September 29th, 2016, 06:59 PM
#1
Got a warning virus screen with a phone number. Called it. Bought their 300 dollar 'super user plan'. They remoted the laptop and did something. Itsolutions LLC / efficientitsolutions.nethttp://www.geekstogo.com/forum/topic...ery-scan-tool/
September 29th, 2016, 09:45 PM
#2
Welcome aboard Read all of my instructions very carefully .If you're stuck, or you're not sure about certain step, always ask before doing anything else. Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest. Never run more than one scan at a time. Keep updating me regarding your computer behavior, good, or bad. The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know. If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum. I close my topics if you have not replied in 5 days .
September 29th, 2016, 11:15 PM
#3
thanks!
September 29th, 2016, 11:16 PM
#4
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
September 30th, 2016, 01:12 AM
#5
RogueKiller from one of the following links and save it to your Desktop:Link 1 Link 2 Close all the running programs Double click on downloaded setup.exe file to install the program. Click on Start Scan button. Click on another Start Scan button. Wait until the Status box shows Scan Finished Click on Delete . Wait until the Status box shows Deleting Finished . Click on Report and copy/paste the content of the Notepad into your next reply. RKreport.txt could also be found on your desktop.If more than one log is produced post all logs. Malwarebytes Anti-Malware Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program. Click Finish . On the Dashboard, click the 'Update Now >> ' link After the update completes, click the 'Scan Now >> ' button. Or, on the Dashboard, click the Scan Now >> button. If an update is available, click the Update Now button. A Threat Scan will begin. When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected. In most cases, a restart will be required. Wait for the prompt to restart the computer to appear , then click on Yes.If you already have MBAM 2.0 installed: On the Dashboard, click the 'Update Now >> ' link After the update completes, click the 'Scan Now >> ' button. Or, on the Dashboard, click the Scan Now >> button. If an update is available, click the Update Now button. A Threat Scan will begin. When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected. In most cases, a restart will be required. Wait for the prompt to restart the computer to appear , then click on Yes.How to get logs: After the restart once you are back at your desktop, open MBAM once more. Click on the History tab > Application Logs . Double click on the Scan Log Click 'Export' . Click 'Text file (*.txt)' In the Save File dialog box which appears, click on Desktop. In the File name: box type a name for your scan log. A message box named 'File Saved ' should appear stating "Your file has been successfully exported ". Click Ok Attach that saved log to your next reply. (Copy to clipboard for pasting into forum replies or tickets) After the restart once you are back at your desktop, open MBAM once more. Click on the History tab > Application Logs . Double click on the Scan Log Click 'Copy to Clipboard ' Paste the contents of the clipboard into your reply. AdwCleaner Close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Click on Scan button. When the scan has finished click on Clean button. Your computer will be rebooted automatically. A text file will open after the restart. Please post the contents of that logfile with your next reply. You can find the logfile at C:\AdwCleaner[S1].txt as well. Junkware Removal Tool Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message.
September 30th, 2016, 12:13 PM
#6
RogueKiller http://www.adlice.com/contact/ http://forum.adlice.com http://www.adlice.com/download/roguekiller/ http://www.adlice.com http://start.toshiba.com/?cid=C001B2Y -> Replaced (http://www.microsoft.com/isapi/redir...r=6&ar=msnhome )http://start.toshiba.com/?cid=C001B2Y -> Replaced (http://www.microsoft.com/isapi/redir...r=6&ar=msnhome )www.malwarebytes.org http://general-changelog-team.fr/fr/...e/2-adwcleaner
September 30th, 2016, 10:13 PM
#7
October 1st, 2016, 08:02 AM
#8
# AdwCleaner v6.020 - Logfile created 30/09/2016 at 23:36:52https://toolslib.net/forum
October 1st, 2016, 09:59 PM
#9
Please download ComboFix from Here Here Here **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop** Never rename Combofix unless instructed. Close any open browsers. Very Important! disable your anti-virus and any anti-malware real-time protection before "unpredictable results" .Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask. Close any open browsers. WARNING: Combofix will disconnect your machine from the Internet as soon as it startsPlease do not attempt to re-connect your machine back to the Internet until Combofix has completely finished. If there is no internet connection after running Combofix, then restart your computer to restore back your connection. Double click on combofix.exe & follow the prompts. NOTE1. Recovery Console NOTE 2. always do so .When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" Note 1 Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users http://www.appremover.com/ Note 3 Illegal operation attempted on a registery key that has been marked for deletion , restart computer to fix the issue.Note 4 NOTE. If, for some reason, Combofix refuses to run , try the following...combofix.exe to your_name.exe BEFORE saving it to your desktop.Do NOT run it yet. Rkill (courtesy of BleepingComputer.com ) to your desktop . rKill.exe : http://www.bleepingcomputer.com/download/rkill/dl/10/ iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/ Restart computer in safe mode Double-click on the Rkill desktop icon to run the tool. If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. If not, delete the file, then download and use the one provided in Link 2 . Do not reboot until instructed. If the tool does not run from any of the links provided, please let me know. rKill.txt log.rKill.txt log will also be present on your desktop.immediately run your_name .exerKill.txt and Combofix.txt .
October 2nd, 2016, 08:58 AM
#10
ComboFix 16-09-28.01 - steve 10/02/2016 8:36.1.2 - x64
October 2nd, 2016, 10:18 PM
#11
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.Double click to run it. Make sure you checkmark Addition.txt box. Press Scan button. Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.
October 2nd, 2016, 10:49 PM
#12
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016http://www.geekstogo.com/forum/topic...ery-scan-tool/
October 2nd, 2016, 10:50 PM
#13
==================== One Month Created files and folders ========
October 2nd, 2016, 10:50 PM
#14
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
October 3rd, 2016, 12:38 AM
#15
Download attached fixlist.txt file and save it to the Desktop.NOTE. FRST and fixlist.txt are in the same location or the fix will not work.NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system FRST(FRST64) Fix button just once and wait.Fixlog.txt ). Please post it to your reply.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
Forum Rules
[RESOLVED] Toshiba Laptop
Reply With Quote
