locko90 Posted October 12, 2020 ID:1413670 Share Posted October 12, 2020 hey there I've got some malware causing internet browsing to crash randomly and not load some websites like netflix or speedtest.net. malware bytes has detected nothing, i also used adwcleaner and spybot search and destroy both found a few problems. but the actual problem has not gone and the malware has come back on to system after a reboot, when doing a second scan the same issues are detected. attached is the log files from the scans. A\is there anything else I can do to get rid of the malware? malwares bytes scan report.txt AdwCleaner[S00].txt Checks.201011-1303.txt Link to post Share on other sites More sharing options...
locko90 Posted October 12, 2020 Author ID:1413678 Share Posted October 12, 2020 here is the farbarn recovery tool logs, Addition.txt FRST.txt Link to post Share on other sites More sharing options...
locko90 Posted October 12, 2020 Author ID:1413796 Share Posted October 12, 2020 i download microsoft saftey scanner today and ran a system scan. came back with a few viruses: -microsoft safety scanner report- trojan:pdf/phish partially removed trojan:pdf/phish.bpk!mtb partially removed trojan:o97m/phish removed virtool:win32/defendertamperingrestore removed how can i get these viruses removed ? microsoft safety scanner report.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 13, 2020 ID:1413932 Share Posted October 13, 2020 (edited) Hi, My name is Maurice. I will be helping and guiding you, going forward on this case. Let me know what first name you prefer to go by. Please follow my directions as we go along. Please do not do any changes on your own without first checking with me. Please only just attach all report files, etc that I ask for as we go along. Please know I help here as a volunteer. and that I am not on 24 x 7.Help on this forum is one to one. I would suggest that you do a scan with a scan tool from ESET to just only scan the C drive. I would suggest a free scan with the ESET Online Scanner Go to https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe It will start a download of "esetonlinescanner_enu.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on Custom scan ( the choice on far-right side) We want just the C drive to be scanned. In the display "Select custom scan targets" keep the top 3 lines ticked, plus the one for the C drive ( which should be your Windows drive) UN-tick the other drives ( D, E, F, etc...) Then click on the blue button "Save and continue" Leave as is the radio selection "Disable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. Look for it on the bottom left, in blue. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. The goal here is to see if there are suspicious or actual threats on the C drive. Edited October 13, 2020 by Maurice Naggar Link to post Share on other sites More sharing options...
locko90 Posted October 13, 2020 Author ID:1414030 Share Posted October 13, 2020 Hi Maurice thanks for the reply. I've already downloaded that program and done a scan but I believe the malware is interfering with my computers home wifi connection and it is stoping it from downloading the definition update and the scan eventually gives a message failed to start. The only way I've been able to get antivirus programs installed and successfully have Windows Update install updates and drivers, (brand new installation of windows 10) is by taking the computer to a different house with access to a LAN connection and boot windows into safe mode with networking and download programs that way. Or the other way is I can use my phone to download the antivirus over home wifi connection then I'll copy and paste the install file to comp via usb. Thats what I did in this case with ESET online scanner but it failed on the update on my home wifi before it could complete scan. So I will have to take the computer back into town when I can to get the ESET scan done and I'll report back on the results. I should note that after I had booted safe mode and removed malware and viruses after scans with AVG free, Malwarebytes, adwscanner, spybot search and destroy. Computer worked fine no restrictions on web browser, that is untill I took it back home and it started blocking sites like Netflix again straight away. I kind of have a feeling that something in the vicinity of my home is causing the problem, either that or the USB station thing I use to connect my mouse and keyboard too is possibly infected with malware and automatically installs when connected to the computer. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 14, 2020 ID:1414140 Share Posted October 14, 2020 Hi. There are a few questions I need to ask: Is it at all possible to directly connect this machine with a Ethernet cable directly to the router network connection ? ( assuming your home has broadband / hi-speed internet with a router )? If yes, please do that so that you can bypass the WIFI ( at least for the time being ) You mention Quote it started blocking sites like Netflix again straight away. Did you document the exact message ? Do that and let me know about the exact message. Netflix connectivity can be quirky sometimes. It helps to Restart the system sometime to get it all squared away. And as a general tip, in situations where there are internet connectivity issues, it can help to shutdown & power off the whole computer & then the router / internet connection, wait about a couple of minutes, and then power up the system & then observe. The shutdown starts with the pc itself, powering it off, along with all peripherals. Then unplug the router. wait like 2 minutes. Then power up in reverse order, turning on the router first, wait a minute, then power up pc & let Windows load normally. . I am going to re-review your earlier reports & then get back to you soon. Meantime do not install any additional scanners or tools. If you just recently installed AVG then I would urge you to Uninstall it and restart the system. I do not recommend AVG since it will add features & add-ons that make for pesky complications. Windows 10 comes with a very good & capable Microsoft Defender antivirus. Your machine does not need AVG. Once after AVG is uninstalled, we can run a cleanup utility and then insure that Microsoft Defender is re-enabled. However, I also note that this pc does have a antivirus included with Spybot - Search and Destroy So for sure this machine has one too many AV applications. You need to make a choice as to which one antivirus that you want to stick with. Let me know what you decide & have done about all this. I will await your next reply to all this before I make other suggestions. Getting pared down to only one installed antivirus is the next main goal at hand. Link to post Share on other sites More sharing options...
locko90 Posted October 14, 2020 Author ID:1414193 Share Posted October 14, 2020 Good morning Maurice Too answer your question about the home ethernet connection the answer would be no as the only way I can connect to the internet at home is by using my mobile phone as a Wi-Fi hotspot. I'll have to take the computer back into town again to get access to a modem with a LAN connection. AVG was the first program that I installed after a fresh install of windows 10 (I done a complete reformat of c drive and reinstalled windows 10 from USB image). I want to make it clear that after I FORMATED C-drive and REINSTALLED a fresh copy of windows 10. The malware was still on my system after fresh install of windows 10 and it was interfering with windows updates and stoping it from downloading any data. updates would just sit on 0%. I then took computer into town, connected it to a LAN connection. I booted into safe mode with networking and installed a few antivirus programs. AVG found 4 malware entrys and quarantined them as did spybot search and destroy and adwcleaner. Updates installed all good after that, Netflix's was streaming fine. Everything was working properly, and I want to make it very clear! that everything was working fine on my mobile phones wifi hotspot IN TOWN! As soon as I took the computer home the problems have come straight back. Now I know it seems to just be a network issuse, that's what I thought at first. But it can't be as my android tablet streams Netflix on the same home wifi connection (phone hotspot)and my computer loads some sites like YouTube and streams video no problems on the same wifi connection also I can play online games over steam no problems. The sole issue that I am having is that the computer does not load certain websites like Netflix or speed test.net when it is at my home. Just to make sure I'm clear on the problem, because it actually makes no sence and it's very frustrating!! The computer ONLY has the issuse at home it is connected to my phone's wifi hotspot. When my computer is connected to my phone's wifi hotspot in a different location everything works fine! When at home it has this connection problem. It never had this problem before and would stream netlfix fine at my home, it just started happening randomly. I will uninstall avg when I get home. What do you want me to try after that? Link to post Share on other sites More sharing options...
locko90 Posted October 14, 2020 Author ID:1414196 Share Posted October 14, 2020 Oh the exact message it leaves on my web browser when it doesn't load is website timed out check your internet connection. But if I try load YouTube it works straight away, just not Netflix. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 15, 2020 ID:1414204 Share Posted October 15, 2020 Not for the purpose of argumentation, but just to hope to get things simplified. You did a new fresh setup of Windows 10. There was no need to be installing AVG. Windows 10 includes its own very capable & strong antivirus, Microsoft Defender Antivirus. Then, how does one 'assert' there is some sort of 'malware' if one does not go by running security tools? You report that AVG found and removed "malware entrys". It may be helpful to know what those were. The issue of the internet connection not working needs to be considered as a separate item. There is a way to rebuild the basiscs of the Windows-based internet connection settings. By that I mean rebuilding the Winsock and flushing the DNS cache. That should be done while not connected ( if possible) to the smartphone hookup. Or at least, disconnect the phone when the procedure is completed. Start NOTEPAD { you can press Windows-key+R keys to get the RUN option and then type in NOTEPAD.exe and press Enter key to start NOTEPAD. Check and make sure "word wrap" is off. From Notepad main menu bar, Select F (format) and make sure Word Wrap is NOT checked. IF it -is- checkmarked, click that one time so that it is un-checked. Please copy/paste the lines below to Notepad: @Echo on pushd\windows\system32\drivers\etc attrib -h -s -r hosts echo 127.0.0.1 localhost>HOSTS attrib +r +h +s hosts popd NETSH winsock reset catalog NETSH int ipv4 reset reset.log NETSH int ipv6 reset reset.log ipconfig /release ipconfig /renew ipconfig /flushdns ipconfig /registerdns WMIC SERVICE WHERE Name="windefend" CALL ChangeStartMode "automatic" WMIC SERVICE WHERE Name="windefend" CALL startservice shutdown -r -t 1 del %0 now Save as flush.bat to your desktop. Double-click flush.bat file to run it. Your computer will reboot. . NOTE: The program CCleaner is no longer recommended by Experts. It's your choice but Windows 10 can already do the majority of maintenance on its own. I would suggest that you uninstall CCleaner. Link to post Share on other sites More sharing options...
