Other > Viruses and worms
HELP PLEASE BEFORE IS TOO LATE/RAN COMBOFIX DON'T KNOW WHAT TO DO
REDACTED:
Hi Essesexboy,
here is the logs.
I have used OTcleanit to get rid of combofix and Qoobox. however the Qoobox gave me a lot of hassle. I had to take permissions, and try to delete it, no success, then ownership, and changed ownership again to administrator, and at some point allowed me to delete it.
I don't know what infection it was but, it was related to TROJAN, as I connected a USB key 3 weeks ago, immediately AVAST gave me a HIGH alert saying TROJAN detected, I took the usb straight out of my laptop, and have not used again. But I do need to clean it, and don't know how. I also, deleted those files I mentioned on previous post, which were on c drive. as all of them I googled and were viruses, and not signed, modified the night before - date- after the time I had run combofix.
I am having great difficulty getting the letters on the screen below, right, when I click on play to listen to the letters, it doesn't work.
thank you
essexboy:
OK lets try to repair this, I give no guarantees
Download Windows All In One Repair from Tweaking.com to your desktop
Install the programme
Reboot to safe mode with networking
Run Windows All In One
Select Step 2
Select open Pre-repairs scan then click scan
Let that complete
Save the results to a text file on your desktop
Next select step 3 and run chkdsk
Next select step 4 and run system file checker
Next select Step 5 and back up the registry
Open the Repairs tab
Select the following repair numbers :
1 to 5, 10, 13, 15, 23, 26 and 27
Set the system to reboot on completion
The press Start Repairs
REDACTED:
Hi Essexboy,
Just a couple of questions before I start :
1. what are the risks of not going as you expect? I mean the worse case scenario? laptop becoming unbootable ?permanently?
2. Fix/repair what? what exactly are we repairing here? is the virus still somewhere? or there may be remnants, we are trying to detect & clean?
3. I know that right now, laptop is working very very slow, but is still working, and I have no cash to buy any repair, hardware piece or any other alternative. So, How CRUCIAL is this repair? What are the errors you have noticed on the logs I have sent you?
4. Of course I want to find out what is wrong, if any files are missing etc. But at what cost are we going to attempt that? If it does go wrong, will F8 option to factory default still work? I have had 3 restores that way since I bought the laptop (new), in 3yrs. And I am the only user.
Guest is active though, but not being used; same regarding the HIDDEN BUILTIN Admin that I activated for troubleshooting, once only, still appears as active, when I log on.
Though I have had other accounts, now deleted, and another partition also deleted, and another Laptop Name, not is use. I don't remember other passwords, and names previously used. Half way the repair If I am asked old information I won't remember it.
Please could you kindly help me with the above, I am concerned when you say "no guarantees"? I have paid £500.00 for this machine and I have always used it carefully. It is not used for games or any other indecent activities. I use it as a Educational Tool only, and it is very precious to me.
Also, am I to DISABLE ALL AVAST SHIELDS, ONLINE SCANNER - WHICH ADDED ITSELF TO CHROME, WITHOUT ME ASKING FOR IT? And Malware tools like FRST and aswMBR - are they meant to stay as they are: on my desktop , whilst attempting repair?
The link Pondus sent me, also said if we have used a USB key then we should run MCShield. I have downloaded it, but have not dared to install it, or place the infected key on my laptop. I am scared to do that. I know there's a Trojan virus there.
Please get back to me asap. Thank you so much for your help.
19rosh
REDACTED:
Hi essexboy,
I just went to the Tweaking.com site, to check the forums there and see how good is this tool. The first one I read, says:
I installed this because I was trying to fix that my computer wouldn't update and well now I don't need updates at all because I don't have a system anymore. I was told that by doing a disc check through this program it could fix my problem so I made a restore point and went ahead and did so, (note my computer is genuine and since the day I bought it from Acer its only been restored once and before this I only had a problem with my updates) I restarted my computer so the disc check commenced! 1 hour later... 3 hours later.... 5 hours later... I can't do this anymore I'm just watching my laptop constantly restart and do another disc check so on the fifth hour I pressed a button to cancel it and log in.
Oh whats this? My computer is asking me to reactivate windows with my pretty desktop now black with "windows vista (tm) build 6002 this copy of windows is not genuine" so I try to activate it and it won't let me so I exit out and it says something about my desktop missing or its been moved ( no longer have the error as I ran a shadow copy repairthrough this program) and I have no permissions to do anything.
I don't think I want to read any more about this tool. I know that there is files missing. I can't just run something, on my laptop, after so many tools I have already downloaded, and deleted. Like spybot, FRST, Combofix, Unlocker beta, MCShield, OTCleanit, I have deleted Eset Online scanner too. Deleted some Greatis folder from my registry, I found to be from a virus. Also, my email account, are full of adds from financial companies.
Migwiz folder from registry is also deleted. But is on my C drive, cause I read is virus, but then I read it could be legit.
I have taken OWNERSHIP OF MY C DRIVE FEW MONTHS BACK, cause windows update has given me enough headaches a year ago, that I completely switched OFF Windows Updates for over 10 months. And had no more Headaches. Since this USB , which I HAD to use in a PC in a Net Café, I am having to download all sorts of things I am not trained on. Which makes me very VERY UNCONFORTABLE.
I hope you understand my concerns, sorry for the long messages. Please advise and reply to my previous questions on previous post.
thank you ever so much. Just one more thing I remembered: AVAST added itself to chrome today, but last week I had it added on Chrome, I uninstalled Chrome & all keys from registry, cause I noted that registry keys related to google , were much too much , together with some "click...whatever whatever" so I uninstalled Google completely, and re-downloaded it, after deleting all Google folders under all users. Now AVast WAS NOT MEANT TO CONTROL AND CHECK AND BLOCK ALL EMAIL TRAFIC TOO? HOW CAN I HAVE SO MANY ADDS FROM FINANCIAL COMPANIES? Is my identity compromised?
19rosh
Pondus:
Essexboy is in bed now, check back tomorrow
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version