Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer won't update at ALL


  • Please log in to reply
13 replies to this topic

#1 Jadeylove

Jadeylove

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 27 August 2014 - 01:37 PM

Well my laptop has stopped updating itself since apirl 2014. And when i try to update it on my own and i restart the laptop so the updates can install it always gets stuck at 15% and i have to turn off my computer because it will be like that for hours. Then sometimes it randomly opens an internet explorer tab without me clicking it and internet explorer isn't my default browser.

 

Then Microsoft Security Essentials was acting crazy like saying its protected one minute then not protected the next. So what i did was update my Malwarebytes and Microsoft essentials on ninite.com. And it said the firewall for malware and spy-ware had been turned off so i turned it on this was for essentials. The crazy part is my computer will only install optional updates ugh. Idk i've tried to scan it with different things but nothing ever picks up.



BC AdBot (Login to Remove)

 


m

#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:04:16 AM

Posted 27 August 2014 - 04:19 PM

Hi,

 

9OoOKtajgSmoOAS611kOcmffOCc4Sw.png Run RKILL

Download Rkill by Grinler and save it to your desktop.

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
  • Please post the log generated by the tool.

 

 

 

9OoOKtajgSmoOAS611kOcmffOCc4Sw.png Malwarebytes

  • close all the other running programs, specially the Web browser
  • execute Malwarebytes MBAM.gif you have installed
    MBAM2_Update.png
  • let's make sure the program is updated, click on Update Now next click the Scan Now button
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, it will show you the results:
    MBAM2_threat-detected.jpg
  • Click on Quarantine All, then click on Apply Actions.
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
    mbam4_zps490948cc.png
  • After rebooting the computer, copy and past the mbam.log in your next reply.

» To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)

  • Open Malwarebytes Anti-Malware.
  • Click the History Tab at the top and select Application Logs.
  • Select (check) the box next to Scan Log. Choose the most current scan.
  • Click the View button.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

» To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)

  • Open Malwarebytes Anti-Malware.
  • Click the Scan Tab at the top.
  • Click the View detailed log link on the right.
  • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
  • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
  • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Please post the RKILL and Malwarebytes log.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 Jadeylove

Jadeylove
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 27 August 2014 - 05:19 PM

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/27/2014 02:32:40 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/27/2014 02:33:17 PM
Execution time: 0 hours(s), 0 minute(s), and 37 seconds(s)
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/27/2014
Scan Time: 2:38:26 PM
Logfile: Malwarebtyes.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.27.07
Rootkit Database: v2014.08.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Enabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Meep
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 301234
Time Elapsed: 29 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#4 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:04:16 AM

Posted 27 August 2014 - 05:26 PM

Hi,
 
Let's run another scan...
 
9OoOKtajgSmoOAS611kOcmffOCc4Sw.pngAdwCleaner Scan and Remove

  • Download AdwCleaner from here to the Desktop
  • Close all open windows and browsers
  • Right click on the AdwCleaner_Icon.gif icon and choose Run as Administrator to execute the program
    (When the Tool opens for the first time you have to accept the Terms of use - click J'accepte/I Agree)
     
  • Click the Scan button and wait for the scan to finish, only then the Clean button becomes active
  • Click the Clean button and wait, once done it may ask to reboot, allow it.
  • On reboot a log will be presented please copy/paste that in your next reply. The report is saved to C:\AdwCleaner\AdwCleaner[S0].txt

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#5 Jadeylove

Jadeylove
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 27 August 2014 - 07:23 PM

# AdwCleaner v3.308 - Report created 27/08/2014 at 16:58:56
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Meep - MEEP-PC
# Running from : C:\Users\Meep\Downloads\adwcleaner_3.308 (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v37.0.2062.94
 