locko90 Posted October 15, 2020 Author ID:1414315 Share Posted October 15, 2020 okay i have uninstalled the agv anti virus. the files that avg found and quarantined : 4 x Other:malware-gen [trj] i followed steps to reset the winsock and flush dns, but it did not resolve the issuse, still not loading netflix. but it did something different, when i clicked the short cut to Netflix on my home page. it said in bottom left corner of crome waiting for play.google.com not sure why its trying to load from play google? after about 2 mins its come up with the usual This site can’t be reached www.netflix.com took too long to respond. I have gone on to Microsoft store and installed the netflix app on computer. it installed all good. but when opening netflix app it dosnt load and just gives error Sorry, there was a problem communicating with Netflix. Please try again. (T1) Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 15, 2020 ID:1414411 Share Posted October 15, 2020 I would appreciate getting some key details from this machine in order to help you forward. NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system. Do have patience while the report tool runs. It may take several minutes. Just let it run & take its time. You may want to close your other open windows so that there is a clear field of view.Download Malwarebytes Support Tool Once the file is downloaded, open your Downloads folder/location of the downloaded file Double-click mb-support-1.7.0.827.exe to run the report Once it starts, you will see a first screen with 2 buttons. Click the one on the left marked "I don't have an open support ticket". You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent. Place a checkmark next to Accept License Agreement and click Next Now click the left-hand side pane "I do not have an open support ticket" You will be presented with a page stating, "Get Started!" Do NOT use the button “Start repair” ! But look instead at the far-left options list in black. Click the Advanced tab on the left column Click the Gather Logs button A progress bar will appear and the program will proceed with getting logs from your computer. Please do have patience. It takes several minutes to gather. Upon completion, click a file named mbst-grab-results.zip will be saved to your Desktop. Click OK. Then Exit the tool. Please attach the ZIP file in your next reply. Please know I help here as a volunteer. and that I am not on 24 x 7. . I need to make clear a few points. I will certainly help you to insure that there is no malware on this Windows system. Beyond that, if it is just the Netflix app I will need to refer you to other help resources. Here on this sub-forum our main focus is on finding, removing malware and help on security issues. Link to post Share on other sites More sharing options...
