Hi all
I sure do need some experts...waaay out of my league here.
NO CLKUTE what happened but a few days ago, I got some virus warnings. Then I could not get online at all. Tried for hrs and FINALLY just did a quick system date change to a few days earlier and SEEMED like I was okay. As an Xfinity customer, I went in today to install fee Norton AV and it claims the file is infected and was deleted. (Right0
The I came to this site and tried to DL the free AV suggested here and said that was infected and deelted.
NO CLUE what the name of this ' thing ' on my PC is ...please help
THX
Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
==================================
You may be infected with ZeroAccess rootkit.
What Windows version is it?
Hi all
I sure do need some experts...waaay out of my league here.
NO CLKUTE what happened but a few days ago, I got some virus warnings. Then I could not get online at all. Tried for hrs and FINALLY just did a quick system date change to a few days earlier and SEEMED like I was okay. As an Xfinity customer, I went in today to install fee Norton AV and it claims the file is infected and was deleted. (Right0
The I came to this site and tried to DL the free AV suggested here and said that was infected and deelted.
NO CLUE what the name of this ' thing ' on my PC is ...please help
THX
If you need to have them downloaded on another computer and transfer them to yours. Using A USB memory stick, cd, etc.
Gots to get rid of the garbage so a av program can be installed.
If you need to have them downloaded on another computer and transfer them to yours. Using A USB memory stick, cd, etc.
Gots to get rid of the garbage so a av program can be installed.
OK Train ...I looked at those instructions. "IT" will not allow me to DL any of those things. Keeps claiming virus was detected and so deleted.
Will *try* to get access to another PC to do all this , but it wont be easy! So, are you saying, if I can get another PC, DL and USB, the 'thing' cannot stop me from ' dumping it' all into my PC the usb ?
If you are using Vista or Windows 7 enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
If you are using Vista or Windows 7 enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2013
Ran by SYSTEM on 21-07-2013 09:37:35
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
Restore point made on: 2013-06-11 23:00:38
Restore point made on: 2013-06-15 07:14:36
Restore point made on: 2013-06-15 23:00:37
Restore point made on: 2013-06-21 17:16:39
Restore point made on: 2013-06-28 12:36:29
Restore point made on: 2013-07-02 11:35:42
Restore point made on: 2013-07-10 23:00:41
Restore point made on: 2013-07-11 23:01:06
Restore point made on: 2013-07-18 15:13:01
Restore point made on: 2013-07-18 15:45:51
Restore point made on: 2013-07-18 23:00:45
Restore point made on: 2013-07-20 05:33:32
Restore point made on: 2013-07-20 05:34:14
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 2815.37 MB
Available physical RAM: 2176.41 MB
Total Pagefile: 2813.57 MB
Available Pagefile: 2162.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the UBCD.
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
Tried to follow all next steps. Did DL the fixlist. aok.
Went to System Recovery Options but very unclear on what to choose from there (?) Finally , skipped over and tried to go straight to notepad etc ..but nada.
Where do I go- Startup Repair or System Restore or ?????
Cannot get to the place where it says run ....fix.
You follow very same steps like you did to create FRST log.
Download attached fixlist.txt file and save it to the very same USB flash drive you've been using. Plug the drive back in.
Then....
If you are using Vista or Windows 7 enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
Use the arrow keys to select the Repair your computer menu item.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
Insert the installation disc.
Restart your computer.
If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
Click Repair your computer.
Select US as the keyboard language settings, and then click Next.
Select the operating system you want to repair, and then click Next.
Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
Select Command Prompt
In the command window type in notepad and press Enter.
The notepad opens. Under File menu select Open.
Select "Computer" and find your flash drive letter and close the notepad.
In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter Note: Replace letter e with the drive letter of your flash drive.
The tool will start to run.
When the tool opens click Yes to disclaimer.
Press Fix button.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
Many thanks for your patience .... Here is the fix log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-07-2013
Ran by SYSTEM at 2013-07-21 19:51:23 Run:1
Running from H:\
Boot Mode: Recovery
==============================================
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.
C:\Program Files (x86)\Ask.com => Moved successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
c:\progra~3\browse~1 => Moved successfully.
Browser Manager => Service deleted successfully.
"C:\ProgramData\Browser Manager" => File/Directory not found.
C:\$Recycle.Bin\S-1-5-21-2943752849-2961130617-1043429671-1000\$bec1570b88464ad800917278f134618e => Moved successfully.
Error: DeleteJunctionsIndirectory: C:\Program Files\Windows Defender => entry should be fixed outside recovery mode.