Jump to content

I'm Infected with Malware, Please Help


Recommended Posts

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I have identified a bad SmartService infection.

You will need access to a spare PC and a USB flash drive that has not been in contact with the sick PC...
Let me know if you have access to these devices.

I need to know first if you can enable the Recovery Environment.
It will be needed to remove this infection.

Open FRST on the compromised computer:

copy/paste the following inside the text area of FRST. Once done, click on the Fix button. A file called fixlog.txt should appear on your desktop. Attach it in your next reply.

Start::
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes
End::

http://i121.photobucket.com/albums/o239/kevinf80/Farbar%20Tools/frst%20b.jpg&key=98f8e4fa906452a8ed54423fd0407a3d120fe6064437244ca29c06ed5f968755]

On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad
Copy and paste its content in your next reply.

Wait for further instructions.
<<<>>>

Link to post
Share on other sites

Fix result of Farbar Recovery Scan Tool (x64) Version: 6.02.2019
Ran by Desmond (08-02-2019 09:39:53) Run:1
Running from C:\Users\Desmond\Desktop
Loaded Profiles: Desmond (Available Profiles: Desmond & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CMD: bcdedit.exe /set {bootmgr} displaybootmenu yes
CMD: bcdedit.exe /set {default} recoveryenabled yes

*****************


========= bcdedit.exe /set {bootmgr} displaybootmenu yes =========

The operation completed successfully.

========= End of CMD: =========


========= bcdedit.exe /set {default} recoveryenabled yes =========

The operation completed successfully.

========= End of CMD: =========


==== End of Fixlog 09:39:54 ====

Link to post
Share on other sites

Hi,

Can you get help from a friend, co-worker to download a fresh copy of the Farbar program and copy the downloaded file to a Flash drive?

If you can do it, do not use/mount the Flash drive on your computer just yet let me know and I will give you additional information on how to proceed.

 

 

 

Link to post
Share on other sites

On 2/9/2019 at 6:23 AM, nasdaq said:

Hi,

Can you get help from a friend, co-worker to download a fresh copy of the Farbar program and copy the downloaded file to a Flash drive?

If you can do it, do not use/mount the Flash drive on your computer just yet let me know and I will give you additional information on how to proceed.

 

 

 

I have not gotten a chance to do so. My friend has a Mac. I assume the files would not translate over to PC?

Link to post
Share on other sites

I know that the Farbar program works in the MAC.

The file is an .exe operating file. If the format is not changed in the download I would try it.

When you have the downloaded file in a flash drive that was not connected to your compromised computer let me know and I will give you additional instructions.

As I previously said do not connect the Flash driver on the compromised computer just yet.

 

 

Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.