locko90 Posted October 16, 2020 Author ID:1414496 Share Posted October 16, 2020 hi there, thank you for the next step of instructions maurice i tried but was unable to download Malwarebytes support tool (screenshot attached) using the link provided. like i said before its as not just netflix that is being blocked there is a lot of other random things that will not download also. youtube still works normaly streams video fine, netflix not loading still, online multiplayer games over steam work fine still also. I could possibly download Malwarebytes support tool on my mobile phone and then transfer the file to my computer, not sure if it will need to download something as part of the set up though. if so it would most likely not download it. ill give that a try anyway or my other option would be To get the computer to different location to download the support tool. as it only seems to not work when I am at home. oh and i have attached a screenshot of the avg quarantine so you can view the viruses it found on initial scan. (was not able to find a log file) you can see that the malware original file location was in appdata/mircosoft.windowscomunicationapps Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 16, 2020 ID:1414545 Share Posted October 16, 2020 On the snapshot image of the tagged-items by AVG, at least two of them were PDF files. It is very very uncommon for PDF files to reside at the users....\appdata\local area. I am guessing they perhaps had been downloaded while a browser was in use, or else possibly were related to some emails. One would ask you if you recall some of those PDF names ( files ) ? . In any event, lets put that away. I believe you said that AVG had put those into its Quarantine. Lets also for the time being, put aside the idea of running the Malwarebytes Support tool. . I need for you to do what follows with due care. You will need to save a special file safely ( and as-is) and get it to the Downloads folder of this Windows machine. The following is a custom script. Please be sure to Close any open work files, documents, any apps you started yourself before starting this. The system will be rebooted after the script has run. . This custom script is for Locko90 only / for this machine only. Close and save any open work files before starting this procedure. If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached, please disconnect any of those. I am sending a custom Fix script which is going to be used by the FRST64 tool. They will both work together as a pair. Please save the (attached file named) FIXLIST.txt to the Downloads folder The tool named FRST64 .exe tool is already on the Downloads Start the Windows Explorer and then, to the Downloads folder. RIGHT click on FRST64 and select RUN as Administrator and allow it to proceed. Reply YES when prompted to allow to run. to run the tool. If the tool warns you the version is outdated, please download and run the updated version. IF Windows prompts you about running this, select YES to allow it to proceed. IF you get a block message from Windows about this tool...... click line More info information on that screen and click button Run anyway on next screen. on the FRST window: Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the FIXLOG.txt with your next reply later, at your next opportunity Please know this will do a Windows Restart. Just let it do its thing. Do let me know how things are overall, after all this. Sincerely. Fixlist.txt Link to post Share on other sites More sharing options...
locko90 Posted October 16, 2020 Author ID:1414558 Share Posted October 16, 2020 done that scan all good mate comp restarted and said it completed successfully. attached is the log file. Fixlog.txt Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 16, 2020 ID:1414580 Share Posted October 16, 2020 (edited) Windows File Explorer needs to be set to show ALL folders, all system files, etc including hidden files / folders Open Windows File Explorer. Select View from its top menu bar > click Options on the icon at the far right-side > Change folder and search options ( from the drop down ). on the next multi-tab mini-window Select the View tab and, in Advanced settings, select Show hidden files, folders, and drives and OK. . [ 2 ] Thank you for the Fixlog report. That run is a good step forward. There are still drivers leftover from AVG. They need to be cleaned up / deleted. please download & Save and then run the following removal tool AVG Clear. https://www.avg.com/en-us/avg-remover Restart Windows when that is done. . [ 3 ] I would suggest that you do a scan with a scan tool from ESET to just only scan the C drive. Go to https://www.eset.com/us/home/online-scanner/ It will start a download of "esetonlinescanner_enu.exe" Save the file to your system, such as the Downloads folder, or else to the Desktop. Go to the saved file, and double click it to get it started. When presented with the initial ESET options, click on "Computer Scan". Next, when prompted by Windows, allow it to start by clicking Yes When prompted for scan type, Click on Custom scan ( the choice on far-right side) We want just the C drive to be scanned. In the display "Select custom scan targets" keep the top 3 lines ticked, plus the one for the C drive ( which should be your Windows drive) UN-tick the other drives ( D, E, F, etc...) Then click on the blue button "Save and continue" Look at & tick ( select ) the radio selection "Enable ESET to detect and quarantine potentially unwanted applications" and click on Start scan button. Have patience. The entire process may take an hour or more. There is an initial update download. There is a progress window display. You should ignore all prompts to get the ESET antivirus software program. ( e.g. their standard program). You do not need to buy or get or install anything else. When the scan is completed, if something was found, it will show a screen with the number of detected items. If so, click the button marked “View detected results”. Click The blue “Save scan log” to save the log. Look for it on the bottom left, in blue. If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files” ( in blue, at bottom). Press Continue when all done. You should click to off the offer for “periodic scanning”. The goal here is to see if there are suspicious or actual threats on the C drive. Please attach the scan-log with your next reply and tell me, How are things at that point ? Edited October 16, 2020 by AdvancedSetup corrected font issue 1 Link to post Share on other sites More sharing options...
