Page 6 of 6 FirstFirst ... 23456
Results 51 to 60 of 60

Thread: Please check my computer for sny possible further infection

  1. #51
    Member
    Join Date
    Jan 2016
    Posts
    65

    Red face

    I'll just leave my laptop on until you get back to me.....

  2. #52
    Member
    Join Date
    Jan 2016
    Posts
    65

    Exclamation

    So yeah, right now I actually do need someone who knows their way around Group Policy settings(and not just for preventing virus/malware) and know a way to fix what I borked(that spelling is intentional :P) up.....

  3. #53
    Member
    Join Date
    Jan 2016
    Posts
    65

    Talking

    Wait, I think I just found the solution! We shall see after a restart....

  4. #54
    Member
    Join Date
    Jan 2016
    Posts
    65

    Thumbs up

    It works!, I had to go into Device Manager and update the driver for each one that had a problem thanks to said policy. Restarted and laptop seems to be functioning like it should.

    Sorry for the dramatic scene....heehee....

    Anyways, now I know NOT to delete that rule if I am to continue and use Group Policy Settings as a measure of defense......

  5. #55
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    So very glad you were able to locate what was wrong with your computer. Sometimes the person who is on the computer everyday is the best at diagnosing the problems. Also, sorry it took so long and that I had no knowledge in tech details to help expedite your time here.
    I suppose all in all it was a learning process and that you gained in research skills and computer repair.

    I would like to comment on something
    So Juliet was wrong then to have referred me to a forum that has absolutely no knowledge of GPS? Perhaps he just googled for forums and happen to find this on the first page and thought this pace might know a thing or two about it... Actually, does anyone here even know Juliet from that Spybot forum...? Or is this really some random forum the guy picked from a google search? Heh
    First, Juliet is a SHE and I did not do anything wrong in extending out and asking other techs in trying to help locate your problem on your machine. This is something all malware techs do to help all victims in need. While unsuccessful in reaching my goal in getting you help from someone who might have an idea what was wrong, who took the time trying to research anything that could cause this, LDTate gave you the best suggestions found to help.

    WE were trained and certified in malware removal. While I think there might be other training facilities or schools that teach or help in the internals of computers, I didn't take that course. Therefor, I reached out seeking help for YOU.

    And if you would, and you don't have to of course, please check my profile at WTT of which I help in malware removal at this forum too. (Yes they know me)
    https://forums.whatthetech.com/index.php?showuser=52436

    And if need be or if it matters
    MS - MVP Consumer Security 2009 - 2016
    http://blogs.msmvps.com/insiders/mvp.../juliet-ewing/

    Now, for the tools we used and corresponding quarantine folder removal

    DelFix

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    ************************************


    • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
    • CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
    • Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
    • Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
    • NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
    • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
    • Secunia PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
    • SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
    • Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
    • Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #56
    Member
    Join Date
    Jan 2016
    Posts
    65

    Post

    Ooops, I just remembered I forgot to attach the fixlog.txt, well here it is: Fixlog.txt

    Quote Originally Posted by Juliet View Post
    First, Juliet is a SHE
    You're a she?! Sorry, I always presume any person I talk to on the internet is a guy until said 'guy' comes out and tell us he is actually a she or something else. Heh.


    Quote Originally Posted by Juliet View Post
    WE were trained and certified in malware removal. While I think there might be other training facilities or schools that teach or help in the internals of computers, I didn't take that course. Therefor, I reached out seeking help for YOU.
    Well I appreciate the help, thanks.

    Quote Originally Posted by Juliet View Post
    And if you would, and you don't have to of course, please check my profile at WTT of which I help in malware removal at this forum too. (Yes they know me)
    https://forums.whatthetech.com/index.php?showuser=52436

    And if need be or if it matters
    MS - MVP Consumer Security 2009 - 2016
    http://blogs.msmvps.com/insiders/mvp.../juliet-ewing/
    Hm okay....


