[SOLVED] 05-02-23 ran Windows Defender and Threat Found & Fixed - PUA:Win32/AskToolbar, pls help permanently remove this

Hello,
Okay I did the Fix and sending the Fixlog

Strange thing to have all of these McAfee issues that you keep finding.

Also upon start up on the desktop I got a split sec DOS screen and vanishes, I guess that is something working in the background.

Thanks
 

Attachments

Hi, Jarod.

The computer is now clean, so there is nothing to worry about.

Let's finish it. :-)


1. Issues with the Intel Matrix Storage Manager at Startup

I recommend you to open a new topic at the Windows 10 Forum about this. I'm sure, someone will guide you properly there.


2. Remove the tools we used / Create a fresh Restore point

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
 
Hello,
I ran the kprm and here is its contents:

# Run at 5/16/2023 12:06:47 PM
# KpRm (Kernel-panik) version 2.14.0
# Website https://kernel-panik.me/tool/kprm/
# Run by DELL from C:\Users\DELL\Desktop
# Computer Name: DELL-PC
# OS: Windows 10 X64 (19045) (10.0.19045.2965)
# Number of passes: 1

- Checked options -

~ Registry Backup
~ Delete Tools
~ Restore System Settings
~ UAC Restore
~ Delete Restore Points
~ Create Restore Point
~ Delete Quarantines

- Create Registry Backup -

~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
~ [OK] Hive C:\Users\DELL\NTUSER.dat backed up

[OK] Registry Backup: C:\KPRM\backup\2023-05-16-12-06-46

- Delete Tools -


## ESET Online Scanner
[OK] C:\Users\DELL\Desktop\esetonlinescanner.exe deleted

## FRST
[OK] C:\Users\DELL\Desktop\FRST64.exe deleted
[OK] C:\Users\DELL\Desktop\05-02-23 Windows Defender Threat Found & Fixed\20 FRST-OlderVersion\FRST64.exe deleted
[OK] C:\FRST deleted

## McAfee RootkitRemover
[OK] C:\Users\DELL\Desktop\10-20-21 Trojan or Virus Crisis\RootkitRemover_20211020_183525 Scan Results.log deleted

## McAfee Stinger
[OK] C:\Program Files\stinger deleted
[OK] C:\Quarantine\Stinger deleted

- Restore System Settings -

[OK] Reset WinSock
[OK] FLUSHDNS
[OK] Hide Hidden file.
[OK] Show Extensions for known file types
[OK] Hide protected operating system files

- Restore UAC -

[OK] Set EnableLUA with default (1) value
[OK] Set ConsentPromptBehaviorAdmin with default (5) value
[OK] Set ConsentPromptBehaviorUser with default (3) value
[OK] Set EnableInstallerDetection with default (0) value
[OK] Set EnableSecureUIAPaths with default (1) value
[OK] Set EnableUIADesktopToggle with default (0) value
[OK] Set EnableVirtualization with default (1) value
[OK] Set FilterAdministratorToken with default (0) value
[OK] Set PromptOnSecureDesktop with default (1) value
[OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

No system recovery points were found

- Create Restore Point -

[OK] System Restore Point created

- Display System Restore Point -

~ RP named KpRm created at 05/16/2023 16:07:31

-- KPRM finished in 156.80s --


Okay will open a thread for RAID Volumes issue

Thanks
 

Attachments

Perfect!

I see you already posted at the other forum, and you got a reply. I'm sure you are going to make your computer new, here at Sysnative. :D


Now your computer is clean, here are some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!
  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
  • Peer-to-peer (P2P) programs like Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
  • Do not open any files without being certain of what they are!
5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. You have now McAfee. Together with Malwarebytes, if you run it occasionally, depending on how often you use your computer, can keep you safe.

Happy safe computing.
ZZZQehw.gif



I'm glad I was able to help you.
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top