|
Post by persfx on Oct 3, 2016 10:51:05 GMT -8
Yay, you got rid of the Kotver!gm. I am no longer seeing it on my Norton, nor am I getting the messages that I must restart my computer to remove the virus. Further, a couple of other little glitches are gone.
I will thank you by sending a donation in!
Now I will see if having that gone will have an effect on my outrageous data usage. I am on Verizon jetpack for my internet and have been having huge overages for the last couple of months. However, I am also seeing something using up to a 1/3 of a GB of data repeatedly at 12 hour intervals (7:49 AM and 7:49 PM shows on the Verizon data usage log - with the AM one showing the larger GB usage), this is even when my laptop is turned off. Do you help trouble shoot problems like that?
Tonight I am going to tun off both phones, both laptops, and the jetpack and see what shows up.
Thanks again!!!
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 3, 2016 22:13:09 GMT -8
I don't mind helping with the network issue. You may want to see if a monitoring software such as Glasswire. At least this will show what process is using the bandwidth / load if it is your PC. Also, is it possible that someone is hijacking your Verizon Jetpack? Have you tried changing the SSID / password to the WiFi and / or changing the Jetpack access administrator password?
|
|
|
Post by persfx on Oct 4, 2016 5:09:33 GMT -8
I am going to download Glasswire for my PC. Is there any similar app for my iPhone.
Don't know if its possible someone has hijacked my Jetpack. I will look into making the changes you suggested to that.
Also, I was told that Windows 10 defaults to a user to user update and someone supposedly turned that off for me.
I also turned the jetpack off since yesterday afternoon at about 3 PM so I don't see that 7:49 PM and 7:49 AM use of data that that was showing up on the Jetpack portion of my data use on the Verizon data analysis. I will be very interested to see what Wireless shows.
Thanks for the suggestions and I will let you know how this all works.
Thanks again!!!
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 4, 2016 23:50:38 GMT -8
For the Update setting (User to user) go to Settings > Update & Security > Advanced Options (under Update Settings) > Choose how updates are delivered.
|
|
|
Post by persfx on Oct 11, 2016 4:54:49 GMT -8
Thanks for all of the help. I'm so glad to have the Kotver!gm2 gone from my computer. It does seem to have helped decrease data usage. But, looking at thelasswire I can see that data is constantly being exchanged so long as my jetpack is on regardless of whether I am actually using the internet actively. So, I am turning the jetpack off whenever we are not actively needing to use the internet. This will be he best data conservation technique I can tell.
I have Norton 360, obviously that wasn't enough for the Kotver virus. Should I keep the Malewarebytes Anti-Maleware or some other thing in addition to Norton or change to something altogether different (if you can make such suggestions).
Finally, how do I get my submission marked as "resolved".
Thanks, again!
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 11, 2016 7:58:09 GMT -8
There will always be data traffic on a (local) network [local being on this side of the JetPack or modem]; most of it is legitimate ( things like server / gateway probes to see what network nodes [devices] are still connected, etc.) so don't be too concerned over that. Norton / Symantec should actually handle the network traffic in and out of the PC very well. We need to remove the tools we've used during the cleaning of your machine. [/a] or hereEnsure the following is ticked: - Activate UAC
- Remove disinfection tools
- Create registry backup
- Purge system restore
- Reset system settings
[/ul] Then click Run. The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply. Once you have the log file saved, please reboot your system to complete the clean up process. Your system looks clean and your logs are fine. Unless you want something else done, you are done and free to go.Final words from me: Surf safely, and watch when installing or letting anything add itself to your system. Remember, the best security is not on your system but in the chair in front of it. Take care and thanks for sticking with us in this rushed time. === options ====Unchecky is a small service that runs in the background to help keep those "extra toolbars" and tag along search engines from automatically installing. By automatically directing you to a custom install with all the options unchecked, only what you manually choose and confirm gets installed. CryptoPrevent is a free program that prevents CryptoLocker / ransomware from infecting your PC by locking down the OS so the malware can not get a grip on your system. You can read the details about this program here. Also, consider adding MalwareBytes Antimalware to your arsenal of safe keeping programs. Use the free version (not the paid or trial version) and you won't have a problem with your antivirus scanner program. Keep it updated and run a scan with it once a week. Lastly, if you use Firefox as your main web browser, consider adding the NoScript and uBlock Origin add-ons to the browser to block scripting hijacks and remove unwanted ads from the pages you view. You may also find some information and tips at this thread: How did I get infected in the first place?and COMPUTER SECURITY - a short quide to staying safer online
I'll leave this topic open for a few days so that if you have any questions you can come back here. Surf safe, my friend!!
|
|
|
Post by persfx on Oct 14, 2016 10:38:22 GMT -8
Hi, just got back here. I have been turning off my Verizon jetpack when not in use to prevent as much data use as possible. Haven't been on much at all. Soooo, I was shocked to see that Norton is now telling me I have Kotver!bat infection, which of course it can't remove - ARGHHH
Should I still remove the tools as you instructed or do we need them to get rid of this one now. How on earth did I get this when I have hardly been on this thing.
By the way, I did buy Malwarebytes premium. It says there is some PUP that may be an unwanted program and I told it to remove it. But it showed up on another scan it seems. Don't know if that is the Kotver!bat on there or something else.
Look forward to hearing from you.
|
|
dbrisen
Malware Removalists
Posts: 3,688
|
Post by dbrisen on Oct 14, 2016 19:14:07 GMT -8
Open Malwarebytes and go to History > Application Logs and find the scan log that shows the PUP / infection in question. Double click to open the log and then click on Export. Either choose the Text file or clipboard. Paste or attach the file in a reply post here. Read Slowly and all of it.If you still have a Addition.txt log file on your desktop, please delete it now. Start FRST64 that is on your Desktop by double clicking and allowing the software to run when the User Access Control asks (if it does). The tool will start to run. When the tool opens click Yes to disclaimer. (if it does) Select Additional.txt in the Optional Scans section of FRST64. Also select the 90 Days Files in that section. Press Scan button. It will make two logs ( FRST.txt and addition.txt) on your Desktop. Please attach the logs in your reply back. Or open the logs in notepad and copy the logs and paste back in a message as a reply. ( Ask if you don't know how to do either of these). Notes:
If your Security software blocks the running or download of FRST / FRST64, please disable the security software or make an exception for this file. FRST is updated very frequently and is safe to run but because of the frequent changes (to keep up with newest malware techniques) most Security Software does not approve of the unknown file. Right now the forum will not allow one to attach the Addition.txt file so please use wikisend.com or pastebin.com to upload the file and then post the download link here in your reply post.
|
|
|
Post by persfx on Oct 19, 2016 7:02:19 GMT -8
Been off for a while. Apparently Malewarebytes removed the new Kotver virus. It is no longer showing up on Norton and the PUP has not come back up on Malewarebytes. I am going to keep Malewarebytes since it seems to work on the thing Norton doesn't.
Thank you again. You can really close this out now. I will remove the things you told me to above.
Talk to you again in the future if problems. I recommend you to others.
|
|
|
Post by persfx on Oct 19, 2016 7:09:45 GMT -8
Here is the file from the process of taking the fix tools off. DelFix.txt (1.03 KB)
|
|