shassar

So McAfee is shot down. It was fine before I disabled it because some of those scanning programs needed it to be disabled. Windows Defender is also off, which it says it doesn't exist anymore when I try to restart the service. All services on McAfee are running.

Well I have one issue now. McAfee Antivirus real scan keeps turning off. I keep hitting on, it immediately turns back off. That is not normal.

Thanks again, I will try to figure out why my Action Center is all off. I might reinstall Windows because I know nothing can be 100% disinfected once a computer gets infected. But I figured I should attempt any clean up first before reinstalling because I heard remnant viruses can still come back on a freshly new installed OS. Sadly we just put a new hard disk on this laptop because the other one got a mechanical problem as it was in my backpack on the plane. I will let you know if something funny pops up in the meantime.

Gringo, I get an error when I try to Run ComboFix /Uninstall. It says it does not exist. I did run it from a Flash drive... maybe that's why? Also I noticed the script you gave me it's titled C:\FRST.exe. I used FRST from a flash drive, (Drive E). Does it matter? Last, should I be concerned with the RogueKiller's report: ¤¤¤ Registry Entries : 3 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Policies\Explorer\Run : KB2485155 ("C:\Users\user\AppData\Local\KB2485155\KB2485155.exe") [x] -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) I see the words REPLACED. That concern's me. I will go on and remove the rest of the tools now.

Yes. Is there anything else I need to do to ensure the eradication of any suspicious malware and viruses?

If I click on "Customize notification icons" it takes me to the other one "Select which icons and notifications appear on the taskbar". Action Center is no longer there.

Gringo, The shield icon of the virus is gone!!! So, for sure it means I do not have that other virus anymore, correct? Also, the notification area is still grayed out.

In case you didn't see my previous posts, I tried again. Nothing changed. I guess we should just focus on eliminating whatever Eset found first.

Sorry, I wish I could edit my posts. The repository file is magically back after I deleted it.

Ok, I had to stop Windows Management services again and the repository file has been deleted. I rebooted the computer... however the virus icon (brown shield is still there), action center is still grayed out. Anyways, anything I need to do with those 4 affected files Eset found?

Yes I stopped both services.... Want to try it again?

Wow.... those Cnet files..... Actually that's a document folder I threw in on my desktop when I was borrowing the flash drive from my uncle.... I needed that flash drive a few days ago to give them a big file. I didn't want to delete his stuff so I put that folder on my desktop. But I never opened it to look at it. Don't tell me that is the cause of all this mess...

By the way I cannot delete the repository file. It says: This action cannot be complete. The file or it's components are open and in use.

Gringo, here is the log from Eset: C:\FRST\Quarantine\KB2485155\KB2485155.exe a variant of Win32/Kryptik.BAHW trojan C:\Users\user\Desktop\Documents\camcorder\cnet2_photostudiodarkroom2_retail_intro_all_exe.exe a variant of Win32/InstallCore.D application C:\Users\user\Desktop\Documents\camcorder\cnet2_video_converter_setup_exe.exe a variant of Win32/InstallCore.D application C:\Users\user\Downloads\Setup.exe a variant of Win32/Adware.iBryte.G application

Ok thanks, I will do that as soon as Eset is done because I don't want to boot the computer now. It's still scanning, it has found 3 applications and a trojan.