So my hard drive died last week and I just got my computer back today. I tried to download NookStudy, which you can’t get from BN anymore and I assume that’s where I got this bug, whatever it was. Computer was working find yesterday after I started putting programs back on it. This morning I tried to put the nook program and the threat detected thing popped up shortly thereafter, I think.
The object blocked is listed as wolfhack.no-ip.biz/skype (I don’t have Skype on my computer, so I assume this is just the name they chose to use). And the process is listed as windows\system32\wscript.exe.
I ran the scans with Avast, Malwarebytes and Spybot and Spybot was the only thing that detected any issues, though none appeared to pertain to this issue. I did a system restore, which didn’t work at first, I had to go back a bit later and that worked, but I’m still getting this constant pop-up that a threat was blocked.
I should mention that I’ve also been having a hell of a time trying to install .Net Framework 4. I had to have it for a program to get my music back from my ipod (now removed with the system restore) onto my computer, and no matter how many times I try or how long I wait, it seems to make no progress on installing. I don’t plan on using that program anymore, so that isn’t an issue anymore, but I figured it might be related.
I understood the instructions, I just wanted to make sure they were all necessary. I don’t like loading my computer up with a ton of programs and I know nothing about those.
Understand about “loading the system with programs” but we do try and remove the tools used to clean your system (when we are finished).
Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter. Please copy the contents of the Code box below. To do this highlight the contents of the box by clicking [Select] next to Code: , then right click on any of the highlighted text and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
NOTE. It’s important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST64 by right clicking on the FRST64.exe file, selecting “Run as Administrator…”. The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.
The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.
Quick question. I ran FRST from the downloads folder, not the desktop. When I clicked the download it started right up and I clicked run before I realized it wasn’t saved on the desktop. I can move it to the desktop now, or would it be better for me to just save the fixlist file to my downloads folder and run the fix from the same place I ran the scan? Or did I completely screw up and now need to re-run the scan?
Also, Avast appears to have stopped alerting me to the threat blocked for no apparent reason. It is malware, right?
Saved fixlist to the desktop and moved the program there. Ran the fix from the desktop, and attached the log below. Computer appears to be fine. Like I noted above though, I haven’t observed a notification from Avast like I originally posted in at least a couple hours. Maybe since I originally ran the programs.
Let me know if there’s anything else I need to do and thank you very, very much for your help.
Looks like that took care of it (possibly Avast removed what I had on the Fixlist first). Let’s get the tools off your system and you on your way …
Clean up of Malware Removal Tools
Now that we are through using these tools, let’s clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.
[]Download Delfix from here to your desktop and double click it to start the program
[*]Ensure Remove disinfection tools is ticked Also tick:
[]Activate UAC
[]Create registry backup
[]Purge system restore
[*]Reset system settings
[*]Click Run
[*]The program will run for a few moments and then notepad will open with a log. Note: Please save this log first before rebooting your system (if asked to); DelFix does not save the log as it is trying to remove all traces of our work on your system. Please attach the log in your next reply.
You can delete any log files left on your desktop as these are no longer needed.