Jump to content

Recommended Posts

Ok let me start out by saying thank you to anyone that does/can help me out with any problems that i have.

So where to start, im not a real computer savvy person so you will have too excuse me for slow replys as i will have to speak to my friend to help me out with anything that you ask me too do, so i do not mess anything up.

As for the problems i am having, recently my computer has been runnng extremely slow and at times my computer is running at or near close to 100% usage on my CPU at all times. Even though my computer is not even that bad. I spoke to a friend of mine that recommended downloading ADW cleaner, but when i tried to download it, it threw an error at me saying that it was not a valid Win32 application. So my friend connected to me via teamviewer and transfered the exe onto my computer and i got it running that way. And by the look off the txt file it gave on reboot of the computer it was a fair amount of stuff that was deleted.

After that my friend recommended me too come over here to this forum to ask for some possible help to clean up my computer and running smooth again, as all this is really starting to depress me. In between all the errors im getting when i am trying to do stuff and the general slow performance i am now getting out of my computer i just feel like getting my computer completely wiped clean, but i thought i would try this out before doing so to see if it is salvagable.

So upon coming this site i read about downloading and running Malware Anti-Malware which i tried to do, but again it gave me an error when trying to download it. So again my friend downloaded the exe and transfered it too me via Teamviwer and i installed it. But when i opened the program it said it was out of date and i tried to update it, but it then gave me another error saying "An error has accured please report this issue to our support team(Include the content of all error message(s) and code(s) in your submisison). PROGRAM_ERROR_UPDATING (0,0, Incomplete transfer)

So i was unable to get it updated and running. Though i have got and ran the DDS program you required and have attached them to this post.

Any help on this matter would be greatly appreciated. And thank you in advance for any help you can provide on getting this sorted out.
 

 

 

attach.txt

dds.txt

Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Hi there MrCharlie and thank you for your rapid response.

 

I have tried to download the RogueKiller 64 Bit. But unfortunately the web page seems to be offline. I have asked my friend to check it also in case it was just my end. But it is down his end also.

Is it possible that you have another download link that i can get that from ? Would be greatly appreciated.

Link to post
Share on other sites

Ok, so i tried the 32bit version. I downloaded it fine and ran the scan, It finds 3 problems on the computer but shortly after my computer just completely locks up and i am unable to Ctrl+Alt+Del to even see what is the problem. Which results in me having to use the reset button on the front of my computer to restart it all. This has happened 2 times. Any advice you can give there ?

Link to post
Share on other sites

Thanks for that there MrC. That helped. Please find enclosed the full report that it gave:

 

RogueKiller V8.8.12 _x64_ [Mar 20 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode
User : Chrissy [Admin rights]
Mode : Scan -- Date : 03/22/2014 17:59:40
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 2 ¤¤¤
[FF][PUP] 775a4hqe.default : MySearchDial NewTab
[FF][PUP] 775a4hqe.default : mysearchdial.com

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : PUP ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA DT01ACA200 +++++
--- User ---
[MBR] f0e50ebe2fb4309ffc7c5f5a213ea4b2
[bSP] 36c549aa4824eb7d2708a4ab2f5007d1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 399900 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 819202048 | Size: 1507726 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_03222014_175940.txt >>



 

Link to post
Share on other sites

AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 Premier Edition *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

 

I see you have Ad-Aware, Norton and Defender on the system, including 2 firewalls.

This is no good.

Having two anti-virus programs running on a system only causes poor performance, conflicts and spotty protection.

Pick one as your anti-virus and uninstall/disable the others.

How to Disable Defender

Dangers of running 2 anti-virus programs

-------------------------------------------------------------------

See if you can delete these using RogueKiller:

¤¤¤ Browser Addons : 2 ¤¤¤

[FF][PUP] 775a4hqe.default : MySearchDial NewTab

[FF][PUP] 775a4hqe.default : mysearchdial.com

Run RogueKiller again and click Scan

When the scan completes > click on the Browser Addons tab

Put a check next to all of these and uncheck the rest: (if found)

 

[FF][PUP] 775a4hqe.default : MySearchDial NewTab

[FF][PUP] 775a4hqe.default : mysearchdial.com

Now click Delete on the right hand column under Options

-------------

Please read the directions carefully so you don't end up deleting something that is good!!

If in doubt about an entry....please ask or choose Skip!!!!

Don't Delete anything unless instructed to!

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If a suspicious object is detected, the default action will be Skip, click on Continue

Please note that TDSSKiller can be run in safe mode if needed.

Please download the latest version of TDSSKiller from HERE and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    image000q.png

  • Put a checkmark beside loaded modules.

    2012081514h0118.png

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    clip.jpg

  • Click the Start Scan button.

    19695967.jpg

  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    67776163.jpg

    Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.

    If in doubt about an entry....please ask or choose Skip

  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    62117367.jpg

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here. There may be 3 logs > so post or attach all of them.
  • Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

Here's a summary of what to do if you would like to print it out:

If in doubt about an entry....please ask or choose Skip

Don't Delete anything unless instructed to!

