Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need help with my new computer!


  • This topic is locked This topic is locked
5 replies to this topic

#1 whew

whew

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 30 April 2017 - 03:17 PM

this useless Mcafee came with Lenovo desktop couldn't solved my problem!

i believe it is the fake svchost and isass exe thingy, can anyone help me please?

 

 

Attached Files


Edited by whew, 30 April 2017 - 03:24 PM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:31 PM

Posted 01 May 2017 - 08:10 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled
Turn System Restore On for Drives in Windows 10
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
===


Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:


Press the windows key [img=http://i1106.photobucket.com/albums/h363/debojyotidas/Windows_Logo_key.gif][b]+ r[/b] on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.

[code]

Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-20]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm 
Task: {6D509D4D-C507-4D74-A383-2842FF0864E0} - System32\Tasks\Origin => C:\Users\PC\AppData\Roaming\Origin\update.vbe  <==== ATTENTION
C:\Users\PC\AppData\Roaming\Origin
C:\WINDOWS\System32\Tasks\Origin

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

If still having issues with this computer please explain also download and run these tools.

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 3 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.

rkill.exe
rkill.com
rkill.scr

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested on another computer and then transfer them to the desktop of the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

When completed it will create a log. Please post the content on your next reply.
===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.
=======

#3 whew

whew
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 01 May 2017 - 03:56 PM

here it is!

Attached Files



#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:31 PM

Posted 02 May 2017 - 07:45 AM

Looking good.

 

Any remaining issues?



#5 whew

whew
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:31 AM

Posted 02 May 2017 - 03:25 PM

Looking good.

 

Any remaining issues?

the computer is running smooth again! thank you very much! you guys rocks!!!!!!



#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,508 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:12:31 PM

Posted 03 May 2017 - 07:20 AM

If all is well.
 
To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
 
 
Simple and easy ways to keep your computer safe and secure on the Internet.
===





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users