arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 25, 2015 22:11:43 GMT -8
Trojan.Agent/Gen.Siggen.Process-1 was identified by the free version of SAS, it was not found by NIS or the free MB. After the apparent removal a restart was required and I realized that SAS had been removed in the process. I was able to download a new SAS installation file but it is identified as damaged when trying to install so I can't recheck the system.
Win 8.1 with all essential updates
Thanks
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Sept 27, 2015 21:59:13 GMT -8
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 28, 2015 16:45:50 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Sept 29, 2015 22:56:06 GMT -8
Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txtNOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemStart FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 29, 2015 23:54:20 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Sept 30, 2015 19:26:16 GMT -8
Good: looks like a proxy issue was caught and corrected also .... Read carefullyDownload Adwcleaner from here to your desktop and run a scan. You may have to right click adwcleaner.exe and choose "Run as Administrator" from the menu. (Click the Scan button to start the scanning). It will create a log after it is finished scanning. If not (or if it just asks for you to uncheck what you don't wanted deleted), there is a LogFile button in the middle of the main window; click that and it will make the log file. Once the report file is made, you can leave AdwCleaner running (but don't delete anything yet) or you can close it down (we can always get a fresh scan done before the deletions). ONE SCAN ONLY, PLEASEAttach or paste the log back here for review and further instructions. Thanks.
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Sept 30, 2015 21:37:37 GMT -8
ADWCleaner log file attached. The install file for SAS is now clean, allowing installation AdwCleanerS1.txt (1.52 KB)
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 2, 2015 21:12:45 GMT -8
Sorry for the delay; I lost internet for a few days. FIRSTPlease run AdwCleaner again (if you don't have it running from the last scan) and a) Click the Scan Button and wait for the scan to finish, (If Adwcleaner has been left open at the finish of the scan this is already done). b) Make sure in your case all the items under each TAB are ticked / checked then. c) Click the Clean Button and Adwcleaner will process all the items ticked / checked and then may ask for the system to be restarted. d) It should create a new log afterwards (with S0 in the name). e) Please attach or copy the log into your reply here. SECONDMalwarebytes' Anti-MalwarePlease start Malwarebytes Anti-Malware from either the Start Menu shortcut or the desktop shortcut (if you have one). When the main screen opens, if the database is out of date, you can click on the Fix Now banner or the Update Now link Once the program has loaded and updated, select " Scan Now >>" to start the scan. The scan may take some time to finish, so please be patient. If any malware is found, you will be presented with a screen like the one below. Please click on the Save Results >> button and select the As text file from the dropdown list. I would suggest you save the file on your desktop (as we need the report attached here for review and it is easy to find on the desktop). After you have saved the report file, return to the Potential Threats Detected page and click on Cancel. You can close MBAM after that. Please attach the report file to a post here; I will review the file and script what needs to be removed.
|
|
arfur
New Helpee
Posts: 22
|
Post by arfur on Oct 2, 2015 22:24:53 GMT -8
AdwCleaner run, followed by a restart but I missed creating the log file. MB log is clean and attached. Should I rerun Adwcleaner to check? MB results.txt (1.01 KB) Bad luck about the interruption, fibre is on the way some time. Thanks for the help (again!)
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 2, 2015 23:03:29 GMT -8
You should find the AdwCleaner log in the C:\Adwcleaner directory.
|
|