[TangentMedia]

Is this legit?

[Advertisements]

That is the Trojan. You can close those windows so you can work on it? If unable to close these windows, try throughout the Task Manager.

Are you able to download Combofix and run it?

[JSntgRvr]

That is the Trojan. You can close those windows so you can work on it? If unable to close these windows, try throughout the Task Manager.

Are you able to download Combofix and run it?

[JSntgRvr]

Follow on my instructions and you should not have a problem.

[JSntgRvr]

Are you able to run Combofix.

[TangentMedia]

Yes, combofix is on the desktop. However, I can't launch Task manager or any other program. It just pops up another waring window. So i am unable to disable Microsoft Security Essentials.

Rebooting now in Safe Mode to see if i can get any further.

[TangentMedia]

Okay. I was able to login in SAFE MODE and launch the Task Manager right away and kill the fcj.exe*32 and that shut down the trojan windows. But when I launched MSE to disable it, it instead relaunched fcj.exe*32. So I am not sure how to disable MSE since I cannot open it to disable it.

[TangentMedia]

I can try to run combofix. But your instructions say it is VERY important to disable my anti-virus software and MSE is on the list.

[TangentMedia]

I am still in Safe Mode. I *can* launch ComboFix.exe. It goes to the Disclaimer Page. I have not gone further. At the same time I successfully launched ComboFix, the fcj.exe*32 launched. I killed it from the Task Manager.

Should I proceed with ComboFix?

If Yes, then should I kill the fcj.exe*32 whenever it appears in the task manager as ComboFix runs?

[TangentMedia]

I'm going to try from Normal Mode.

[JSntgRvr]

Ok Stop what you are doing. Don't use the computer in Normal or safe mode anymore until we check that drive from an external environment.

I am testing Testdisk in My computer as we missed a deeper scan during the process. I want to make sure my instructions are correct.

Meanwhile, Run a FRST scan from the Repair Console and post its report.

[TangentMedia]

Too late. I already started running ComboFix from Normal mode, despite warnings that MSE is running. It's crunching now... just completed Stage 3. Should i power off the computer in the middle of it?

[TangentMedia]

Okay. ComboFix finished. It did not ask me to Install the Recovery Console. It rebooted and generated the attached report; however, i changed my last name in the report to Zxx so my surname doesn't end up in google.


ALSO, I cannot seem to open any programs. I get this error message (see attached picture).

"Illegal operation attempted on a registry key that has been marked for deletion."

How do I fix this?

Attached Thumbnails

• 

Attached Files

•  ComboFix.txt   23.9KB   340 downloads

[TangentMedia]

Okay. I shutdown. Windows installed 13 updates. Reboot to normal mode seemed to take a long time. Programs all seem to be opening fine. No sign of a virus.

[TangentMedia]

Firefox and thunderbird are running fine. Everything seems snappy. Are there any other steps we need to do?

[TangentMedia]

I will be back in about 2 or 3 hours. Let me know what is next. Thanks!!!