Jump to content

Virus


Recommended Posts

Thanks for those logs, run the following:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

user posted image
Download Dr Web Cureit from here http://www.freedrweb.com/cureit save to your desktop. (Scroll to bottom of page)
 
  • The file will be randomly named
  • Reboot to safe mode <<<<<------------ http://www.computerhope.com/issues/chsafe.htm
  • Run Dr Web
  • Tick the I agree box and select continue
  • Click select objects for scanning
    user posted image
     
  • Tick all boxes as shown
  • Click the wrench and select automatically apply actions to threats

    user posted image
     
  • Press start scan
  • The scan will now commence

    user posted image

     
  • Once the scan has finished click open report <<<--- Do not miss this step

    user posted image

     
  • A notepad will open
  • Select File > Save as..
  • Save it to your desktop


This log will be excessive, Please attach it to your next reply…

Let me see those logs in your reply, also tell me if there is any improvements...

Thank you,

Kevin...

 

Fixlist.txt

Link to post
Share on other sites

  • Replies 53
  • Created
  • Last Reply

Top Posters In This Topic

Delete DrWeb from your Desktop, boot your System to Normal mode. Try DrWeb as follows:

user posted image
  • Please download Dr.Web CureIt! antivirus and save it to your Desktop. The file size is in excess of 100MB (scroll to bottom of page for free version)
  • NOTE: Free usage of Dr.Web CureIt! for business purposes is illegal.
  • Internet Explorer may show a warning when downloading - the file is safe to download from the provided link.
  • Shutdown your antivirus to avoid any conflicts while scanning.
  • Once the scans have completed please re-enable your antivirus.
  • If using Malwarebytes Anti-Malware PRO you can right click over the tray icon and disable the Protection Modules
  • If needed you can also temporarily disable it from starting with Windows
  • Temporarily turn off any other security add-ons or applications you may also have.
  • Once you have downloaded Dr.Web CureIt! you should right click over it and choose Properties and verify it has a Digital Signature.
  • If it does not have a Digital Signature then do not run it.
  • Close all open programs including all Web browsers and then double-click on drweb-cureit.exe to start the installer.
  • You should have your User Account Control (UAC) enabled for improved security and which should then produce a dialog box asking for approval to run the installer.
  • Click on the Yes button to start the installer.
  • Click OK to scan your computer in the Enhanced Protection Mode
  • Click on the check box to agree to participate in their software improvement program.
  • Then if needed choose your Language by clicking on the small globe like icon in the upper right corner by the wrench.
  • Then click on the Continue button and then click on the Select objects for scanning link just below the "Start scanning" button.
  • Place a check mark on all the items except for Temporary files and System restore points - those items should not have a check mark on them.
  • Then click on the Start scanning button.
  • If a threat is found you can click on the Action column in the program.
  • Your options will be Cure or Ignore
  • If you see an item that you are absolutely sure is OK, then un-check the check box for that item, otherwise keep it on Cure.
  • Then click on the Neutralize button.
  • Once completed click on the green Open Report link. It will open the report in NOTEPAD
  • Save the report to your desktop. The report will be called Cureit.log
  • Close Dr.Web Cureit!
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, attach the log Cureit.log you saved previously in your next reply.
  • Re-Enable your antivirus and other security programs when all done.
Link to post
Share on other sites

Notice it is taking a long time to reboot the main screen will come up and it will just sit there before the taskbar icons all come up. Okay and i have it running now and assume this will be another long one.  I also noticed compared to the first doctor when you sent me this one had me un  check temporary files and system restore which I did I hope that is correct if so if then I will get back to you when it's finished if not tonight if it's late tomorrow depending on how long it takes

Edited by Donna67
Link to post
Share on other sites

If you have the DrWeb log zip it up and try to attach again.... Right click on the file, select > send to > Compressed (zipped) folder..

What is the current status of your system, are there any remaining issues or concerns...

Thank you,

Kevin..

Edited by kevinf80
Typng error
Link to post
Share on other sites

Attached is the compressed file.  The system is still freezing up at times, even though it is better than it was a few days ago.   I have noticed in task manager that the % of cpu, memory and disk are fluctuating alot.  Last night i had nothing open and they where running at 8,23,54 then to 6,4,61 showing service host:localsystem retricted at the top of the list.   Also under startup programs, it showed 3 services running under the name of "program" which i had never noticed before.  I disabled them, rebooted and still had these percent number 6,20,53.  This morning when I awoke, my silhouette program was froze and and had to end task to get out.  Internet this morning is very sluggish.  I have 12 gb of ram, and it used to run alot faster than it is.  

Thanks for your help

 

cureit.zip

Link to post
Share on other sites

That log is clean, continue as follows please:

Select the Windows key and X Key together. From the produced list select::

Command Promt (Admin)

Accept UAC alert...

At the Command prompt, type

CHKDSK C: /R

hit the Enter key.

You will get a message that the drive cannot be locked, but that the command can be scheduled to run at the next boot - hit the Y key, press Enter, and then reboot.

The CHKDSK may take a few hours depending on the size of the drive, so be patient!

After the CHKDSK has run use the following instructions to find the log:

Check Disk report:
 
  • Press the WindowsKey + R on your keyboard at the same time. Type eventvwr into the run box and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, (expand the drop down arrow) check only Wininit and click OK.
  • You mayl be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.


Next,

Select the Windows key and X Key together. From the produced list select::

Command Promt (Admin)

At the Command prompt, type

SFC /SCANNOW

hit the Enter key

Wait for the scan to finish - make a note of any error messages - and then reboot.

Copy the CBS.log file created (C:\Windows\Logs\CBS\CBS.log) to your desktop (you can't manipulate it directly) and then compress the copy and upload the zip file to your reply.

Let me see those logs, also tell me if there is any improvement..

Thank you,

Kevin

 

Link to post
Share on other sites

Download and run SFCFix

Please download and run SFCFix from here: www.sysnative.com/niemiro/apps/SFCFix.exe

It will take about 15 minutes to process. You will be prompted to select any key to continue several times, Please do so

Once the scan has completed a notepad file called SFCFix.txt will launch with the results.

Please copy or attach that file to your reply...
 
Let me see that log, also give an update on the status of your PC, any remaining issues, concerns etc...

 

Link to post
Share on other sites

Yes, it has improved alot.  I have on program that likes to stall or freeze alot.  It is silhouette design studio but that probably is being caused by something else than this virus, not sure what.  I haven't acutally been on it much in the last couple of days so if i notice anything i will let you know.  Is there anything else I need to do?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.