Apparently my laptop decided to join the computer virus club. Please help!
Toshiba Satellite A505-S6980
Intel Core 2 Duo T6600
Windows 7 Home Premium 64-bit
ANY other user other than the thread starter is not to use any instructions, scripts or proceedures, The work though in cleaning a system is individual and only for that system due to a number of factors.
Please do not run any tools unless instructed to do so.
4. Cleanup (including system as a whole)
Please read every post completely before doing anything.
Do you have a Flash Drive??
Thank you for replying. Yes, I have a flash drive.
Read Slowly and all of it.
Please download http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/ You need to download the 64bit version.
Transfer it on to the Flash Drive.Enter System Recovery Options. To enter System Recovery Options from the Advanced Boot Options:
On the System Recovery Options menu you will get the following options:
Startup RepairSystem RestoreWindows Complete PC RestoreWindows Memory Diagnostic ToolCommand Prompt
Ok, here is the log.
Ok, it is uninstalled.
Did you use the Avast Removal tool (Utility) after uninstalling Avast??
I used the removal tool prior to uninsalling Avast.
Download the script attached, needs to be the same file name as well (fixlist.txt), Copy across to flash drive
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemNow please enter System Recovery Options again. Like previously
When I press fix, I get the message: No fixlist.txt found. The fixlist.txt should be made and saved in the same directory the tool is located.
I follow the previous directions exactly and the tool is still saved on my flashdrive and I use the flashdrive disk number.
The fixlist.txt should be right nest to FRST.exe on the flash drive.
Ok, here is the file.
Please read carefully Read all of this message first
Download Combofix http://www.bleepingcomputer.com/download/anti-virus/combofix
Right click the combofix.exe on the desktop and select from the menu "Run as Administrator"
****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.*EXTRA NOTES*
Here is the file.
services.exe has been fixed
step 4. (a)
Please read carefully and Slowly
Please scan with ESET next
I'd like us to scan your machine with ESET OnlineScan
If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.
Part 4. (b)
Download OTL http://www.bleepingcomputer.com/download/otl/
Disable Norton for say 30 minutes
Click the Scan All Users checkbox.
Change file age to 60 days
An OTL.txt and extras.txt will be created.
ESET Online Scanner
McAfee Security Scan
I have to script for the rest.
Ok, they are both uninstalled.
Unfortunately, with the amount of threads means the waiting time is longer, Norton continually Blocking files won't hurt your system but is is just annoying, Please wait and be patient. I am trying to keep up, spending hours here to script and clean machines on a first come/first served basis. If you or someone adds to your thread It will be pushed back in line due to the new update. I use the boards in reverse to what is seen
Watch what you are doing, you are illegal downloading etc on that system, and between the use of Combofix and OTL a Fake AV tried to install fully on your system
Start OTL, under Copy and paste the custom script attached which you open in for instance Notepad,(include the : at the start of :OTL and all the way to the end / bottom) and run the script. (Red Run Fix Button)
The output log, should be placed in the C:\ _OTL folder after.
I sincerely appreciate whatever help you can offer. I have the OTL log in place.
How is your system running now??
It's been doing fine so far I think, no pop-ups or malware or anything. Thank you.
Start OTL again but this time click the Black CleanUp button, then make sure the C:\_OTL folder is deleted.
After that you are free to go on your merry way. You are now fixed / Solved.
If you want Malwarebytes download the Free version to install and don't click the Trial button
If you want to, you can turn off System Restore wait for it to clear the Restore Points and then Turn it back on once you find all is happy. today, tomorrow whenever.
If you are experiencing an issue that needs urgent assistance please visit our customer support area:
There are currently 2 users online.