SDGuy73
-
Posts
18 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by SDGuy73
-
-
-
Had you recently used MSCONFIG to turn off some services ? Yes. I tried to stop Comodo from starting up with my computer. I have since removed Comodo.
Have you used MSCONFIG to turn off some services of Malwarebytes program ? No. Never.
QuoteHave you recently downloaded and used RogueKiller on your own ?
Yes. My friend suggested it to try to remove HostsFileHijack. The scan found nothing. I can remove it.
I ask that because I see its service is listed as running & that is un-expected. We will attempt to have it not auto-started as part of the task below.
-
-
Is Vivaldi a good browser?
-
The snapshot above does show the threat. The highjack.
Spybot Anti-Beacon v.1.5 has been on my computer since 6/7/2016. lol. I will uninstall it.
Comodo was uninstalled last week.
Webroot SecureAnywhere was uninstalled over a month ago. I don't know why t shows those.
.NET Framework 4.8 or a later update is already installed on this computer.
WinRAR - Updated
Skype - Removed
Adobe AIR - Removed
swMSM - How do I find it so I can remove it? I don't see it in Programs and Features.
Opera - Updated
JDownloader 2 - Safe
FLV Player - Removed. I no longer use it
Java 8 - Removed
GIMP - Updated
-
-
I took screenshots C:\Windows\System32\drivers\etc. They are dated. Malwarebytes blocks the site for SecurityCheck.
Part one completed. Part two next.
-
I updated windows and now windows defender says the virus is back. GRRRRRRRRRRR.
-
Thank you. I noticed Windows Defender didn't flag it when it restarted.
-
That was fast. Here you go.
-
Does the attached FILELIST.txt go on my desktop or in a folder? I saved it to my desktop
-
Before I do the above. My PC is running windows version 1909. I've been trying all week for windows update to offer me new updates. Finally, it is offering me version 20H2. Will updating to 20H2 fix my issue or do I need to fix the host file first?
-
Tis is the file infected. C:\Windows\System32\drivers\etc\hosts
-
On 2/13/2021 at 7:58 AM, Maurice Naggar said:
What I had provided before were commands to be used in a Command prompt. and please be sure you are not taking them out of the order I had tem.
What is missing was the quote marks in this line ( you gotta copy the entire line exactly as / the whole lot )
"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -Scan -ScanType 1
I did it right this time. What info do you need? Can I put it in text doc? Or put it here?
-
2 hours ago, Maurice Naggar said:
Hello. Be aware that by installing Comodo Internet Security it became the resident antivirus program. and therefore, Microsoft Defender becomes disabled.
I am a bit curious as to the contents of the Hosts file.
I understand that. So what do I do now? what about this?
Microsoft Windows [Version 10.0.18363.1316]
(c) 2019 Microsoft Corporation. All rights reserved.C:\WINDOWS\system32>%ProgramFiles%\Windows Defender\MpCmdRun.exe
'C:\Program' is not recognized as an internal or external command,
operable program or batch file.C:\WINDOWS\system32>"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate
C:\WINDOWS\system32>
-
"The last time that Windows Defender flagged the Hosts file was Feb 1" Once I installed Comodo Internet Security Premium, Windows Defender no longer flagged it. I did a scan with Comodo and it found nothing.
I did not see it update definitions for Microsoft Defender antivirus. What did I do wrong? Do I just move to the next step?
Microsoft Windows [Version 10.0.18363.1316]
(c) 2019 Microsoft Corporation. All rights reserved.C:\WINDOWS\system32>%ProgramFiles%\Windows Defender\MpCmdRun.exe
'C:\Program' is not recognized as an internal or external command,
operable program or batch file.C:\WINDOWS\system32>"%ProgramFiles%\Windows Defender\MpCmdRun.exe" -SignatureUpdate
C:\WINDOWS\system32>
-
Windows Defender found this. I noticed it happen after MB updated. I installed Comodo after Defender found Highjacker. I ran the virus scan and found nothing.
Thanks
Infected - SettingsModifier:Win32/HostsFileHijack
in Resolved Malware Removal Logs
Posted
Maurice,
Thank you for your time and help. I appreciate you.