Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Huge problem!

15 Mar 2014   #51
kunoz

32 bit
 
 

log.txt: http://puu.sh/7wFXm.txt

The scanner took so long O: and it has found 9 threat.


My System SpecsSystem Spec
.
15 Mar 2014   #52
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Most of the threats were already in AdwCleaner's quarantine folder, but ESET picked up a few AdwCleaner didn't find.

Run one more to triple check your system. This is a scan only. Please post the scan results as you have been doing with the other scanners - thanks.

Download the Farbar Recovery Scan Tool (FRST) Click here
  1. Select the version that applies to your system: 32-bit OR 64-bit
    .
  2. Click the Save button
    Default save location is your Downloads folder
    If the SmartFilter bar is presented, click the Actions button and click Don't Run (saves FRST but does not run it)
    .
  3. Double-click FRST or FRST64 to launch the utility
    FRST is the 32-bit version / FRST64 is the 64-bit version
    1. Click the Yes button to confirm UAC
      .
    2. Click the Yes button on the Warranty disclaimer window.
      .
    3. Tick [a] all Whitelist checkboxes
      .
    4. Tick [a] Addition.txt in the Optional scan list
      .
  4. Click the Scan button to begin scanning.
    .
  5. FRST creates two logs when the scan has finished, they are located in the same folder where FRST was launched
Thanks
My System SpecsSystem Spec
15 Mar 2014   #53
kunoz

32 bit
 
 

Quote   Quote: Originally Posted by Slartybart View Post
Most of the threats were already in AdwCleaner's quarantine folder, but ESET picked up a few AdwCleaner didn't find.

Run one more to triple check your system. This is a scan only. Please post the scan results as you have been doing with the other scanners - thanks.

Download the Farbar Recovery Scan Tool (FRST) Click here
  1. Select the version that applies to your system: 32-bit OR 64-bit
    .
  2. Click the Save button
    Default save location is your Downloads folder
    If the SmartFilter bar is presented, click the Actions button and click Don't Run (saves FRST but does not run it)
    .
  3. Double-click FRST or FRST64 to launch the utility
    FRST is the 32-bit version / FRST64 is the 64-bit version
    1. Click the Yes button to confirm UAC
      .
    2. Click the Yes button on the Warranty disclaimer window.
      .
    3. Tick [a] all Whitelist checkboxes
      .
    4. Tick [a] Addition.txt in the Optional scan list
      .
  4. Click the Scan button to begin scanning.
    .
  5. FRST creates two logs when the scan has finished, they are located in the same folder where FRST was launched
Thanks
The scan was fast.

FRST: http://puu.sh/7x2tY.txt

Addition: http://puu.sh/7x2vN.txt
My System SpecsSystem Spec
.

16 Mar 2014   #54
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Hmmm, looks like a few more utilities then a call for more eyes.

Kaspersky Labs: TDSSKiller

1. Download the EXE Version, not the zip version

2. Select Save on the "Do you want to run or save ..." action bar
The default save location is your Downloads folder

3. Select Run on the "... download completed." action bar
4. Click Change parameters
Additional Options
Tick [a] Detect TDLFS File System
Tick [a] Use KSN to scan objects



Click: OK
5. Press: Start Scan

6 ... Next
6. Scan result actions:
a. TDSSKiller determines the best action for a threat and marks it in the Threats Detected window.
For this exercise, you want only CURE or SKIP as an action. Kaspersky TDSSKiller is very good at determining what action should be taken, but it's better to err on the side of caution. Let a member review the output and then advise you.

b.Skip any Suspicious object, confirm the action and then press Continue

c. Cure any Malicious object, confirm the action and then press Continue
Select Skip if Cure is not available. Do NOT select Delete as the object might be a system file.

d. Restart your machine to complete the TDSSKiller malware removal process.
The log file is placed on the homedrive (normally C:\) with the file naming convention:
TDSSKiller.Maj#. Min#. Bld#.Rev#_MM.DD.YYYY_HH.MM.SS_log.txt
Ex: C:\TDSSKiller.3.0.0.17_03.15.2014_12.03.49_log.txt

7. Attach the TDSSKiller log to a new post on your thread
See: Screenshots and Files - Upload and Post in Seven Forums

Thanks!
My System SpecsSystem Spec
17 Mar 2014   #55
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Please revisit post# 34

The FRST log shows many things that should have been cleaned up by following the recommendations in that post. Specifically, uninstalling applications with little or no value add (auto-updaters, Chrome, Google apps, SkypeclickToCall, Lightshot & Puush). All of these items can be reinstalled if you really need them later (any program you paid for might require a ley to reinstall - make sure you have that key before uninstalling).

SaveShare is still hanging in there even after the scan and cleans. I saw at least one 'version' (saaveeshaaree) of it, so it might be a real tricky bugger. The tools you have already used should have mitigated that threat. I'll suggest another utility after I see the TDSSKiller log.

FRST also shows remnant pieces of threats removed, this is where I'll need another pair of eyes - to completely clean up the pieces and to make sure I didn't miss something.

Bill
.
My System SpecsSystem Spec
17 Mar 2014   #56
kunoz

32 bit
 
 

Somehow i factory reset my computer, and the system perform pretty well lately. Also i delete the threat file, which help a lot better!
My System SpecsSystem Spec
18 Mar 2014   #57
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

A factory reset or clean install is another way to clean up malware - glad that your system is better.

Thank you for marking the thread solved.

Bill
.
My System SpecsSystem Spec
Reply

 Huge problem!




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
HUGE problem
Hey, i've got a pretty big problem. i wanted to replace shell32.dll file, but it didn't let me, so i changed some premission settings and now i can't get access to my local drive C: . i found some fixes, but i can't download them either because of no access or because UAC. i can't change UAC and...
General Discussion
Huge problem. help please ::)
Hello everyone. First off I'd like to say that english is not my first language so I might make some grammar or vocabular mistakes. Okay. I have an Hp pavilion 7. Amd dual core processor 2.4 ghz. It's not the best computer ever but it worked well until this morning. I turned it on, it went on...
BSOD Help and Support
A huge problem and need help.
Hello everyone. I'm new to this forum and this is my first post and I'm gonna post about my laptop problem. It all started (I don't remember when but it's this year) when the screen suddenly, I don't know how to describe it but it went crazy and then just freezes as I tried moving the pointer but...
Graphic Cards
Huge Problem
I have a huge and stupid problem with my Windows 7. I tried to install CyberLink PowerDVD today. It worked, but did not activate correctly, so i tried uninstalling with Revo Uninstaller. That also failed, so in the process i manually restarted my computer. Thing is, when i got back and logged...
BSOD Help and Support
Huge problem
I started my computer today and nothing works. Keyboard, mouse, usb ports, pci port that has the network card, nothing. The mouse is wireless the keyboard is usb. If I boot in to bios the keyboard works. I loaded an Ubuntu live cd and everything works just fine. But nothing in windows regular or...
BSOD Help and Support
HUGE problem
I think just ****ed over my entire computer somehow. I was using a program called Play Dota which downloads maps and runs Warcraft 3 from 1 program. Well, I dragged the icon into my libraries->games folder and it had no icon so I went to the program files->playdota folder and just grabbed the one...
Software


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 02:49.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App