locko90 Posted October 16, 2020 Author ID:1414667 Share Posted October 16, 2020 good morning Maurice. i followed your steps, and changed all files and folders to visible and successfully removed avg with the avg remover, (downloaded from avg website no problems) step 3 is where i run into problems. once again eset scanner does not download initial scan update and fails to scan ive attached screen shot of the error message in eset scanner once it times out. one thing id like to ask is why is there a (40) next to the youtube tab? also windows has done some updates since running the fix it scan. ive attached a screen shot of the recent updates that have been installed via windows update. one last thing that might be worth mentioning, i received a suspicious email this morning when i turned on the computer. it was an email to do with amazon billing issues, its very strange to be getting an email from amazon, as i have never used amazon before. attached is a screenshot of the email. Link to post Share on other sites More sharing options...
locko90 Posted October 17, 2020 Author ID:1414704 Share Posted October 17, 2020 Just ran a scan with the microsoft safety scanner, still got the same viruses. ill take comp into town and get eset today. Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 17, 2020 ID:1414819 Share Posted October 17, 2020 Good morning. First, about the email "Amazon billing" ....you know it is a spam email. Just simply go ahead and Delete it. period. end of that issue. As far as any scan result, It is much better to have the actual log-file instead of any screen shot image. We do not needf any more runs of Microsoft Safety Scanner. But kindly locate its log file and attach it in a new reply. the log will be at C:\Windows\debug\msert.log Please attach that log with your reply. . Remind me just exactly which web browser is the one you use most / which one is the default browser. I need to have us keep that in mind. The FRST report showed that EDGE is the default browser. Is Edge working ok ? Does Chrome browser have issues? In cases where you have issues with web browsers, and if you are in a pinch, since this system is Windows 10 you can use the Microsoft Internet Explorer 11. It is a legacy browser that is still present in Windows 10. Just start the Windows RUN ( Windows-key + R ) and put this in the text of the run box "C:\Program Files\Internet Explorer\iexplore.exe" See if that helps out. Just keep in mind that it is a legacy app and not wanted to be used on a regular basis. . One other point ( forgive my asking ) is this machine directly connected with a Ethernet cable to the internet ? Link to post Share on other sites More sharing options...
locko90 Posted October 18, 2020 Author ID:1414999 Share Posted October 18, 2020 took the comp into town yesterday, first thing i did was connect to my phone wifi hotspot. tested netflix, it worked fine... downloaded eset scan, it worked fine... log attached came back home today. connected computer to same phone wifi hotspot. test netflix, not working. im about to give up honestly. makes no sense its like something in this location is physically blocking this computer from normal web browsing.. like why does youtube work fine but not netflix? why can i post this on this website but cant load another? 10-18-20 ESET SCAN.txt msert.log Link to post Share on other sites More sharing options...
locko90 Posted October 19, 2020 Author ID:1415071 Share Posted October 19, 2020 Hi Maurice, I've found something that's very unusual! i opened command prompt and pinged www.google.com it worked all good. then i tried to ping www.netflix.com straight away it redirected me too (dualstack.wwwservice2--frontend-san-vpc0-571120560.us-west-2.elb.amazonaws.com) how would i go about stopping it from redirecting me? attached is screen shot of me pinging www.netflix.com in command prompt Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2020 ID:1415124 Share Posted October 19, 2020 (edited) Comment on one your mentions Quote connected computer to same phone wifi hotspot. Obviously, we cant be relying on that as a permanent solution. I asked before is this machine directly connected with a Ethernet cable to the internet ? This pc needs to have a direct Ethernet cable connection to your internet-service-router. Can you please do that ? . and also Go about resetting the Hosts file to normal default , using this Microsoft guide https://support.microsoft.com/en-us/help/972034/how-to-reset-the-hosts-file-back-to-the-default click on the Windows 10 under the Resolution section Edited October 19, 2020 by Maurice Naggar Link to post Share on other sites More sharing options...
