Jump to content

Cant even download Farbar tool


KConover

Recommended Posts

Hi:

 

Infected... badly .... read what to do if infected but can not even download the Farbar tool as downloads are hung up on "Running security scan".

 

Have run numerous malware and spyware detection programs, they all come out clean with no infections.   Have run chameleon from malwarebytes and it has run through several times now.  Am running malwarebytes (paid) and it says I am clean.  Symptoms include: blocking certain downloads (ie Farfbar),  multiple driver update request pop up windows, inability to run certain online games, double underlining of text in internet browser that when hovered over with mouse suggests a site to visit.  Any help out there?

 

Kevin

 

Link to post
Share on other sites

  • Replies 76
  • Created
  • Last Reply

Top Posters In This Topic

Minion%20Welcome.jpg

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)
Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.

I can't foresee everything, so if anything unexpected happens, please stop and inform me!
There are no silly questions. Never be afraid to ask if in doubt!

 
Let's start and enjoy the fight! :)

 
warning.gif Rules and policies

 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 



 

Are you able to boot in safe mode with networking and download FRST there? 

 

Do you have the access to another clean machine and USB stick?

Link to post
Share on other sites

Naat:

 

First off, THANK YOU!  Second, I have tried downloading FABAR in safe mode with networking, still hangs on running security scan.   I Do have access to a clean comp and a USB stick.  I assume you want Fabar loaded onto the infected machine this way but will wait until I hear from you before I do anything.  I must admit I have tried diligently to remove this virus on my own following various online instructions.  I hope I have not made things worse :( 

 

Kevin

Link to post
Share on other sites

OK, so on your clean machine download & install this program:



PandaUSBVaccine.png Install Panda USB Vaccine

Please download Panda USB Vaccine and save it to your desktop.

  • Right-click on PandaUSBVaccine.png icon and select RunAsAdmin.jpg Run as Administrator, then follow the prompts in the installation wizard.
  • During the installation process configure it using these settings:
    • Check that Run Panda USB Vaccine automatically when computer boots (/resident mode) is selected.
    • Check that Automatically vaccinate any new inserted USB Key is selected.
    • Check that Enable NTFS file system support is selected.
  • Upon installation competion, insert the USB Drive in your machine.
  • Iit will be automatically vaccinated (as will any usb drives connected in the future).

You may uninstall Panda USB Vaccine when the cleaning will be completed. However I would recommend keeping it for future use as it will prevent malware from spreading through removable media.

 
Next download FRST there, and using USB stick transfer to the corrupted one. Copy it to the desktop (I prefer not to run it from pendrive).
 
See if you'll be able to post them from the corrupted machine.


FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.
There will be two versions to download: 32-bit and 64-bit. Please download the one that is designed for your system. If you don't know which one should it be, download both of them and try each other out. Only one will run - this is the right one. Please leave it and delete the other.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    > XP users click run after receipt of Windows Security Warning - Open File.
    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.

Link to post
Share on other sites

I am unable to paste into this window....  I have the FRST and Addition txt files but right click-paste, control V, nor the icons above will paste my text here.  I can paste these files into notepad, gmail, and open office with no problems.  I can't even paste from non infected computers, have tried from 3 different machines, different networks, different cities lol...   this is weird and I am sorry.  I know you do not wish these files as attachments, so will wait until you tell me how to proceed. 

 

A very frustrated Kevin

Link to post
Share on other sites

No worries, it makes my work a little harder but not impossible :)

Transfer RogueKiller using USB if not available to download.


Windows-System-Restore-Point.png Create a System Restore Point

Creating and maintaining System Restore Points is a backup plan if something would go wrong. Better to be safe than sorry.

  • Press the StartOrb.jpg, right-click on Computer and select Properties.
  • Select System Protection.
  • Confirm if prompted and/or enter the Administrator password if necessary.
  • At the bottom click Create.
  • Enter the name, like Fresh Restore Point and click Create.
  • .
  • You will be prompted when finished.

You may now close the System Properties window.



RogueKiller.png Scan with RogueKiller

Please download RogueKiller and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on RogueKiller.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the pre-scan will be done. It shouldn't take more than 2-3 minutes.
  • Accept the Terms of use.
  • When the Scan button becomes available, please click it. RogueKiller will start a full scan.
  • Let this process run uninterrupted!.
  • When finished, a Report button will become available. Click it. You will be presented with a logfile.

Please include the content of this logfile in your next reply.

Link to post
Share on other sites

Hi Kevin :)
 
We're taking a bigger hammer.




51a5bf3d99e8a-ComboFixlogo16.png Scan with ComboFix

This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!


Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
If you are a user of CD emulation software (like Daemon Tools or Alcohol) also disable it for the cleaning process - instructions here.

  • Right-click on 51a5bf3d99e8a-ComboFixlogo16.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the disclaimer and agree if prompted to install Recovery Console.
  • Do not take any actions while ComboFix goes through your System - it may cause it to stall!
  • This scan may take some time!
  • When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).

Include that log in your next reply.
icon_idea.gif If you'll encounter any issues with internet connection after running ComboFix, please visit this link.
icon_idea.gif If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.
icon_idea.gif Don't forget to re-enable your previously switched-off protection software!

Link to post
Share on other sites

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content in your next reply.

Link to post
Share on other sites

Pop up ads for driver updates ... though MUCH less frequently

Many web sites will not open in browser ... for example google.com, yahoo.com, ebay.com, and amazon.com all result in a blank page or remaining on the current page - this occurs whether I type the names directly into the address box or click direct links,  but bing.com, imdb.com, and msn.com all open normally

Clicking the link to the Fabar recovery tool  or Combofix from these posts results in a blank page on browser

I still get stuck on "running security scan"  when attempt to download Fabar

I still can not paste in this window

 

As I am not using this comp very much that is all I notice at the moment

 

Kevin

Link to post
Share on other sites

Ok tried to post 2x now, not going thru it seems ...

 

Still getting pop up ads for driver updates and other sites

 

Can not go to many websites... ie google.com, amazon.com, ebay.com, yahoo.com  whether I type the address in the address bar or click on a link

 

I can go to other websites,  bing.com, msn.com, imdb.com with no trouble

 

I can not click links in these posts to go to sites like Fabar and Combo fix

 

I still get stuck on "running security scan" on downloads although even with this stick small programs are coming thru now like Fabar

 

I still can not post here in these forums

 

Kevin  Hope this goes thru as have posted twice with no results

Link to post
Share on other sites

OK am so confused, can not see any of my posts since you asked to list what issues persist....  not sure what you are seeing at all...  I disabled MSE and symptoms worsened almost NO websites were accessible including bing.com which was fine prior to disabling MSE.  FWIW all issues are persisting with a noticeable decrease in pop up ads but a new problem of being unable to click any links, even those on this page, and almost all websites are unviewable.

 

Kevin

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.