    Quote Originally Posted by Juliet View Post
    Now, for the tools we used and corresponding quarantine folder removal

    DelFix

    • Please download DelFix or from Here and save the file to your Desktop.
    • Double-click DelFix.exe to run the programme.
    • Place a checkmark next to the following items:
    • Activate UAC
    • Remove disinfection tools
    • Click the Run button.
    • -- This will remove the specialized tools we used to disinfect your system.
      Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete
      ).

    ************************************


    • AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
    • CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
    • Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
    • Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
    • NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
    • Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
    • Secunia PSI will scan your computer for vulnerable softwarethat is outdated, and automatically find the latest update for you.
    • SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
    • Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
    • Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.
    Done

    Here's a log if you wanna see it:
    Code:
    # DelFix v1.010 - Logfile created 26/08/2016 at 12:30:47
    # Updated 26/04/2015 by Xplode
    # Username : Manectric - RAIKOU
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
    
    ~ Activating UAC ... OK
    
    ~ Removing disinfection tools ...
    
    Deleted : \FRST
    Deleted : \RegBackup
    Deleted : \TDSSKiller.3.1.0.11_20.08.2016_10.32.30_log.txt
    Deleted : C:\Users\Manectric\Desktop\Rkill.txt
    
    ########## - EOF - ##########

  7. #57
    Member
    Join Date
    Jan 2016
    Posts
    65

    Question

    Oh the Delfix deleted itself Is that suppose to happen?

    I'm guessing you don't know what GDI Objects are either or and have no experiences/knowledge about them?

    Also:
    Quote Originally Posted by Nnewb View Post
    Hmmm, I have a question unrelated to this thread post and thought you might be able to answer this for me, so when you reach the 10k limit for GDI Objects, the UI of whatever progam becomes screwed up yeah? So what causes this: Attachment 12663Attachment 12664(The Process Explorer picture is probably a better illustration as with ESET scanner, we now know obviously that's caused by reaching the GDI objects limit but I added it there for additional illustrations) If GDI Objects limit is not reach? What cause the black highlights? It happens on notepad too with pure text and you would see a row of black highlighted text.... As you can see, in this case the GDI Objects' limit aren't reached yet text is black highlighted.
    Quote Originally Posted by Nnewb View Post
    Oh ok, then explain to me why some of these processes are attempting to access those blocked addresses...? Ok just checked CurrPorts and it no longer appears to be accessing the blocked address(perhaps a one off?), however it is still looping itself to host for some reason....at various ports from 49000 to 49900....
    So have you asked other techies of this or haven't yet? Otherwise I guess I'll just go post on another forum and ask these questions....along with the other questions before this that you don't seem to have the knowledge to answer.

    Wow gee, you must have a lot of time on your hands to kill if you're volunteering your time to help others! Wish I had lost of time to kill so I can do it too(to further improve my knowledge/experiences of virus/malware fighting) as well as doing IRL stuff to play video games and watch stuff.....ahhh if only I could pause time........or at least somehow extend my time whilst I'm awake(and sleeping too I guess because I sometimes have nice dreams that I don't want to be awaken from....)...

  8. #58
    Member
    Join Date
    Jan 2016
    Posts
    65

    Thumbs up

    So I don't waste more of your time on me that could have been better spent on helping more important matters like other people who need more help than me because they're seriously infected or something and you helping me on probably tricial matters that I can look into myself is one person down....

    That was suppose to be amended to the last post but of course I cannot edit my posts.... -.-

  9. #59
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    So have you asked other techies of this or haven't yet? Otherwise I guess I'll just go post on another forum and ask these questions....along with the other questions before this that you don't seem to have the knowledge to answer.
    I have asked like I said I would. One person did reply back and that it would have to wait till after he was back from vacation.

    If you wish, below are 2 other help forums designated specifically to windows 7

    http://www.sevenforums.com/
    http://www.bleepingcomputer.com/forums/f/167/windows-7/
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #60
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Thank you Juliet for all the assistance you kindly provided.

    This thread is now archived.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •