We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Help! Google redirecting to other s/engines ...
Comments
-
Unhackme finds rootkits. Rootkits are notorious for evading anti-virus programs. They can prevent you from downloading and/or running your anti-virus correctly. I really think you need a rootkit detector like Unhackme.more dollar$ than sense0
-
Help!!
Now getting all sorts of warnings/windows messages come up on my p.c. with messages saying my p.c. is in danger of being attacked and I need to download this program and that program.
What should I do?
MimiWins since 2009 = £17,600MANY THANKS TO ALL OPS0 -
I would hazard a guess to say that one of the programmes you have downloaded or one of the sites you have been to has reinfected you. I would update and run malwarebytes again and post the log for reluctant spender to look over.0
-
See post 3. Can do no harm.0
-
I cant see why you are reinfected from the combofix log.
What warnings are you getting?
Are you using a router for your broadband?
I would update Malwarebytes - disconnect from the net and then run a full scan with malwarebytes and lets see what that produces.
IF YOU HAVE A ROUTER follow this;
Next you must reset the router to its default configuration. This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up HERE
However, if there are other Zlob-infected machines using the same router, they will need to be cleared with the above steps before resetting the router. Otherwise, the malware will simply go back and change the router's DNS settings. You also need to reconfigure any security settings you had in place prior to the reset. Check out this site here for video tutorials on how to properly configure your router's encryption and security settings. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.
Once you have ran Malwarebytes' Anti-Malware on the infected system, and reset the router to its default configuration you can reconnect to the internet, and router. Then return to this site to post your logs.0 -
http://www.emsisoft.com/en/software/free/ is a link to a-squared free version, I have found in the past that the type of virus/trojan you are describing is easier removed with this
ps...a question to the reluctnt spender, would pointing the router to open dns test it, before resetting the router??- 208.67.222.222 (resolver1.opendns.com)
- 208.67.220.220 (resolver2.opendns.com)
0 -
Help!!
Now getting all sorts of warnings/windows messages come up on my p.c. with messages saying my p.c. is in danger of being attacked and I need to download this program and that program.
What should I do?
Mimi
do not believe that program...it is spyware that has been dropped on your machine by the trojan0 -
-
Open notepad and copy/paste the text in RED below
File::
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\51D6C5998E.sys
Save this as "CFScript" (FULL file will be 'CFScript.txt' EXACTLY as shown)
Then drag the CFScript into ComboFix.exe as you see in the screenshot below.
This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply
Combofix should never take more that 30 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
Seems you also have a root infection
Sophos is supposed to be pretty good for them ~
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html:idea:0 -
Im just thinking malwarebytes should have made a dent in it....unless , i wont go into that
would it be worth uninstalling malwarebytes, renaming mbam.exe to blah.exe(or anything) and re installing? and also running a-squared that i mentioned up there ^
once its cleaned ...flush system restore (turn it off,reboot then turn it on again)0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.2K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.2K Work, Benefits & Business
- 600.9K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards