What is this?
- Thread starter KandKsMama
- Start date
- Status
Bobbye
Posts: 16,313 +36
The only 'security' this person has is a plug-in for Norton Confidential and a process for BitDefender Online Scanner. If the system doesn't get decent security, there's no reason to bother with the cleaning!
Please address this problem so the user will realize he is not protected.
Please address this problem so the user will realize he is not protected.
KandKsMama
Posts: 28 +0
I can't download anything on here for protection. I had MCafee through my internet provider but it was lost and it wont let me download it now. Every time I try to download it the page says it can't be found or I lost my connection, I was able to download the installer and run it through my network but when it tries to download the components to install it says it can't. Whatever this is in my computer wont let me run or download anything to protect and remove it.
I will try and run the fixit.cmd and reboot in safe mode to run SDFix, but that is what I tried last time and just kept getting what I described above. I am almost tempted to just send the laptop back to HP because I think it is still under warranty.
I will try and run the fixit.cmd and reboot in safe mode to run SDFix, but that is what I tried last time and just kept getting what I described above. I am almost tempted to just send the laptop back to HP because I think it is still under warranty.
KandKsMama
Posts: 28 +0
Ok ran fixit.cmd, rebooted to safe mode and tried to run sdfix, but it still didn't work. I then ran Smitfraudfix and the log is attached.
HP may do something if a warrantied part fails but their warranty does not cover Malware!
Yeah that was my understanding that you could not install anything.
You have something bad.
Lets do this a different way.
Do nothing else in full mode when you reboot go back to Safe Mode don't even let it go to Normal mode until we complete the below..
Boot to Safe Mode and run MBAM without updating. Look at logs, if they have found and fixed items run again until clean.
If a reboot is required go back to Safe Mode at any step below.
Do the very same thing with SAS Safe Mode till clean.
Do the very same thing with combofix Safe Mode till clean.
If any of the above found and cleaned anything it may now allow SDFix to run so try that again.
Finally after all above let it come back to Normal Mode.
And simply check for updates in MBAM and SAS, if they update then we have made progress and now need to run all again now in Normal mode run each until clean. Post all logs.
Then go to the 8 Steps and chose and install a Virus scanner.
Mike
Yeah that was my understanding that you could not install anything.
You have something bad.
Lets do this a different way.
Do nothing else in full mode when you reboot go back to Safe Mode don't even let it go to Normal mode until we complete the below..
Boot to Safe Mode and run MBAM without updating. Look at logs, if they have found and fixed items run again until clean.
If a reboot is required go back to Safe Mode at any step below.
Do the very same thing with SAS Safe Mode till clean.
Do the very same thing with combofix Safe Mode till clean.
If any of the above found and cleaned anything it may now allow SDFix to run so try that again.
Finally after all above let it come back to Normal Mode.
And simply check for updates in MBAM and SAS, if they update then we have made progress and now need to run all again now in Normal mode run each until clean. Post all logs.
Then go to the 8 Steps and chose and install a Virus scanner.
Mike
KandKsMama
Posts: 28 +0
I can get SDFix to run now but there is no Y option. There is 1-4, A-D, H, R & U
KandKsMama
Posts: 28 +0
Nevermind I just realized the problem when I first tried to run it I wasn't in safe mode. I am going to restart to safe mode but after the MBAM and SAS logs ran clean and I ran combofix it wouldn't run.
SAVAGExCHAOS
Posts: 12 +0
if you are getting redirected to other sites or search engines than you need to check for a (or multiple) dns hijack. this can happen on both windows and mac(unix). hijack this, is a good tool for removing browser related hijacks and such.
KandKsMama
Posts: 28 +0
Sorry I went into safe mode and ran all until clean, rebooted without connection into normal mode and again continued to run clean. I then rebooted to try SDFix in safe mode like it says and it still doesn't work. I am about ready to toss my computer out the window lol
Forgot to add MBAM let me update, SAS did not after running until clean.
Forgot to add MBAM let me update, SAS did not after running until clean.
Morning
OK KandKsMama we need info in order to fight this thing. If you ran till clean with mbam, sas and combofix we are bound to have removed some malware. But I need logs!
The very fact that we were able to update MBAM is also proof that we are making headway.
But....
You send no logs, you say you were able to update MBAM but you did no scan again with the new update, which is imperative as the new update is just what is likely to finish it off.
SO..
1. Load MBAM click Logs Attach back the last 3 logs
2. UPDATE yes even again and run MBAM again then attach this newest log.
3. No need to run, but load SAS click Preferences-Statistics/Logs and send me the last 3 logs.
3. Copy for pasting the next line
combofix/u
Go to Start-Run
paste and hit enter or OK.
This uninstalls the old Comobofix so.....
4. Go back to Post #13 and get a new ComboFix run and attach log.
5. If MBAM (with new update) and/or (the new) ComboFix found anything run them again to confirm they come up clean.
6. After 5. above! If MBAM and/or ComboFix found anything then try updating SAS as the fixed items may allow it to run now.
7. Same for SDFix.
Until I see some logs I am working in the dark!
