PhillyGuy Posted January 30, 2015 ID:934486 Share Posted January 30, 2015 Hey Guys,Yesterday I was here for help removing CryptoWall 3.0, and now I appear to have been infected with a virus called ICSPA.Facts- After removal yesterday I only downloaded Comodo Anti-virus (Free) and Comodo Internet Security (Free). - When I booted this morning, I received the error "Rundll32 Has Stopped Working)- Did some research, and one solution was to remove recently DL programs. Was able to delete the Comodo Internet Security, but not the Anti-virus.- In the process of doing so, I ran CCleaner and Malware, and nothing was found- While trying to delete the Anti-virus, and after a few restarts, as my computer is running very slow, I was brought to a Lock screen that stated it was from the ICSPA and that my computer computer was locked due to illegal software (Dont have any).- After a few repeats after restarts, I looked up a solution and part of it was to run Malwarebytes in Safe Mode, which would get partially through and my comp will shut down- I can boot into Safe Mode, but after doing certain tasks (i.e. Running MB, being on Chrome too long, it either brings up the same lock screen or shuts down.- Sometimes after a shut down, I can't restart it for a few minutes.I'm WAY over my head here! Please help! Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted January 30, 2015 ID:934488 Share Posted January 30, 2015 Hello, We will have to work outside windows to try to fix your problem: Please download Farbar Recovery Scan Tool and save it to a flash drive.Plug the flashdrive into the infected PC.Restart your computer and tap F8 to bring up the Advanced Menu, then click Repair your computerFollow the prompt to enter keyboard input method, and then the prompt to enter a password. If the machine does not have a password, simply click Enter.In the Choose Recovery Tool menu select Command Prompt.You will see a big black window with a blinking cursor (command prompt). Access the notepad and identify your USB drive In the Command Prompt please type in:notepadand press Enter.When the notepad opens, go to File menu.Select Open.Go to Computer and search there for your USB drive letter.Note down the letter and close the notepad. Scan with Farbar Recovery Scan Tool Once back in the command prompt window, please do the following:Type in e:\frst.exe and press Enter.You need to replace e with the letter of your USB drive taken from notepad!FRST will start to run. Give him a minute or so to load itself.Click Yes to Disclaimer.In the main console, please click Scan and wait.When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile. Transfer it to your clean machine and include it in your next reply. Link to post Share on other sites More sharing options...
PhillyGuy Posted January 30, 2015 Author ID:934523 Share Posted January 30, 2015 Alright, complete. See the attached file, and let me know if that wasnt what you wanted.Thanks for the help! Link to post Share on other sites More sharing options...
PhillyGuy Posted January 30, 2015 Author ID:934526 Share Posted January 30, 2015 Alright, complete. See the attached file, and let me know if that wasnt what you wanted.Thanks for the help!OopsFRST.txt Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted January 30, 2015 ID:934529 Share Posted January 30, 2015 Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt >> Boot into Recovery Environment Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens .... Press the Fix button once and wait. FRST will process fixlist.txt When finished, it will produce a log fixlog.txt on your USB flashdrive.>> Exit out of Recovery Environment and post me the log please. Try to boot Windows normally...fixlist.txt Link to post Share on other sites More sharing options...
PhillyGuy Posted January 30, 2015 Author ID:934547 Share Posted January 30, 2015 Sorry for the delay, I only have my tablet here, which would DL the fixlist.txt file you posted, so I had to run out to find a PC that would let me. I ran the file, restarted the machine, and was able to, albeit slowly, remove the rest of Comodo. After a second restart, I got no errors or pop ups when I logged on.See the attached file you requested, and let me know if there is anything else I should do!Thanks for your help!Fixlog.txt Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted January 30, 2015 ID:934611 Share Posted January 30, 2015 How is your PC now? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted February 4, 2015 Root Admin ID:936057 Share Posted February 4, 2015 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts