Having problems..I couldn't open sites on FF..I can't recall exactly what it said but was something like the site was not set up properly & wasn't safe. FF could not connect. I ran Unhack-me & can move around but there are many problems shown on Rkill. I would be thankful for help.
here are the two Rkill files...Rkill 1 is before I ran unhackme..Rkill 2 is after..it looks messed up.. please help!
Hi.
Couple things:
First of all, you answered your own thread, so it's not sitting in the "unanswered queue" anymore.
Secondly, you marked it as solved, which tells everyone you no longer need help.
Here is what I would recommend. Run these programs in the order I give them:
RKILL (free)
Download RKill
ADWCleaner (free)
(Post the logs. It will have you reboot first)
Downloads - AdwCleaner - ToolsLib
RKILL again
(because everything RKILL does is undone by a reboot)
Malwarebytes Antimalware (free) FULL SCAN
(be sure to tick the box in settings to scan for rootkits!)
(post the log)
Free Anti-Malware & Malware Removal | Malwarebytes
Ccleaner (free)
Download CCleaner | Clean, optimize tune up your PC, free!
Run this cleaner on all your browsers and clear everything out. If you save passwords in your browsers, back them up first.
Then RESET ALL Browsers on the system (not just the ones you use, but all of them, especially Internet Explorer).
Reset Microsoft Edge to Default in Windows 10 | Windows 10 Tutorials
How to Reset Your Web Browser To Its Default Settings
Then, back in Ccleaner, go into Tools>Uninstall and remove any toolbars or rogue apps you find.
Then run it on your registry, ticking all boxes except Help Files.
Open an Admin Command Prompt and clear your DNS
You have 728 entries in your HOSTS file. Can you please explain?Code:ipconfig /flushdns
If there is any illegal software on the system, please uninstall it now.
Check that Windows Update is now running, and your AV also (whatever you use).
Open an Admin Command Prompt and run the System File Checker, by entering
Once it is finished, you should see "No integrity violations found". If it says found and fixed, or found and couldn't fix, reboot and run it again, up to 3 times.Code:sfc /scannow
Report back here and we'll see how things are going.
Thanks Simrick for the reply...I'll try to explain the confusion later...here are the first set of logs. I'll make sure these send then reboot.
Here is the last rkill & mbytes..I think I've completed all items...on the first post, it was all my confusion...I was your reply & was so thankful because I was getting ready to format. I don't know why all the hosts were on rkill ..they hadn't shown up before...please let me know if there is anything else I need to do...
Thank you once again Simrick..you save me a lot of trouble..kudos to you & 10forums
Thank you for the logs.
Nothing looking to terribly bad in there (except slim cleaner, which is considered a PUP).
I'd like to see a FULL SCAN though, and not just a threat scan from MBAM, with Rootkits box checked.
1. Have you confirmed Windows Update is working?
2. What Anti-Virus program do you use, and have you confirmed that it is functioning correctly (Windows Defender is disabled).
3. What were the results of the system file checker scan?
If you have completed all the steps and are no longer having any issues with FF, I think you are good to go. But, if you are still having issues, we'll need to take a deeper look.
One more thing:
Unless you or your legitimate apps have specifically made those changes to your HOSTS file, I would reset it. MS have instructions here:
https://support.microsoft.com/en-us/...to-the-default
Or you can use this tool
Downloads - RstHosts - ToolsLib
Here you can read a little more on the subject, if you like:
How can I reset the Hosts file back to the default in Windows 10? - Windows 10 Support
.
Thank you simrick..on mbam I did have rootkits checked..I didn't see any way to run a scan...I'm using a version I just upgraded from mbytes, so i'm installing the one you sent just in case.
1. I went to windows update & clicked on update ...it began looking...not sure how to check any other way.
2. I use Avast...it opens & I don't notice anything amiss...When I go to update/security there is no windows defender listed so I didn't know how to turn on or off realtime protection
3. The SFC indicated no integrity violations found.
4. Hit Man finds the file SVC host...listed as suspicious.
I will take care of the host as you have directed
I have also attatched an mbam txt from the mbam that you sent.
I think that covers it all.
Okay good - that's fine.
Defender will be disabled by Avast to prevent conflicts. Turning off Avast shields will turn off real-time protection.
Great.
Hmmm....Please provide the logs for this?
Good.
Thanks - looks good, but still only a Threat Scan. Still, since you're on the trial, you have active protection from MBAM for about 2 weeks, so that makes me feel better, while we determine what Hitman has flagged.
One thing: please run winver from the search box and post a screenshot of what version Windows you have running on there. Hopefully you're already on v1803...
For a Full MBAM scan:
Quote
