HELP PLEASE BEFORE IS TOO LATE/RAN COMBOFIX DON'T KNOW WHAT TO DO

[essexboy]

OK do not rush it , just let it happen

Once done and the system has rebooted let me know how it is

[REDACTED]

could reply to my questions please? FW on or off? win defender on or off? and avast on or off? before turning the laptop off, and then on safe mode w/networking.

thanks
19rosh

[essexboy]

It will make no difference as they are legitimate windows commands

[REDACTED]

I just now managed to start. It has done step one. Problems found with reparse points and environmental variables with path common files/roxio shared/10.0/dllshared/
It says that under program files 86 file does not exist.

Default parse points missing

C:\users\roshni\my documents (target point documents)

C:\users\roshni\printhood from path roaming\app data\microsoft\windows\network shortcuts

Same as above for folders - netwood ; recent ; send to ; start menu ; templates.

Now it's giving me option to repair. Do I proceed with this repair for reparse FIRST THEN repair environment variables? Or it won't be able to repair? If is missing, then is it going to download or what?

19rosh

[REDACTED]

Hi essexboy

You are not online and I can't leave the laptop in this point till you come back. Cause I don't even know if you are getting back online shortly.

I will shut of and come out of the program. When it is a good time for you let me know.

I didn't realise there are much more missing folders/ default user/app data from local/ app data /local history/ cookies/ temporary internet folder/ etc.

Cause it is obvious I will have questions as I go along the steps.

19rosh

[essexboy]

Yes repair those elements and any others it finds

[REDACTED]

HI essexboy

I ran check disk on step 2 or 3.

Check this out pls
FINAL PART OF THE LOG FROM THE TWEAKING TOOL:
165824855 KB total disk space.
  73232624 KB in 138034 files.
     86400 KB in 28533 indexes.
         0 KB in bad sectors.
    403347 KB in use by the system.
     65536 KB occupied by the log file.
  92102484 KB available on disk.

      4096 bytes in each allocation unit.
  41456213 total allocation units on disk.
  23025621 allocation units available on disk.

THEN I RAN CHECK DISK FROM COMMAND PROPMT as I mentioned yesterday , I had ran it already and it had said there WAS NO ERRORS, so again I ran it NOW from comm prompt.

LOG from comd

Windows has checked the file system and found no problems.

 165824855 KB total disk space.
  73761612 KB in 138062 files.
     86388 KB in 28534 indexes.
         0 KB in bad sectors.
    403859 KB in use by the system.
     65536 KB occupied by the log file.
  91572996 KB available on disk.

      4096 bytes in each allocation unit.
  41456213 total allocation units on disk.
  22893249 allocation units available on disk.

C:\Windows\system32>
_____________________________________________________________
IF THE TOOL IS NOT SCANNING THE SAME NUMBER OF FILES, THEN WHAT ELSE IS IT DOING WRONG???

From cmd windows says there are no errors. From the tool it says there are errors. So what should I do next?
___________________________________________________________________________

Is the tool scanning C & R drives or just C drive? cause I ran chkdsk for C drive only from cmd prompt. Also, under my R drive all items are now in BLUE.

The Tweaking tool says somewhere that we should run several scanners to make sure there is no infection. What one tool may not catch, another one could. To ensure Repair does not fail. Is there any other scanner you want me run before proceeding?

I tried to load the Hidden BuiltIn Admin Account but it won't even load. nothing appears on screen, except the background and a small window saying "getting personalized settings for google" , but it stays like that for ages, over 10 / 15 minutes if I leave it that long. Not even the shut/start button comes up. I had to do Ctrl+Alt+Del.

Pls get back when you can, thank you.

19rosh

[essexboy]

The blue files are compressed by windows to save space.

You will get slightly different results on each run of chkdsk as files are created and removed in between

Any improvement so far ?

Continue with the rest please

[REDACTED]

HI essexboy

sorry to say this but this is my machine, and it worries me. I asked you what to do next. you no the tool so you know it says that :

"it is better to repair manually any missing errors or something, before proceeding with repair or ELSE IT WILL FAIL"

the above message is sort of what it says, not by word. I believe it refers to chk dsk errors. so if it the tool says there are errors, you have the logs I sent you, then AGAIN , what next? do you want me to proceed with repair anyway?

if you do then you are ignoring the tools message, and as you yourself said "if we give the wrong command it can break it"

Oh, and how can there be diferent number of files when CHKDSK has been ran one straight after the other. Were files created in between 3 seconds? because that's how long it took to run both: the tools' chk dsk and the cmd prompt chk dsk.
pls reply

thnks 19rosh    oh, ihave flushed the dns by cmd prompt, using google, to find out what to type.

NOTE sorry, is there anyway you could use avast remote assistance? so you can run the tool yourself to repair? I am not confident at all to use it.

[essexboy]

The size difference is 12kb between the two runs, as I said files will be created and deleted.  These are temporary files and will vary in size

I feel your best option to get it back up and running again would be to back up your data and then reset to factory settings 

[REDACTED]

I have thought about that. But this is a Sony Vaio. It comes with a lot of bloatware I don't want. I have copied a iso file of windows I downloaded from somewhere, I can't remember where, it is 3.09 GB. and I have saved it on a network location. I wonder if it would boot from there. anyway. I would prefer to avoid all that. If you could run the tool yourself from REMTE Assistance?

[essexboy]

The first question is where did you get the ISO from, if it was a torrent then forget it, it may be infected. 

The best bet would be to run a factory restore, this totally wipes the drive.  Then remove the software using this small programme http://www.pcdecrapifier.com/features

[REDACTED]

HI,

I have found this on my registry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1038C85769625584FA5435B4210089A0/FEATURES   and then on the right side -

"="O&Y9i&,Vp=2y[`I~hHJSizs$o_(A^@F2_C*Xxddj[y~{7!V_'A@_0XZ~bFmNgbIt78)y=?Q.dad`lg9{aE2tFF1QX=vW`^67(O&eS5bPlQE@0=5]M9a.RimZDQHdPo}!.APH{e`fYM,joQ~l6B}Um9YrzA&(&^WiWkG)bn!}PAW8^JuSfFV%gFmFSdYrQA,_]YS5kn&l3@Znny$F{9Vx].reU{Bp-1a1RiTJPAvtM0p]QizT%3xw@S8Cw8WzlxuGh2cz4c=m_P(zL7{,^p8S?k.sEMvTctEu7fRerypek7*&8'?IlkwP.   etc is too long.

This Link
http://kb.eset.com/esetkb/index?page=content&id=SOLN3587          is from GeekstoGo RKinner to someone else. the link talks about

•Gootkit is also referred to ask "XSW" or "XSWKit", So I typed on Find option : XSW , on my registry and found the above entry. Is this a infection? How to I remove it?

Pls advise. I want to run that tool- Windows all in one, but the tool says if there is INFECTION it will fail. So I downloaded Malawarebytes and ran a scan, it was clean. But this appears to be a rootkit infection.

Plz advice. Thank you.
Rosh19

[REDACTED]

Hi

Sorry but the total number of files the tool has not scanned is not 12 Kb as you said. Is

 73761612 total no. By tweaking tool
- 73232624 total no. By cmd prompt. In kb.
____________
      528988 kb

I had highlighted in green. Now my worry is that I ran step 3 where I ran repair for reparse points and repair of environmental variables. If the tool didn't scan these Files, it ran repair based on info. Inaccurate. 

How do I revert the step 3.

[essexboy]

I would suggest you take it to a repair shop as nothing I will do or say could convince you that it will not blow the system up