[ File : C:\Users\Meep\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1825 octets] - [11/01/2014 20:49:09]
AdwCleaner[R10].txt - [2325 octets] - [11/03/2014 12:23:19]
AdwCleaner[R11].txt - [2446 octets] - [29/03/2014 07:32:20]
AdwCleaner[R12].txt - [2141 octets] - [26/04/2014 11:56:50]
AdwCleaner[R13].txt - [2409 octets] - [27/08/2014 16:34:05]
AdwCleaner[R1].txt - [946 octets] - [12/01/2014 01:51:25]
AdwCleaner[R2].txt - [1065 octets] - [12/01/2014 02:24:21]
AdwCleaner[R3].txt - [1178 octets] - [12/01/2014 14:25:41]
AdwCleaner[R4].txt - [1246 octets] - [12/01/2014 18:29:20]
AdwCleaner[R5].txt - [1306 octets] - [16/01/2014 15:55:35]
AdwCleaner[R6].txt - [1367 octets] - [18/01/2014 20:17:33]
AdwCleaner[R7].txt - [1427 octets] - [20/01/2014 09:42:16]
AdwCleaner[R8].txt - [1759 octets] - [04/02/2014 18:21:10]
AdwCleaner[R9].txt - [2203 octets] - [18/02/2014 12:19:19]
AdwCleaner[S0].txt - [1912 octets] - [11/01/2014 20:50:17]
AdwCleaner[S1].txt - [1006 octets] - [12/01/2014 01:52:35]
AdwCleaner[S2].txt - [1244 octets] - [12/01/2014 14:26:39]
AdwCleaner[S3].txt - [2276 octets] - [18/02/2014 17:31:28]
AdwCleaner[S4].txt - [2397 octets] - [11/03/2014 14:03:21]
AdwCleaner[S5].txt - [2518 octets] - [29/03/2014 07:33:11]
AdwCleaner[S6].txt - [2211 octets] - [26/04/2014 12:12:46]
AdwCleaner[S7].txt - [2333 octets] - [27/08/2014 16:58:56]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2393 octets] ##########


#6 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:04:16 AM

Posted 28 August 2014 - 01:41 PM

Hi,
 
It looks good. Let's run two more checks...


9OoOKtajgSmoOAS611kOcmffOCc4Sw.png Farbar Service Scanner (FSS)

Download Farbar Service Scanner and save the file to the Desktop.

  • Run FSS
  • Check all the options
  • click Scan

Post the generated log in your reply.
 
 

9OoOKtajgSmoOAS611kOcmffOCc4Sw.png Check Windows System files integrity

  • open the Command Prompt as Administrator (Tutorial)
  • type the following command and press Enter:
    sfc /scannow
    Note: This may take some time to finish.

    if it doesn't say "No integrity violations found" them do this:
  • In the command prompt window, type or Copy & Paste the following:
    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >"%userprofile%\Desktop\sfcdetails.txt"
  • Close the command prompt.
  • Attach to your post the sfcdetails.txt file that was just placed on your Desktop
  • You can safely delete the sfcdetails.txt file afterwards if you like

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#7 Jadeylove

Jadeylove
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 28 August 2014 - 06:22 PM

Farbar Service Scanner Version: 21-07-2014
Ran by Meep (administrator) on 28-08-2014 at 16:11:04
Running from "C:\Users\Meep\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
 
 
first it said must be an administrator  running a console session in order to use the sfc utility.
 
 then after i did the second step with your command it said
 cannot open C:/windows/logs/cbs/CBS.log
 
and iam the administrator for my computer o.o


#8 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:04:16 AM

Posted 30 August 2014 - 11:09 AM

Hi,
 

first it said must be an administrator  running a console session in order to use the sfc utility.
 
 then after i did the second step with your command it said
 cannot open C:/windows/logs/cbs/CBS.log
 
and iam the administrator for my computer o.o

 
Did you type the find command on the same Command Prompt window used to run SFC?
 
Make sure you open the Command Prompt window as Administrator, like this:

  • Click  Start Win7Orb.gif.
  • In the Start Search box, type cmd, and then press the keys CTRL + SHIFT + ENTER.
  • If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

Edited by SleepyDude, 30 August 2014 - 11:14 AM.

• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#9 Jadeylove

Jadeylove
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 30 August 2014 - 01:35 PM

Well my computer has gotten worse, last night Malwarebytes said that the malicious site protection was turned off so i turned it back on. So i decided to run my Malwarebytes anti-root kit and it said that it couldn't install itself into the driver meaning there's root-kit activity. So it offered me to restart and right as i clicked restart it said its scanning now are you sure you want to restart? But i didn't have time to click it just closed itself and did an error message and logged out and restarted. And when it restarted malwarebytes was scanning then after it finished nothing was found as always. So then i decided to download Malwarebytes Chameleon and it helped malwarebytes scan because my computer was moving super slow internet browser and all. And it still didn't find anything after the scan had finished. And i tried running root-kit again but the scan just froze and my computer froze. But you know one thing i noticed was when i looked at the scan log it had said that Malwarebytes Root-kit scan was disabled everything else had been enabled. Idk how or where to start when it comes to getting rid of a root-kit. I think ive had a root-kit before because my computer got hacked and i had to wipe the whole thing.  

 

Like my computer barely lets me do anything now its all of a sudden super slow I think the hacker knew i was catching on and decided to act. So for now its off im trying to decided if i should take it to the shop or not. I don't think i can run any scans now either unless i disconnect my internet.I think the hacker messed up my Malwarebytes I was thinking if i should get a usb drive and put malwarebytes on the computer that way with chamleon and anti-root kit. With the internet turned off.

 

Btw I'm different computer at the moment


Edited by Jadeylove, 30 August 2014 - 01:42 PM.


#10 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:04:16 AM

Posted 30 August 2014 - 03:40 PM

Hi,

 

Thanks for the update. Can you get a flash drive and use another computer to download files?

 

Let me know and we can move your topic to another section of the forum where we can use other tools to check your computer.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#11 Jadeylove

Jadeylove
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:16 PM

Posted 06 September 2014 - 01:42 PM

Hi again I'am so sorry i took so long to reply I couldn't find a flash drive but i finally found one last night. Well very bad news i used the flash drive to download Malwarebytes and Malwarebytes anti-rookit and chameleon but I uninstalled Malwarebytes i even searched for all the files and deleted them but sadly when i used malwarebytes from my drive it still said unprotected and some of the settings were turned off still i could tell. Then i tried running it with chameleon after re deleting all the files because after that it wouldn't open it ran i was so happy but then it still said Malwarebytes was unprotected. And i ran the threat scan with hope but it found nothing. I even ran Malwarebytes anti-rootkit and it still found nothing. This virus is nothing to play with i guess its like it adapts to virus protectors or something or becomes immune to scans by using existing files of it to become immune idk.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:16 PM

Posted 07 September 2014 - 01:53 PM

Hello, just letting you know I moved this topic to here in the Virus, Trojan, Spyware, and Malware Removal Logs forum where it will stay.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:16 AM

Posted 07 September 2014 - 01:55 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/545938 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#14 SleepyDude

SleepyDude

  • Malware Response Team
  • 2,930 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:04:16 AM

Posted 08 September 2014 - 11:34 AM

Hi,

 

At this point I would like to see a log generated outside from Windows so we will use a different tool from the one suggested by the HelpBot.

 

 

Step 1 - Farbar Recovery Scan

On a clean machine, please download Farbar Recovery Scan Tool and save it to a flash drive.

For 64 bit systems download Farbar Recovery Scan Tool x64 (FRST64)

Plug the flash drive into the infected PC.

Enter System Recovery Options using one of those options:

Option 1: Enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping theF8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

Option 2: Enter System Recovery Options by using Windows installation disc:


  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select English as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:


Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select Computer and find your flash drive letter (take note of it) and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64)  and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

 

Things I would like to see in your next reply:

  • The FRST.txt log

 

 


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users