Mike
OK KandKsMama we need info in order to fight this thing. If you ran till clean with mbam, sas and combofix we are bound to have removed some malware. But I need logs!
The very fact that we were able to update MBAM is also proof that we are making headway.
But....
You send no logs, you say you were able to update MBAM but you did no scan again with the new update, which is imperative as the new update is just what is likely to finish it off.
SO..
1. Load MBAM click Logs Attach back the last 3 logs
2. UPDATE yes even again and run MBAM again then attach this newest log.
3. No need to run, but load SAS click Preferences-Statistics/Logs and send me the last 3 logs.
3. Copy for pasting the next line
combofix/u
Go to Start-Run
paste and hit enter or OK.
This uninstalls the old Comobofix so.....
4. Go back to Post #13 and get a new ComboFix run and attach log.
5. If MBAM (with new update) and/or (the new) ComboFix found anything run them again to confirm they come up clean.
6. After 5. above! If MBAM and/or ComboFix found anything then try updating SAS as the fixed items may allow it to run now.
7. Same for SDFix.
Until I see some logs I am working in the dark!
Mike
I post this as a separate post both for readability and the fact not to do it until the last post is completed.
Regardless of the outcome of the last post do the below.
Go back to post #22 and re downlaod SDFix and reinstall.
After installed do the below.
Click on the Start menu, then Run, and then copy and paste the following line within the box into the Run field:
Then click OK, then type Y and press Enter when prompted, Reboot and start SDFix again and attach log if it runs.
Mike
Regardless of the outcome of the last post do the below.
Go back to post #22 and re downlaod SDFix and reinstall.
After installed do the below.
Click on the Start menu, then Run, and then copy and paste the following line within the box into the Run field:
Code:
%systemroot%\system32\cmd.exe /K %systemdrive%\SDFix\apps\FixPath.exeThen click OK, then type Y and press Enter when prompted, Reboot and start SDFix again and attach log if it runs.
Mike
KandKsMama
Do not uninstall or install anything except Malware tools as directed! Additionally do no Internet browsing nor open any youtube or facdbook videos.
Run only what is necessary for now to clean the Malware.
We are making progress now do not upset the balance.
We will clean all the tools when we are clean.
Mike
Do not uninstall or install anything except Malware tools as directed! Additionally do no Internet browsing nor open any youtube or facdbook videos.
Run only what is necessary for now to clean the Malware.
We are making progress now do not upset the balance.
We will clean all the tools when we are clean.
Mike
KandKsMama
Posts: 28 +0
Here are the last 3 from both. About to try everything you said
KandKsMama
Posts: 28 +0
Last SAS log
And it's a week old, and here's the first sentence of the first post:
I agree this thread has taken longer than normal to resolve
mflynn with all these types of threads (that you help immensely on), taking large amounts of your time, and the member's time. Are you going through the HijackThis logs, checking every entry?
I know (from doing this) that it takes a lot of time. But no where as much as this and other threads you support.
Checking the HJT log is Number 1, then next advise on re-scanning, or removing entries and then re-scanning.
Are you reading the HJT logs properly? Do you require assistance with this?
So that would make it a 2 week old issue
I agree this thread has taken longer than normal to resolve
mflynn with all these types of threads (that you help immensely on), taking large amounts of your time, and the member's time. Are you going through the HijackThis logs, checking every entry?
I know (from doing this) that it takes a lot of time. But no where as much as this and other threads you support.
Checking the HJT log is Number 1, then next advise on re-scanning, or removing entries and then re-scanning.
Are you reading the HJT logs properly? Do you require assistance with this?
KandKsMama
Posts: 28 +0
Ok here are all my most recent logs. SAS would not update, that code you told me to type into run did not work and neither did SDFix. Also now it is taking 5 times for the computer to start up (it shuts down as soon as I get the prompt area to load in safe mode, boot and what not) after being in safe mode, getting logs to come up clean.
No HJT log
KandKsMama
Posts: 28 +0
The HJT log is the first one attached to my post, SDFix will not run which I said in my last post. I am putting my daughter to bed and then I will run combofix.
OK now that we apparently have some control, go to the 8 Steps https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Install a Virus scanner (your choice) UPDATE and then scan.
Run HJT Scan only remove the below.
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
After the above Virus scan get and run http://majorgeeks.com/Kaspersky_AVP_Tool_d4515.html
Do this when you go to bed or work as it is very through and takes hours but is worth it.
Mike
Install a Virus scanner (your choice) UPDATE and then scan.
Run HJT Scan only remove the below.
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
After the above Virus scan get and run http://majorgeeks.com/Kaspersky_AVP_Tool_d4515.html
Do this when you go to bed or work as it is very through and takes hours but is worth it.
Mike
KandKsMama
Posts: 28 +0
I can't download the program from majorgeeks.com. Since this all doesn't seem to be working I think I am just going to call geek squad.
- Status
Latest posts
-
New charging algorithm could double life of li-ion batteries- AdamNovagen replied
-
10 Things We Hate About Nvidia- envirovore replied
-
Repair shop reports receiving 200 melted RTX 4090s per month, up from last year- WhoCaresAnymore replied
