Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

malware ? frst attached. computer grinds to a halt not sure if still

malware frst

  • This topic is locked This topic is locked

#46
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

Oki think I got it.

Says using image : vista32rc at bottom of my rufus now.

Lets see what happens
  • 0

Advertisements


#47
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That is correct
  • 0

#48
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Ok I misunderstood the term iso icon. Got an error message after running rufus. Try to boot thru usb thru bios and got same old desktop. maybe ill try a differw by stick.
  • 0

#49
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts
Using rufus 2.1 and not 2.1p
  • 0

#50
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

What error message do you get


  • 0

#51
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

the usb boot worked.

 

then ran the frst scan then did the fix.

 

ill go run the scan again.

 

little or no improvement in normal boot.

 

thx

 

 

 

 

 

 

 

 

Attached Files


  • 0

#52
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Download the attached fixlist.txt to the USB



Start FRST as before
Press Fix
On completion boot to normal mode and run a fresh FRST scan
  • 0

#53
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

are u able to list this fix ?   i have better luck with copy and past than wth downloads.

 

thx


  • 0

#54
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

 

HKU\ron\...\Winlogon: [Shell] C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\cable_tv\a_weighted_db_levels.exe,explorer.exe <==== ATTENTION
2015-03-31 11:47 - 2015-04-03 10:06 - 00000000 ___HD () C:\ProgramData\{49A0BAC7-3326-4433-9373-4AA8793ABB5C}
2015-03-23 06:31 - 2015-03-27 06:43 - 00000000 ____D () C:\ProgramData\xkbhv
2015-03-19 09:18 - 2015-03-19 09:18 - 00000000 ____D () C:\Program Files\Coupons
C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj\cable_tv

Her you go


  • 0

#55
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

i think its running much better.

 

attached.

 

 

 

Attached Files

  • Attached File  FRST.txt   22.26KB   133 downloads

  • 0

Advertisements


#56
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you run a fresh FRST scan please as that is the old one

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • Press Scan button.
    frst.JPG
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach both logs generated.

  • 0

#57
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

ahhh attached the one from usb driver.

 

 

 

 

 

 

 

seems back to its old self.

 

 

Attached Files


  • 0

#58
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A few minor pieces to kill now :) I would recommend that you keep the USB with the recovery console on it just in case.
Also it may be worth you looking at this thread and consider making system backups http://www.geekstogo...t-imaging-tool/

Any further problems evident ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
2015-04-01 16:41 - 2015-04-03 08:20 - 00000000 ___HD () C:\Users\ron\AppData\Roaming\B4563337
2015-04-01 16:41 - 2015-04-01 16:41 - 00000000 _____ () C:\Users\ron\Desktop\HijackThis.exe.imk0clb.partial
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
  • 0

#59
Marcus1122

Marcus1122

    Member

  • Topic Starter
  • Member
  • PipPip
  • 42 posts

seems to be back to usual.

 

 

does have about 50 processes running at bootup.

 

 

 

 

Attached Files


  • 0

#60
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
One final sweep for orphans and then we should be done :)

Is that the normal number of processes that you have running ?

Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Ensure that "Enable free trial of Malwarebytes Anti-Malware Premium" is unchecked
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

To access logs from Malwarebytes Anti-Malware 2.0:

mbamlogs.JPG

1.Open Malwarebytes Anti-Malware 2.0
2.Click History > Application Logs
3.Double-click the log you would like to open

Scan Logs record detections from manual scans, including threats detected and the actions taken against them

To save a Scan Log:

1.Open the log file you would like to save
2.Click Export
3.Choose to export to a .txt
4.Choose a folder to save the log file in, then click Save
5.Post that log here
  • 0






Similar Topics


Also tagged with one or more of these keywords: malware, frst

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP