• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.   EDIT: I have asked our hosting service to do the restore at 9 PM Central time and it looks like it will go forward at that time.  Please prepare whatever you need to prepare so that we can restore your topics when the forum is stable again.

nasdaq

Global Moderator
  • Content count

    49,261
  • Joined

  • Last visited

About nasdaq

  • Rank
    Forum Deity
  • Birthday 06/18/1941

Contact Methods

  • Website URL
    http://www.colba.net/~hlebo49/index.htm
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    Montreal, QC Canada.
  • Interests
    Golf, Pool (Snooker), Enjoying retirement.

Recent Profile Visitors

77,436 profile views
  1. Restart the computer normally. If the problem persists please download and run this scanning tool. Download the version of this tool for your operating system. Farbar Recovery Scan Tool (64 bit) Farbar Recovery Scan Tool (32 bit) and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click the Add reply button. === Please post the logs. === p.s. On Jan 10, 2017 the forum installed a new software version and has not been working to our satisfaction since. Tonight at 9pm Pacific time we will revert to the old version of the program. All posts submitted on or after that date will be lost. What I suggest is that you run the tool and save both logs. If all goes well we should be back in service sometime tomorrow Saturday the 25th. Wait until then to post your logs. Send me a personal message if you have any diffiiculties.
  2. Try to boot with this Rescue Disk for Windows 10. Kaspersky Rescue Disk 10 CD -------------- To complete this process you will need a USB device and a blank CD. On a clean computer download Kaspersky Rescue Disk 10 and save it to your desktop Now go to the ISO Recorder site and download the version for your operating system (do not download the command line version) Save the file to your desktop Double click the icon to start the program Select Run, then continue to select Next until you receive a notification that the installation was complete Close the installation window Insert a blank CD into your CD ROM drive Right click on the kav_rescue_10.iso file on your desktop and select Copy image to CD/DVD Make sure Image File is selected and it shows the kavrescue_10.iso file In the Recorder section make sure it shows your CD ROM drive Select the lowest recording speed Click Next Click Finish on the Operation has been completed screen Remove the CD and insert it, and your USB device into the infected computer Reboot the infected computer As the computer boots up gently tap F12 (you may need to tap a different key like Del, Esc, F2.....) and choose to boot from CD/DVD When the Kaspersky Rescue Disk screen appears press any key within 10 seconds Press Enter on English which should be highlighted by default Press 1 to accept the agreement Press Enter on Kaspersky Rescue Disk. Graphic Mode which should be highlighted by default Allow the program to load and mount the disks Select your operating system then click OK Place a check mark in each box except for sda1 Click Start Objects Scan Upon completion do not Quarantine any items yet, simply click Report, save it to your USB device, then from your clean computer copy and paste the results in your reply Test your overall computer behavior =================================================== Refer to this article for Useful References. http://support.kaspersky.com/8093 If you need additional information or expertise I suggest you start a new topic in the Windows 10 Forum at BleepingComputer. https://www.bleepingcomputer.com/forums/f/229/windows-10-support/ This is not my forte and you should seek the help of an expert. After the Start Object Scan you get a Report you should paste that report in you new topic in the Windows 10 Forum. Good luck.
  3. Press the windows key + r on your keyboard at the same time. This will open the RUN BOX. Type Notepad and and click the OK key. Please copy the entire contents of the code box below to the a new file. start CreateRestorePoint: EmptyTemp: CloseProcesses: Task: {05D86972-A987-4E9F-8872-92B7EAA02658} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {09D8EDCC-DE0B-42F9-8103-20A3DC8F3A86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {37907E06-7AD1-42F9-96DE-B35774E17BF0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {45561755-0BB2-49DF-9B3C-3F0CEB4AB61E} - \Microsoft\Windows\WS\Badge Update -> No File <==== ATTENTION Task: {5411B38E-4073-49D8-AC0A-2FE6773029B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {65A6BCFC-76CE-4387-AD5A-31B3D38A5C58} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> No File <==== ATTENTION Task: {8242E95E-405E-4FCE-8838-781CD2142DB4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> No File <==== ATTENTION Task: {97172E15-B084-407A-A883-2D3E3471E847} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E} - \Microsoft\Windows\WS\Sync Licenses -> No File <==== ATTENTION Task: {BF5105B2-97E1-42AE-8F29-CFC9EAE3D9D8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION Task: {C5153ACC-C0C5-4F3C-97A8-86509016109B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION Task: {D841119D-D729-4ED4-B7FE-09D65A2BFB59} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {DFE2EF51-A636-44AA-AE12-E4759EE7BC3B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {E43A8F47-9CFE-48B7-920A-04ED090667AC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION[/B] End
