Virus scan
Solved
ddsprds
Posted messages
9
Status
Membre
-
Malekal_morte- Posted messages 178136 Registration date Status Modérateur, Contributeur sécurité Last intervention -
Malekal_morte- Posted messages 178136 Registration date Status Modérateur, Contributeur sécurité Last intervention -
Hello,
For the past couple of days, my computer has been slower than usual and I would like to know if there is a way someone could help me check if there is a virus or not?
Thank you in advance,
For the past couple of days, my computer has been slower than usual and I would like to know if there is a way someone could help me check if there is a virus or not?
Thank you in advance,
7 réponses
Hello,
Install "Real Temp" or "Coretemp" to monitor the temperature of the computer.
See how high the temperature of the computer rises during use. It should not exceed 60 degrees Celsius. If possible, attach a screenshot of the software to the message.
~~
To check your computer for potential infections and to get a general state of the system:
Follow the FRST tutorial by clicking on this blue link. ( take the time to read carefully - everything is well explained there ).
Download and run the FRST scan,
Wait for the scan to finish, a message will indicate that the analysis is complete.
Three FRST reports will be generated:
Send these 3 reports to the site https://pjjoint.malekal.com/ and reply with the 3 pjjoint links that lead to the reports here in a new response so that we can review them.
(The blue links lead to step-by-step explanatory tutorials, click on them for more precise instructions to follow).
--
Please press any key to continue the disinfection...
Install "Real Temp" or "Coretemp" to monitor the temperature of the computer.
See how high the temperature of the computer rises during use. It should not exceed 60 degrees Celsius. If possible, attach a screenshot of the software to the message.
~~
To check your computer for potential infections and to get a general state of the system:
Follow the FRST tutorial by clicking on this blue link. ( take the time to read carefully - everything is well explained there ).
Download and run the FRST scan,
Wait for the scan to finish, a message will indicate that the analysis is complete.
Three FRST reports will be generated:
- FRST.txt
- Shortcut.
- Additionnal.txt
Send these 3 reports to the site https://pjjoint.malekal.com/ and reply with the 3 pjjoint links that lead to the reports here in a new response so that we can review them.
(The blue links lead to step-by-step explanatory tutorials, click on them for more precise instructions to follow).
--
Please press any key to continue the disinfection...
Thank you for your response,
So,
shortcut: https://pjjoint.malekal.com/files.php?id=20191213_c7i9i9l9r15
addition: https://pjjoint.malekal.com/files.php?id=20191213_k14s9j11i8o15
frst: https://pjjoint.malekal.com/files.php?id=FRST_20191213_e5u15l14u7t12
also, I have attached the screen from real temp:
So,
shortcut: https://pjjoint.malekal.com/files.php?id=20191213_c7i9i9l9r15
addition: https://pjjoint.malekal.com/files.php?id=20191213_k14s9j11i8o15
frst: https://pjjoint.malekal.com/files.php?id=FRST_20191213_e5u15l14u7t12
also, I have attached the screen from real temp:
Here is the correction to be made with FRST. You can refer to this explanatory note with screenshots.
Restart FRST and then press CTRL + Y on your keyboard.
The notepad will open, copy/paste this.
Save the content from the file menu then save.
Close the notepad, return to FRST and click on the "Fix" button.
A restart may be necessary and automatic.
A text file will appear, copy/paste the content here in a new message.
Restart the computer.
--
Please press a key to continue the disinfection...
Restart FRST and then press CTRL + Y on your keyboard.
The notepad will open, copy/paste this.
Start:
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SysUi] => C:\Windows\sysui.vbs [132 2018-10-23] () [Unsigned file]
C:\Windows\sysui.vbs
2019-12-13 18:36 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~0
2019-12-13 18:27 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~1
2019-12-13 18:22 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~2
EmptyTemp:
RemoveProxy:
Hosts:
Reboot:
End:
Save the content from the file menu then save.
Close the notepad, return to FRST and click on the "Fix" button.
A restart may be necessary and automatic.
A text file will appear, copy/paste the content here in a new message.
Restart the computer.
--
Please press a key to continue the disinfection...
Here are the results obtained after the correction:
Results of the Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Executed by axel (13-12-2019 21:47:23) Run:1
Executed from H:\download
Profiles loaded: axel (Available profiles: axel)
Boot mode: Normal
==============================================
fixlist content:
Start:
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SysUi] => C:\Windows\sysui.vbs [132 2018-10-23] () [Unsigned file]
C:\Windows\sysui.vbs
2019-12-13 18:36 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~0
2019-12-13 18:27 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~1
2019-12-13 18:22 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~2
EmptyTemp:
RemoveProxy:
Hosts:
Reboot:
End:
Processes closed successfully.
Error: (0) Unable to create a restore point.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SysUi" => deleted successfully
C:\Windows\sysui.vbs => moved successfully
C:\ProgramData\~0 => moved successfully
C:\ProgramData\~1 => moved successfully
C:\ProgramData\~2 => moved successfully
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => deleted successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => deleted successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => deleted successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => deleted successfully
"HKU\S-1-5-21-3079568664-545041957-3549391890-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => deleted successfully
"HKU\S-1-5-21-3079568664-545041957-3549391890-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => deleted successfully
========= End of RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 500481278 B
Java, Flash, Steam htmlcache => 85229556 B
Windows/system/drivers => 12649040 B
Edge => 4204502 B
Chrome => 385550087 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 636936 B
axel => 1664942691 B
RecycleBin => 2937800406 B
EmptyTemp: => 5.2 GB temporary data deleted.
================================
The system had to restart.
Results of the Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Executed by axel (13-12-2019 21:47:23) Run:1
Executed from H:\download
Profiles loaded: axel (Available profiles: axel)
Boot mode: Normal
==============================================
fixlist content:
Start:
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SysUi] => C:\Windows\sysui.vbs [132 2018-10-23] () [Unsigned file]
C:\Windows\sysui.vbs
2019-12-13 18:36 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~0
2019-12-13 18:27 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~1
2019-12-13 18:22 - 2019-12-13 20:36 - 000000000 __HDC C:\ProgramData\~2
EmptyTemp:
RemoveProxy:
Hosts:
Reboot:
End:
Processes closed successfully.
Error: (0) Unable to create a restore point.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SysUi" => deleted successfully
C:\Windows\sysui.vbs => moved successfully
C:\ProgramData\~0 => moved successfully
C:\ProgramData\~1 => moved successfully
C:\ProgramData\~2 => moved successfully
========= RemoveProxy: =========
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => deleted successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => deleted successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => deleted successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => deleted successfully
"HKU\S-1-5-21-3079568664-545041957-3549391890-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => deleted successfully
"HKU\S-1-5-21-3079568664-545041957-3549391890-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => deleted successfully
========= End of RemoveProxy: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 500481278 B
Java, Flash, Steam htmlcache => 85229556 B
Windows/system/drivers => 12649040 B
Edge => 4204502 B
Chrome => 385550087 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 636936 B
axel => 1664942691 B
RecycleBin => 2937800406 B
EmptyTemp: => 5.2 GB temporary data deleted.
================================
The system had to restart.
End of Fixlog 21:48:08
You're welcome =)
To avoid viruses, you need to know how hackers go about infecting computers: How computer viruses are distributed
You can improve the protections and security of Windows by following these guidelines:
1) How to protect against malicious scripts on Windows
2) Windows Firewall: the right settings
3) ublock on your internet browser
--
Please press any key to continue the disinfection...
To avoid viruses, you need to know how hackers go about infecting computers: How computer viruses are distributed
You can improve the protections and security of Windows by following these guidelines:
1) How to protect against malicious scripts on Windows
2) Windows Firewall: the right settings
3) ublock on your internet browser
--
Please press any key to continue the disinfection...