Maurice Naggar Posted October 19, 2020 ID:1415135 Share Posted October 19, 2020 The folder c:\Users\locky\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe is in the temporary storage area for the EDGE browser That is where 6 PDF files where found & flagged by the Microsoft Safety scanner. It appears to me that they were flagged due to having bad links. And the ESET scanner did flag them and delete them. Eset deleted 9 files. They are classified as PDF/Phishing.A.Gen trojan My best judgment is that these files had been likely included with Emails that you had opened. This procedure will reset the Hosts file to normal default. At least, try to. I am attaching a new Fixlist.txt here. I need for you to find and delete the prior file off the Downloads folder. Delete the old Fixlist.txt . The system will be rebooted after the script has run. . This custom script is for Locko90 only / for this machine only. Close and save any open work files before starting this procedure. If there are any CD / DVD / or USB-flash-thumb or USB-storage drives attached, please disconnect any of those. I am sending a custom Fix script which is going to be used by the FRST64 tool. They will both work together as a pair. Please save the (attached file named) FIXLIST.txt to the Downloads folder The tool named FRST64 .exe tool is already on the Downloads Start the Windows Explorer and then, to the Downloads folder. RIGHT click on FRST64 and select RUN as Administrator and allow it to proceed. Reply YES when prompted to allow to run. to run the tool. If the tool warns you the version is outdated, please download and run the updated version. IF Windows prompts you about running this, select YES to allow it to proceed. IF you get a block message from Windows about this tool...... click line More info information on that screen and click button Run anyway on next screen. on the FRST window: Click the Fix button just once, and wait. PLEASE have lots and lots of patience when this starts. You will see a green progress bar start. Lots of patience. This run here should be fairly quick. If you receive a message that a reboot is required, please make sure you allow it to restart normally. The tool will complete its run after restart. When finished, the tool will make a log ( Fixlog.txt) in the same location from where it was run. Please attach the FIXLOG.txt with your next reply later, at your next opportunity Please know this will do a Windows Restart. Just let it do its thing. Do let me know how things are overall, after all this. Sincerely. Fixlist.txt Link to post Share on other sites More sharing options...
locko90 Posted October 19, 2020 Author ID:1415149 Share Posted October 19, 2020 Hi Maurice, thanks for further instructions. First thing first. I don't have access to ethernet connection for internet access *AT HOME*. The only option I have WHEN AT HOME is my mobile phone hotspot wifi, (which I have been using for years with no problem). if I take computer into town I can get access to a Ethernet connection to the internet (at gf house). I said this before in a older post. But I don't even need access to a Ethernet port I just need to leave my house. I Simply connect to my phone wifi hot spot *IN A DIFFERENT LOCATION* (not at home) and everything works fine. As soon as I come home it will not work properly. This is why I have asked if there could possibly be someone in my neabourhood that has hacked my wifi. Okay second thing I've just tried turning on computer this morning and it's just got a black screen. So I can't do anything now. Was working fine last night when I turned off. This morning won't boot. Link to post Share on other sites More sharing options...
locko90 Posted October 19, 2020 Author ID:1415152 Share Posted October 19, 2020 Update on situation. I have tried to boot safe mode (Pressing f8 on start up and selecting safe mode with networking) Computer just shows black screen. Rebooted computer Selected start up repair Asked to enter password, entered password. Got message (start-up repair couldn't repair your PC) Clicked advanced options. Clicked system restore. Selected 10/18/20 restore point. System restore completed successfully. Restarted comp. All booted back to normal. Logged in all good. Phew! Crisis averted haha. Now computer is working again I'll try and get the new fix it log done and report back on progress. Link to post Share on other sites More sharing options...
locko90 Posted October 19, 2020 Author ID:1415169 Share Posted October 19, 2020 okay, 1. i have reset the hosts file to normal default as instructed in guide (https://support.microsoft.com/en-us/help/972034/how-to-reset-the-hosts-file-back-to-the-default) 2. searched for infected pdf files in c:\Users\locky\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe found 20 files. tryed to delete all 20 pdf files. could not delete, got an error ( this is no longer located in c:\Users\locky\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe verify the items location and try again) 3. deleted old fixlist.txt from download folder. downloaded new fixlist file to downloads. run frst64 as admin found new update, download and installed update sucessfully selected fix fix completed restarted computer. computer rebooted fine attached is screenshot of folder %WinDir%\System32\Drivers\Etc is there supposed to be that many host files in there? Fixlog.txt Link to post Share on other sites More sharing options...
Recommended Posts