  4. If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
  5. The FRST.txt and Addition.txt files created by the Farbar tool are text fkle. You should have not problems in copying these files to a Flash drive to the Good computer. These .txt files are not being corrupted by the infector. Attach boot files to your next reply. I need to review them. ps. Your last FRST file submitted was truncated or the file was not completely generated by the tool.
  6. --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. ======= Let me know what problem persists.
  7. Please run the RogueKiller tool I suggested last Wednesday. === Download to your Desktop the Junkware Removal Tool Download from this link. http://www.bleepingcomputer.com/download/junkware-removal-tool/ Shutdown your antivirus to avoid any conflicts. Right click the icon - disable for say 20 mins. Right-mouse click JRT.exe and select Run as administrator (If using XP just double click on the icon to run it.) The tool will open and start scanning your system. Please be patient as this can take a while to complete. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message. ====== Post the logs and let m know what problem persists.
  8. Hello, Welcome to SpywareInfoForum. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === This as you probably know is a scam. It's know as a ransomware and is difficult to remove. For now I can only suggest you navigate to this topic on the Bleepingcomputer.com Forum and follow the instructions carefully. https://www.bleepingcomputer.com/virus-removal/remove-windows-computer-has-been-blocked-scam#print Execute as much as you can. If you can get pass the malware screen and get to the internet, Normally or in Safe Mode with Networking run the Farbar tool and post the FRST and Addition.txt file for my review. p.s. This is not a worm as far as I presently know. I would still take what ever means are required to protect other computers.
  9. Please Download and run the ComboFix tool. How to use ComboFix http://www.bleepingcomputer.com/combofix/how-to-use-combofix Follow the instructions on the page. Post the content of the C:\ComboFix.txt file for my review. p.s. When all is well you can remove the tool by following the Uninstall instructions on the same page.
  10. Run the program as administrator. Post the log or let me know of any error message.
  11. If the problem persists or returns I suggest you take the matter with Malwarebytes. Thei forum link. https://forums.malwarebytes.com/ === If all is well. To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe. http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
  12. Temporarily disable your AV program so it does not interfere. Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides. Download Zoek tool from here Lets see what else we can clean. When the download appears, save to the Desktop. On the Desktop, right-click the Zoek.exe file and select: Run as Administrator (Give it a few seconds to appear.) Next, copy/paste the entire script inside the code box below to the input field of Zoek: createsrpoint; autoclean; emptyclsid; emptyffcache; FFdefaults; emptyiecache; iedefaults; emptychrcache; CHRdefaults; emptyalltemp; emptyfolderscheck;delete ipconfig /flushdns;b Now...Close any open Browsers. Click the Run script button, and wait. It takes a few minutes to run all the script. When the tool finishes, the zoek-results.log is opened in Notepad. The log is also found on the systemdrive, normally C:\ If a reboot is needed, the log is opened after the reboot. Please attach the zoek-results.log in your reply. === --RogueKiller-- Download & SAVE to your Desktop Download RogueKiller Quit all programs that you may have started. Please disconnect any USB or external drives from the computer before you run this scan! For Vista or above, right-click the program file and select "Run as Administrator" Accept the user agreements. Execute the scan and wait until it has finished. If a Windows opens to explain what [PUM's] are, read about it. Click the RoguKiller icon on your taksbar to return to the report. Click open the Report Click Export TXT button Save the file as ReportRogue.txt Click the Remove button to delete the items in RED Click Finish and close the program. Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next. ======= Also, please provide an update on how the computer is behaving after running the above script. ===