Jump to content

Recommended Posts

Hello and welcome,

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

We need to run FRST fix from the Recovery Environment via a Flash drive (usb memory stick), do the following

 

Please download Farbar Recovery Scan Tool from here:    
                                                               
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

save it to a USB flash drive. Ensure to get the correct version for your system, 32 bit or 64 bit

Also Save the attached file fixlist.txt to your flash drive, same place as FRST.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.

As you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt Here: http://www.bleepingcomputer.com/tutorials/windows-8-recovery-environment-command-prompt/ to enter System Recovery Command prompt.

 

  • At the Command Prompt in the Recovery Environment
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type  e:\frst64 or e:\frst depending on your version. Press Enter
    Note: Replace letter e with the drive letter of your flash drive.

 

Open the Flash drive and Run FRST press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

Next,

 

Boot back to normal mode and run FRST normally as follows:

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....
 

Thanks,

 

Kevin.....

 

Fixlist.txt

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

  • 7 months later...

Hello. I've had problems with hackers committing various cybercrimes on our laptops in our home for over a year now. It started with a company who had hours of unrestricted access to my laptop and iPhone, and they are still hacking through the Internet. Now, unfortunately, someone within Bluetooth range has also started compromising us. These parties are remotely accessing, controlling and modifying our computers - something like a remote access trojan, I believe. An Apple tech told me that what I have is a kernel level NSA style attack. I took the laptop to a local college where they looked at it, and they told me that the hackers have modified the BIOS so that when the computer is turned on, it sends a packet to the router letting the hackers know that the device has come online, then it sends out a 2nd packet to the router broadcasting our information to the general public. The problem seems to be that this is being done through genuine MS products. Like I constantly see several Microsoft Visual C++ and Microsoft Visual Studio programs installed on the computers, and then searches reveal lots of documents containing code on the computers as well. So I believe that since this is all "genuine" that the anti-virus, anti-malware and anti-spying programs that I use never find anything "malicious," and this has become incredibly frustrating. I have filed a complaint with the WWW3 with no reply, and have called the police and even the local FBI chapter only to be told to take the computer to Best Buy's Geek Squad, which I know more then them, however this is honestly over my head. I bought a firewall device and plan to start using that, and I understand that it should help with anything coming through the Internet, but then what do I do about the Bluetooth access? Please help! Any ideas would be greatly appreciated. Thank you!

FRST.txt

Addition.txt

Link to post
Share on other sites

Hello heyjupiter,

 

Lets start over, continue as follows please:

 

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:

  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:

      Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
      Text file (*.txt)        - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
      XML file (*.xml)      - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.

  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...

 
Next,
 
Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8/8.1/10, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report",in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference. log will open.
  • Close the program > Don't Fix anything!

 

Next,

 

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt and Shortcut.txt under "Optional scan" Select scan, when done post the new logs....
 

Post those logs....

 

Thanks,

 

Kevin

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.