accidently bumped one of my mouse devices. I tried very hard to leave things alone. Before the crash, it showed 3 detections. I ran the second time and it went all the way through, but with nothing found. It didn't give me an option to save a log file when nothing was found that I could see. I can't find a log either on my desktop or in the C: directory. If it would be somewhere else, let me know so I can search for it.

Laura

 

Thank you very much for your help, dr.moriarty. I deleted the two folders per your directive. I will get Avira back up and running. Is there a cleanup I need to do? Run the .bat file in MGTools? I'll go back to the Read and Run First and do the standard cleanup.

Laura / StiinaQT

 

Thank you again dr.moriarty!

Laura / Stiina59