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

~~~~~~~~~~~~~~~~~~~~

You can attach the logs if they're too long:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

Next:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

 

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Ok, sorry for the time between your reply and this reply. I was having some trouble with the Roguekiller making my computer unresponsive a few times, even resulting in me having to reinstall my wireless card drivers again a couple of times. But i went into SAFE Mode, and everything ran fine after that. Again whilst doing all this, i have to have my friend download the files from his side and transfer them over to me via Teamviewer as the files always seem to hang @ 1% left on the download and then i get some error message saying it failed for some reason. But at least i am able to get ahold of the programs you are asking me too get.

 

So going through the list of stuff you asked me to do i have:

 

  • Ran Roguekiller and deleted the 2 objects you asked me too (have attached .txt file)
  • Ran TDSSKiller and followed your instructions for as much as i remember. (Attached both log files)
  • Ran Combo fix (attached the .txt file also)

Hopefully everything is done correctly. Im sure you will be able too see from the logs.Ive attached them, as it seemed like it would be a lot of text to try and copy paste all into 1 post. Easier to keep the posts clean and tidy.

 

Thanks again for all the help, it is appreciated.

rk report 2.txt

TDSSKiller.3.0.0.25_23.03.2014_00.32.06_log.txt

TDSSKiller.3.0.0.25_23.03.2014_00.34.45_log.txt

ComboFix.txt

Link to post
Share on other sites

What have you done about your anti-virus programs and firewall, I still see all of them running in the logs??

What's staying and what's going?? We have to clean all up that up.

How is the computer if you reboot into safe mode with networking???

Let me know.....MrC
 

"McAfeeUpdaterUI"="c:\program files (x86)\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]

R1 bdfwfpf;bdfwfpf;c:\program files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [x]

R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130522.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\BASHDefs\20130522.001\BHDrvx64.sys [x]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\ccSetx64.sys [x]

R1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130402.100\IDSVia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.4.0.40\Definitions\IPSDefs\20130402.100\IDSVia64.sys [x]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1404000.028\Ironx64.SYS [x]

R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1404000.028\SYMNETS.SYS [x]

R2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [x]

R2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [x]

R3 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [x]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]

 

 

Link to post
Share on other sites

Hi there MrC and thanks again for the help. I forgot to uninstall the extra programs but i have done so now. I have uninstalled Adaware and Norton. I got rid of both because Norton had ran out of subscription and was thinking of getting something a little better like AVG which i was also going to ask you for some recommendations on a good free Antivirus program. As for Safemode with Networking, i have not yet tried it. What would you like me to check in there exactly?

Link to post
Share on other sites

Safe mode with networking:

I want you to see if all the problems go away when in safe mode.

Please do this also:

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.
(use correct version for your system.....Which system am I using?)
FRST <----for 32 bit systems
FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.
reply1.jpg

New window that comes up.
replyer1.jpg

MrC

Link to post
Share on other sites

Clean out temp files:

Download TFC from here and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
http://www.bleepingcomputer.com/download/tfc/dl/92/
Close any open programs and Internet browsers.
Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
Please be patient as clearing out temp files may take a while.
Once it completes you may be prompted to restart your computer, please do so.
Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

Next......

Download the attached fixlist.txt to the same folder as FRST.
Run FRST.exe and click Fix only once and wait
The tool will create a log (Fixlog.txt) in the folder, please post it to your reply.

Next......


Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Next.......

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Last......

 


CHR DefaultSearchKeyword: conduit.search <------change to what you want
CHR DefaultSearchProvider: Conduit Search <------change to what you want
CHR DefaultSearchURL: http://search.conduit.com/Results.aspx?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP865FB6F0-C428-4364-9752-86C2393D2447&q={searchTerms}&SSPV= <------change to what you want
CHR DefaultNewTabURL:

 


Google Chrome has Conduit in it and you have to manually change it.
Reset home and search pages:
https://support.google.com/chrome/answer/2765944?hl=en

Let me know how it is, MrC

Link to post
Share on other sites

Ok. So i have gone through everything you asked me too do.

 

The only thing i was unable to sort out was the Conduit search engine within Chrome. What ever i try too do will not change it. I have tried deleting the address and editing it, i have also tried to make a new search engine with just google and from what i was reading from the address you linked me it is supposed to show itself in the drop down menu which it is not. So i gave up on trying to get around that as maybe you know what is wrong there ?

 

I have done everything else though and am including the logs from each program in this reply.

 

Thanks again

mbam-log-2014-03-23 (16-44-18).txt

AdwCleanerR1.txt

Fixlog.txt

Link to post
Share on other sites

Yes everything is running fine now MrC. The only problem i have left to get sorted is that problem with Chrome. Are all the logs looking cleaner now after the last lot of logs i posted ? Also which Virus protection would you recommend as a free option ? As i have gotten rid of both Ad-Aware and Norton when doing that clean up. Thanks again.

Link to post
Share on other sites

Just reset Chrome:

https://support.google.com/chrome/answer/3296214?hl=en

I'll give advice on what AV to use in the next post.

------------------

Lets check your computers security before you go and we have a little cleanup to do also:

Download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!
MrC
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.81  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Call of Duty: Ghosts  
 Call of Duty: Ghosts - Multiplayer
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 51  
  Adobe Flash Player 11.9.900.152 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox 24.0 Firefox out of Date!  
 Google Chrome 32.0.1700.76  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

For your anti-virus I would recommend AVAST, you'll find the links in My Preventive Maintenance below along with much more info.

Make sure you disable Windows Defender when you install it:
How to Disable Defender

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Out dated programs on the system are vulnerable to malware.
Please update or uninstall them:


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Adobe Flash Player 11.9.900.152 Flash Player out of Date!
Flash Player:
Check for an update if available
Downloads are at the top of the page.

------------------------

Mozilla Firefox 24.0 Firefox out of Date! <----please check for an update if available.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter. (it may look like CF is re-installing but it's not)
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

Please download OTC to your desktop. (This will clean up most of the tools and logs)
http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")
Click on the CleanUp! button and follow the prompts.
(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)
You will be asked to reboot the machine to finish the Cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.

Note:
If you used FRST and can't delete the quarantine folder:
Download the fixlist.txt to the same folder as FRST.exe.
Run FRST.exe and click Fix only once and wait
That will delete the quarantine folder created by FRST.
The rest you can manually delete.

-------------------------------

Any questions...please post back.
If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again. (PM also found HERE)

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.