|
Post by cybeleophis on Jun 1, 2017 22:09:19 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 3, 2017 19:25:20 GMT -8
Oooohhhh .... sneaky, little %$#^%$&((*&^&$ ... FIRST >>>>Please download Rkill by Grinler and save it to your desktop. [/font][/a][/b] Link 2[/font] Run As Administrator[/i].[/*] [*]A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.[/*] [*]If not, delete the file, then download and use the one provided in Link 2.[/*] [*]If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.[/*] [*]If the tool does not run from any of the links provided, please let me know.[/*] [/ul] Do not reboot the computer, you will need to run the application again.
[/ul] SECOND >>>>Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txtNOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemStart FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. LAST >>>>Please post fresh FRST logs after the system reboots. Thanks.
|
|
|
Post by cybeleophis on Jun 5, 2017 3:30:12 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 5, 2017 7:42:06 GMT -8
Please download Malwarebytes Anti-Rootkit from here- Unzip the contents to a folder in a convenient location.
- Open the folder where the contents were unzipped and run mbar.exe
- Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
- Click on the Cleanup button to remove any threats and reboot if prompted to do so.
- Wait while the system shuts down and the cleanup process is performed.
- Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
- When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt .
[/ul]
|
|
|
Post by cybeleophis on Jun 5, 2017 21:21:10 GMT -8
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 6, 2017 0:07:36 GMT -8
That was the easy way; this is a little bit harder. Please read all of this post first before doing any of it. If you have a question, come back and ask. Notice: The attached files and procedure are for this thread's owner and no other system. Using them could damage other systems or cause them to be non-operational.Please download GiveMePower from this link to your desktop. Double click on the file once it it downloaded and run the self-extractor; use the default location of your desktop. (We will clean up our tools later.) Save (download / save as) the attached Fixlist.txt file to your desktop. You should now have FRST64.exe, Fixlist.txt and 4 GiveMePower files on your desktop. 1) Double click on the GiveMePower.exe icon (green circle with a lightening bolt) to start the program. 2) Click on the Browse button in the middle of the screen. In the Open File Dialog box, navigate and find the FRST64.exe file located in the Desktop folder. Click on it and select Open. 3) FRST64 will load and run. 4) If there is an update to the program, FRST will inform you of this and download the program. Let it do this and then close the program. Return to step 2. 5) If there is no update available, the program load and quickly inform that there is no update. 6) Click on the Fix button to have FRST64 run the Fixlist scripts. Your desktop will close and your system restart to finish the removal process. 7) When finished, FRST will produce a Fixlog.txt log file. Please attach this file in your next reply. Attachments:Fixlist.txt (1.39 KB)
|
|
|
Post by cybeleophis on Jun 7, 2017 1:11:56 GMT -8
I got FRST looking for an update but it told me it failed to update.
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 7, 2017 7:11:23 GMT -8
Try and start FRST first without using GiveMePower to see if this will allow FRST to update itself. Once it does update, then run the GiveMePower steps and Fixlist.
|
|
|
Post by cybeleophis on Jun 9, 2017 6:02:05 GMT -8
Looks like its still present Attachments:Fixlog.txt (5.18 KB)
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Jun 9, 2017 20:35:49 GMT -8
FIRST >>>>Open notepad by pressing the Windows Key + R key, typing notepad in the Run box and pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txtNOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemStart FRST that is on the desktop by right clicking on file and selecting "Run as Administrator..." and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. SECOND >>>>Read Slowly and all of it.If you still have a Addition.txt log file on your desktop, please delete it now. Start FRST64 that is on your Desktop by double clicking and allowing the software to run when the User Access Control asks (if it does). The tool will start to run. When the tool opens click Yes to disclaimer. (if it does) Select Additional.txt in the Optional Scans section of FRST64. Press Scan button. It will make two logs ( FRST.txt and addition.txt) on your Desktop. Please attach the logs in your reply back. Or open the logs in notepad and copy the logs and paste back in a message as a reply. ( Ask if you don't know how to do either of these). Notes:
If your Security software blocks the running or download of FRST / FRST64, please disable the security software or make an exception for this file. FRST is updated very frequently and is safe to run but because of the frequent changes (to keep up with newest malware techniques) most Security Software does not approve of the unknown file. Right now the forum will not allow one to attach the Addition.txt file so please use wikisend.com or pastebin.com to upload the file and then post the download link here in your reply post.
|
|