|
Post by markburrows on Aug 20, 2014 0:46:14 GMT -8
HI quads Sorry what are PUPs?? and an odd program ? I will unnstall malwarebytes tonight, then what can i do........
|
|
|
Post by markburrows on Aug 20, 2014 7:42:29 GMT -8
Hi Quads,
Malwarebytes is gone now
thanks Mark
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 20, 2014 9:42:13 GMT -8
The odd program is isafe (some variants are named isafer), No entry in the list of programs and it is broken, possibly by NPE, but the rest of it is still there and running, even if damaged.
PUP's, are a whole group of programs that can be annoying, can slow a system down, especially if more than 1 is on the system etc. and some can be difficult to remove.
You may want to read carefully all of this message first before starting the steps.
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Download the script attached, needs to be the same file name as well (fixlist.txt), have it on the Desktop, so that fixlist.txt is next to FRST64.exe,
DO NOT DRAG AND DROP to download the script, it won't work for FRST (Right click on the attachment link (not the normal left click) and from the menu choose Save As or Save Link as.)
The script tells FRST what to do.
Start FRST that is on the desktop When the tool opens click Yes to disclaimer. (if it still does)
Press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste)
Quads
|
|
|
Post by markburrows on Aug 20, 2014 10:54:13 GMT -8
Hi Quads, Please see the attached fixlog.txt file for your interest Attachment Deletedthanks mark
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 20, 2014 14:44:30 GMT -8
OK a stubborn one
Quads
|
|
|
Post by markburrows on Aug 20, 2014 23:43:08 GMT -8
Hi Quads
Then bring out your biggest guns :-)
look forward to your next instructions
Mark
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 21, 2014 10:59:28 GMT -8
Hope you have a Flash Drive.
Quads
|
|
|
Post by markburrows on Aug 22, 2014 0:06:45 GMT -8
several usb sticks.............what size needed
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 22, 2014 10:59:14 GMT -8
Isafe appears to actually be YAC which has (although I have never tried it) by the looks a realtime AV scanner of some sort which could be what is giving Norton trouble due to the rule of 2 AV's together is no good.
Due to what it looks like the way the Services and processes load etc. It is protecting itself from removal which is why in Normal mode FRST failed with isafe. (would hope AV's like Norton would cause the same problem, they is so Malware would also have difficulty stopping the AV)
I am going to try logging and script for removal without Windows loading (so Isafe also won't load)
Read Slowly and all of it.
You already have the 64 bit FRST
Transfer it on to the Flash Drive.
Enter System Recovery Options. (infected system)
To enter System Recovery Options from the Advanced Boot Options:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears. Use the arrow keys to select the Repair your computer menu item. Choose your language settings, and then click Next. Select the operating system you want to repair, and then click Next. Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair System Restore Windows Complete PC Restore Windows Memory Diagnostic Tool Command Prompt
Select Command Prompt In the command window type in notepad and press Enter. The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst.exe (for x64 bit version type e:\frst64.exe) and press Enter Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run. When the tool opens click Yes to disclaimer. Press Scan button.
It will make a log (FRST.txt) on the flash drive. restart the system and load Windows Please attach the log in your reply back, Or with this forum you can paste the log into a message as some logs are already for bb code
Quads
|
|
|
Post by markburrows on Aug 23, 2014 1:29:24 GMT -8
Thanks Quads, wil do this when i get home. What would you advise as the best protection against viruses and malware once we(YOU!) get this machine cleaned. Also i may be purchasing an ipad air as its easier to carry around on flights etc what would you suggest to protect that.
will post log when its done thanks Mark
|
|