-
IMPORTANT: Only authorized members may reply to threads in this forum due to the complexity of the malware removal process. Authorized members include Malware Specialists and Trainees, Administrators, Moderators, and Trusted Advisors. Regular members are not permitted to reply, and any such posts will be deleted without notice or further explanation. Notice
Browsers are taken over-Windows says isn't authentic
I have a laptop (SysInfo below) that I loaned to my son while I fixed some broken hardware on his. When I got it back, the browsers are jacked...always popping up windows wanting me to download some utility, messages saying my system is seriously compromised and must call a number for tech support, wont let me exit pages, can't keep up with the popups, etc..
While I had it, I used MS security essentials and their malicious sw removal tool and on occasion malwarebytes. Since he only had limited access to the internet, he downloaded and blogged what he needed--just did his own thing, isn't into anything covert, but not all that careful. And, he did not keep the MS tools updated or scanned and Malwarebytes updates were way outdated. Through a lot of effort I was able to uninstall malwarebytes, uninstall Java, and update MS security essentials, and downloaded the latest copy of their malware removal tool. Other than wanting to just get the laptop generally cleaned up so I can use the browsers and java again, I have two major concerns. First, when I got the laptop back, it now says I don't have a legitimate copy of windows anymore, which it is (Was Vista OEM, but upgraded to a legitimate version of 7), and the second concern I have is that when security essentials was updated and scanned, it came back with a message saying that items detected on my system need further analysis by MS to determine if they are malicious. The path for what they are looking at is: C:\Users\(username)\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe . I have to check the entry (it was the only one found) and then choose to send the report to MS or not. I'm a little uneasy sending it to MS, first because my experience with info that gets reported to most organizations generally merits no response and thus no assistance either. The thing I'm a little concerned over is that they are asking to evaluate a utility that comes stock with every sandisk usb flashdrive for allowing you to save files on their drives with SanDisk proprietary encryption. I guess my concern is with the file they are wanting to examine more closely (I know this sounds a little paranoid when it comes to corporate espionage--and I'm not a conspiracy freak by any measure). First because of the proprietary encryption, and second, because it's under my user profile (I created a windows user profile he could use while he had it), especially now that it's saying I don't have a valid windows license. I don't want to be busted for going against anything in their windows agreement and loose the license (that is if it's not already lost). I'm sure I've plugged dozens of flash drives into the laptop, as has my son. So my specific questions are:
1. Should I send the info to MS they are requesting?
2. How do I get my old laptop back in working order?
3. I'm even wary about making backups of it in it's current condition--if there's all kinds of ugliness on there, I'm not sure if I want a copy of whatever it is, roaming around on my external backup hard drive--and there's too much stuff to backup to DVD and, btw, the burner has stopped burning any disks as well he said.
Any and all help is appreciated. I know it's an old dog of a box, but it's been a good laptop and I'd really like to hang onto it for a backup or second machine still. Thx in advance!
SysInfo:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz, x64 Family 6 Model 15 Stepping 11
Processor Count: 2
RAM: 3573 Mb
Graphics Card: VNC Mirror Driver, 3 Mb
Hard Drives: C: Total - 47700 MB, Free - 8368 MB; D: Total - 47692 MB, Free - 6524 MB;
Motherboard: Dell Inc., 0KU184
Antivirus: Microsoft Security Essentials, Updated and Enabled
While I had it, I used MS security essentials and their malicious sw removal tool and on occasion malwarebytes. Since he only had limited access to the internet, he downloaded and blogged what he needed--just did his own thing, isn't into anything covert, but not all that careful. And, he did not keep the MS tools updated or scanned and Malwarebytes updates were way outdated. Through a lot of effort I was able to uninstall malwarebytes, uninstall Java, and update MS security essentials, and downloaded the latest copy of their malware removal tool. Other than wanting to just get the laptop generally cleaned up so I can use the browsers and java again, I have two major concerns. First, when I got the laptop back, it now says I don't have a legitimate copy of windows anymore, which it is (Was Vista OEM, but upgraded to a legitimate version of 7), and the second concern I have is that when security essentials was updated and scanned, it came back with a message saying that items detected on my system need further analysis by MS to determine if they are malicious. The path for what they are looking at is: C:\Users\(username)\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe . I have to check the entry (it was the only one found) and then choose to send the report to MS or not. I'm a little uneasy sending it to MS, first because my experience with info that gets reported to most organizations generally merits no response and thus no assistance either. The thing I'm a little concerned over is that they are asking to evaluate a utility that comes stock with every sandisk usb flashdrive for allowing you to save files on their drives with SanDisk proprietary encryption. I guess my concern is with the file they are wanting to examine more closely (I know this sounds a little paranoid when it comes to corporate espionage--and I'm not a conspiracy freak by any measure). First because of the proprietary encryption, and second, because it's under my user profile (I created a windows user profile he could use while he had it), especially now that it's saying I don't have a valid windows license. I don't want to be busted for going against anything in their windows agreement and loose the license (that is if it's not already lost). I'm sure I've plugged dozens of flash drives into the laptop, as has my son. So my specific questions are:
1. Should I send the info to MS they are requesting?
2. How do I get my old laptop back in working order?
3. I'm even wary about making backups of it in it's current condition--if there's all kinds of ugliness on there, I'm not sure if I want a copy of whatever it is, roaming around on my external backup hard drive--and there's too much stuff to backup to DVD and, btw, the burner has stopped burning any disks as well he said.
Any and all help is appreciated. I know it's an old dog of a box, but it's been a good laptop and I'd really like to hang onto it for a backup or second machine still. Thx in advance!
SysInfo:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU T7500 @ 2.20GHz, x64 Family 6 Model 15 Stepping 11
Processor Count: 2
RAM: 3573 Mb
Graphics Card: VNC Mirror Driver, 3 Mb
Hard Drives: C: Total - 47700 MB, Free - 8368 MB; D: Total - 47692 MB, Free - 6524 MB;
Motherboard: Dell Inc., 0KU184
Antivirus: Microsoft Security Essentials, Updated and Enabled
- Status
- Not open for further replies.
1 - 1 of 1 Posts
1 - 1 of 1 Posts
- Status
- Not open for further replies.
Tech Support Guy
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
