Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Expected infection of fresh install


  • This topic is locked This topic is locked
3 replies to this topic

#1 Northern_blades

Northern_blades

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:46 PM

Posted 29 June 2017 - 06:21 PM

Quick background.   The computer began to act up,   nothing significant on the computer.
It was a big box store computer, complete with recovery partition.

It started having problems,   the recovery did not work, and then the clean install was used.

The immediate symptom that most sites that would help are blocked.
https://my.norton.com/
is inaccessible.
As is
https://www.malwarebytes.com/

This was my red flag.

I then tried to install Norton, directly (this is on a computer that had just been reset to factory)

Unable to install directly.

I directly installed malware bytes,  It is unable to connect for updates.

I am without the laptop, for likely 2-3 days,  so I can not get more information.  I do have a "Addition.txt"   and a "FRST.txt" files,  but as I did not have instructions,   or the laptop available,  I expect, I missed some important step/ switch, or command.  This is all I have for now.

Not attaching two files until requested to do so.

they do appear to have some personal information,   but nothing critical. (that I could Identify)

There is absolutly nothing installed on the machine, that was not installed as part of the corporate "beats"  recovery garbage./ bloat   they send with it.



BC AdBot (Login to Remove)

 


#2 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:03:46 PM

Posted 02 July 2017 - 11:40 AM

Northern_blades:

 
:welcome: to the Bleeping Computer Virus, Trojans, Spyware, and Malware Removal Logs Forum.  My name is Phil.  May I address you by your first name?
 
I will be assisting you with your computer issues.  I will endeavor to respond within a reasonable time, normally 48 hours after your last post.
 
I would ask that you please copy and paste the contents of all requested log files directly into your replies.  I know that the instructions do say to attach the "Addition.txt" file, but it is much faster for me to analyze the logs when that are copied and pasted into your replies.  Please do not use "code" or "quote" boxes because they reduce the font size.  Thank you for your anticipated cooperation.
 
Please copy and paste the contents of the "FRST.txt" file and the "Addition.txt" file directly into your next reply, or replies.  If the logs are large, it is sometimes necessary to copy and paste each one into a separate reply.
 
I will need some time to review your FRST logs once I receive them.  That could take a day or two.  Due to "real life" commitments, I will probably be away from my computer for most of tomorrow (Monday, July 03, 2017).
 
PLEASE DO NOT RUN ANY ADDITIONAL SCANS OR ANTI-MALWARE REMOVAL TOOLS UNTIL YOU HAVE RECEIVED A RESPONSE FROM ME.
Doing so would complicate the situation and it would cause further delays in resolving your issues.  It could also potentially result in harm to your computer because my "fix" will be based on the FRST scan logs you have already submitted.
 
Thank you and have a great day.
 
Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators


#3 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:03:46 PM

Posted 05 July 2017 - 05:32 AM

Northern_blades:

 
Are you still there?  Do you still require assistance?  It has been three days since I last posted to you.
 
According to Forum policy, topics must be concluded after five days of non-response from the Topic Starter.
 
If I have not heard from you in another two days, I will conclude your topic.  You can always reopen it by sending a Personal Message to a Moderator.
 
Thank you and have a great day.
 
Regards,
-Phil

Member of the Unified Network of Instructors and Trusted Eliminators


#4 garioch7

garioch7

    RCMP Veteran


  • Malware Response Instructor
  • 3,366 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Port Hood, Nova Scotia, Canada
  • Local time:03:46 PM

Posted 07 July 2017 - 09:58 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

Member of the Unified Network of Instructors and Trusted Eliminators





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users