Author Topic: Unable to resolve malware infection  (Read 11710 times)

0 Members and 1 Guest are viewing this topic.

December 08, 2016, 10:40:54 PM

bill.wasserman@verizon.ne

  • Newbie

  • Offline
  • *

  • 6
  • Reputation:
    0
    • View Profile
Unable to resolve malware infection
« on: December 08, 2016, 10:40:54 PM »
I'm certain there's malware on my PC. I'm using both Norton Anti-Virus and MalwareBytes ("MB") for protection. On numerous occasions MalwareBytes blocks outgoing traffic to www.invokefun.com and, perhaps, one or two other sites. The problem is now of 2-3 weeks duration. When I first observed atypical behavior from my PC I ran a scan with MalwareBytes. MB reported finding PUP. Optional.Scanguard. I got no "hit" when I googled the offending program name and queried MB technical support. After sharing logs and narratively describing my problem MB support reported the problem was likely in my modem. Per their instructions, I reset the modem, but problems persisted. Furthermore, neither the laptop or second PC on the network displayed any unusual behavior nor did my iPhone or my girlfriend's cell.
I tried the standard approach recommended by MB support - Junkware Removal Tool (JRT) then Adware Cleaner (advcleaner) and Hitman. JRT reported deleting multiple Temporary Internet File Folders, AdwCleaner reported finding and cleaning infections of/with "SearchScopes" and "Auslogic" (at different times) and today has been reporting it finds nothing that doesn't belong. I purchased RogueKiller which reports adverse DNS findings in the registry (I took to saving RogueKiller's log on the desktop, so all logs are not available to me).
All the tools I've employed have not resolved the problem - MB continues to block unauthorized outgoing traffic. In desperation I decided to redo the machine - reformat HDD, clean install of Windows 7 and application software. In the process of writing to software companies about what to do to preserve my license authorizations I was encouraged by Adlice Support to post my problem on this board to obtain help clearing my PC of problems. Thank you, in advance, for your response and assistance.

Reply #1December 08, 2016, 10:58:01 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Unable to resolve malware infection
« Reply #1 on: December 08, 2016, 10:58:01 PM »
Hi Bill,

Welcome to Adlice.com Forum.
Could you please attach RogueKiller and MalwareBytes latest reports in your next reply ?

Regards.

Reply #2December 09, 2016, 12:19:19 AM

bill.wasserman@verizon.ne

  • Newbie

  • Offline
  • *

  • 6
  • Reputation:
    0
    • View Profile
Re: Unable to resolve malware infection
« Reply #2 on: December 09, 2016, 12:19:19 AM »
Thank you for your response. Last two logs for each program are attached. MBytes logs are xml files. I've changed the extension so they can be uploaded

Reply #3December 09, 2016, 01:49:57 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Unable to resolve malware infection
« Reply #3 on: December 09, 2016, 01:49:57 PM »
Hi Bill,

Please download Farbar Recovery Scan Tool (x64) and save it to your Desktop.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.
Regards.

Reply #4December 09, 2016, 04:26:22 PM

bill.wasserman@verizon.ne

  • Newbie

  • Offline
  • *

  • 6
  • Reputation:
    0
    • View Profile
Re: Unable to resolve malware infection
« Reply #4 on: December 09, 2016, 04:26:22 PM »
Been there done that too. Logs are attached.

Reply #5December 10, 2016, 02:25:04 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Unable to resolve malware infection
« Reply #5 on: December 10, 2016, 02:25:04 PM »
Hi Bill,

You have numerous software and removal tools installed, your system seems damaged in some ways.

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !

Run FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.

Regards.

Reply #6December 10, 2016, 03:46:29 PM

bill.wasserman@verizon.ne

  • Newbie

  • Offline
  • *

  • 6
  • Reputation:
    0
    • View Profile
Re: Unable to resolve malware infection
« Reply #6 on: December 10, 2016, 03:46:29 PM »
I'd saved the logs from FRST64 but uninstalled the program after it turned out not to be the "magic bullet" I hoped it would be. Accordingly, there was a new "Addition.txt" file generated as well as "Fixlog.txt". To be on the safe side, I'm uploading everything generated by this run of FRST64. Just glancing at these files makes my head spin, so I thoroughly understand the  tortuous nature of the process and am tremendously thankful for your assistance.

Reply #7December 10, 2016, 04:38:10 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Unable to resolve malware infection
« Reply #7 on: December 10, 2016, 04:38:10 PM »
Hi Bill,

How is the system running now ?
Do you still have alerts about invokefun ?

Regards.

Reply #8December 11, 2016, 10:09:47 PM

bill.wasserman@verizon.ne

  • Newbie

  • Offline
  • *

  • 6
  • Reputation:
    0
    • View Profile
Re: Unable to resolve malware infection
« Reply #8 on: December 11, 2016, 10:09:47 PM »
I'm saddened to report the problem persists

Reply #9December 11, 2016, 11:56:58 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Unable to resolve malware infection
« Reply #9 on: December 11, 2016, 11:56:58 PM »
Hi Bill,

Let's try another thing.
Update Malwarebytes Anti-Malware to latest version an do a full scan of you hard disk drive.
Please then attach the log with your next reply.

Regards.

Reply #10December 12, 2016, 02:10:48 PM

bill.wasserman@verizon.ne

  • Newbie

  • Offline
  • *

  • 6
  • Reputation:
    0
    • View Profile
Re: Unable to resolve malware infection
« Reply #10 on: December 12, 2016, 02:10:48 PM »
Scan completed, file's attached.

Reply #11December 12, 2016, 11:28:24 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: Unable to resolve malware infection
« Reply #11 on: December 12, 2016, 11:28:24 PM »
Hi Bill,

I'm sorry, but I don't see any malicious items left in the FRST reports.
Malwarebytes also hasn't detected anything.

I advice you to open a new thread on Malwarebytes forum. Maybe they will have a clue about the invokefun detection.
I'm sorry I cannot help you more.

Regards.