tpkyteroo Posted June 19, 2017 ID:1136747 Share Posted June 19, 2017 (edited) 1. Malwarebytes did find and quarantined Trojan.Siredef.C. The file was found in the recycle bin. Do not know if I or the trojan put it in the recycle bin. 2. Sogou we did get deleted (Windows "experts" helped me, but still have errors due to they didn't quite do it right.) Note the system errors. Sogou should not exist at all, and should not be a system that starts. It should be completely off my computer in all ways it could manifest itself. Windows people did NOT get rid of sogou! I looked to uninstall Tor, as I don't use it anyway, and found Sogou. That means that I might have to go to Windows and have them to a fresh install but they won't do windows 7 with my luck. I don't want windows 10 because its too confusing and everything is moved plus windows 10 insist on instantly shutting down computer when an update requires it, forcing you to lose data. OTOH, maybe I'd be able to sue them and make millions. ROFL Doubt it! 3. Note that https://www.abuseipdb.com/check/192.168.1.126 IS a vicious IP address! And found within my system errors file. 4. Note that I did change my passwords but I understand that I will be changing them again. Thanks! Going to bed now and will look at this in the morning. Yes, I back up everything windows does NOT find a save point even though other tool did find one. I have farbar files attached. Addition.txt FRST.txt MbabSCAN-7-18-17.txt Edited June 19, 2017 by tpkyteroo forgot to add in all the files. Link to post Share on other sites More sharing options...
tpkyteroo Posted June 19, 2017 Author ID:1136753 Share Posted June 19, 2017 Note that if I don't respond by 1pm CST, then you can assume that I had to bring computer to Windows to delete the entire OS and reinstall it from scratch. I am shutting down computer and turning off wi-fi is why I say this. I don't know if I'll be able to get back into my computer or not. Thanks! And no, I did not run jre, adwcleaner or anything else. Thanks! Link to post Share on other sites More sharing options...
tpkyteroo Posted June 19, 2017 Author ID:1136851 Share Posted June 19, 2017 I did run AdwCleaner, and it did find one suspicious thing in my Chrome browser, and 6 other things. I did press clean too. That one thing is an extension that probably is related to sogou pinyin or qq dot com's version of pinyin device. It is also something that Windows team did not get removed. JRT I closed because it hung on on the 2nd step where it was looking for a backup point. The problem is the most valid backup point would have been May 21, 2017, a file that does not exist. If Sogou or that extension comes back, then I'll seriously look at just wiping computer and reinstalling OS. Anyway, I'll now stop replying and wait for the true experts. (Windows team is not experts, in my opinion because Sogou should have already been gone for good). Thanks! AdwCleaner[C4].txt Link to post Share on other sites More sharing options...
tpkyteroo Posted June 22, 2017 Author ID:1137750 Share Posted June 22, 2017 UPDATE: Turns out I had the kooobface worm on my computer. I could see it in the registry. I had Windows experts wipe my computer and reinstall everything. I know no one got to me, but this can be closed now. I felt that other people had more pressing issues. I also did not know at that time I had a worm orginating out of Russia, originally. Thanks! Link to post Share on other sites More sharing options...
Aura Posted August 29, 2017 ID:1158342 Share Posted August 29, 2017 Hi tpkyteroo Sorry that no one was able to assist you until now, however I'm glad to know that your issue has been solved and that you managed to solve it. Stay safe! Link to post Share on other sites More sharing options...
Recommended Posts