Please Assist, PC Problems Continue!

Discussion in 'Malware Help (A Specialist Will Reply)' started by dhs51, Aug 23, 2012.

  1. dhs51

    dhs51 Private E-2

    Hi MajorGeeks!

    I'm dhs51, a new forums member and have been experiencing some issues with my PC. I have diligently performed the Malware Removal Read and Run, although, I am not certain to have performed all steps to perfection. I put forth my effort, in earnest and am hoping one of you will bestow your brilliance upon my situation. Below, I am attaching the log files, as acquired through the "Read and Run.



    Thanks, in advance, to anyone and everyone! I'm trying to make advancements towards become more technically savvy and learn to better maintain my system. I will be very attentive and am eager to have a smooth, clean running pc! Have a terrific day!
     

    Attached Files:

    dhs51, Aug 23, 2012
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!
    You need to tell us what your problems are?

    I do see quite a large number of fake drivers/services in your TDSSkiller log but I need to understand the problems you are having.


    Also download and save a copy of combofix.exe and save it directly onto your Desktop folder.
    Then double click on it to run it. Do not disturb it by clicking in the window that opens or it may stall.
    After it finishes, it may reboot your PC. Attach the C:\combofix.txt log that it creates.

    If after running Combofix you discover none of your programs will open up because you receive the following error: Illegal operation attempted on a registry key that has been marked for deletion then you will need to reboot your computer which will normally fix this problem.
     
    chaslang, Aug 24, 2012
    #2
  3. dhs51

    dhs51 Private E-2

    Hello,

    Thanks for the rapid response to me post! The main issue is speed of operation or bogging down. Consulting the task manager, I notice to have between thirty-seven to forty processes running, way too many. I'm able to shut many of them down, bring the number to twenty-seven or so. However, I am unable to distinguish the locations of several processes, determine the origins or cease their operation. I obtained this pc, from my father, his technical skills are less than mine and mine are not without need of improvement. I know he had some issues and received remote technical assistance from a few different sources. Some of the methods to mitigate his problems resulted in several changes to the cpu name, the users data etc. I feel this to be the reason I'm unable to track or edit the functionality of these processes. I would like to remove or consolidate everything so I may better observe and protect my system, streamline it's efficiency, remove redundancies, delete duplicate services, files etc. I wish to make these changes before updating hardware, such as ram, to better gage the impact those changes exhibit. As you suggested, I downloaded and ran Combofix, it informed me of an issue with the system restore software, failed an attempt to reconcile, continued to scan, detected a major issue in Windows and rebooted. Unfortunately, I have been unable to locate the .log or .txt, if one was created. Thanks for your help, patience and knowledge!
     
    dhs51, Aug 24, 2012
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You had multiple antivirus programs running which is a no no!
    Microsoft Security Client
    AVAST Software

    Uninstall both of them and then reboot your PC. See if you can get ComboFix to run properly and create a log. If it does not work in normal bootmode, try safe boot mode.
     
    chaslang, Aug 24, 2012
    #4
  5. dhs51

    dhs51 Private E-2

    Hello Again! Thank you for your continued assistance and patience. Per your advice, I uninstalled the two programs, ran Combofix, in the end, I had to run it in safe mode but finally acquired the .log file. See attached, please. Is it advisable to avoid the internet until I hear back or is it safe to reinstall AVAST? In case you are not already aware, this was an XP Media Center Edition. I do have a Vista upgrade ready, after I upgrade my ram memory. Would you advise an attempt to simply upgrade or save files and install from a clean format; perhaps even a better suggestion? Thanks for all you've done and are still doing, I'm learning quite a bit as I follow your steps. I hope you will enjoy the Labor Day Weekend! Thanks!
     

    Attached Files:

    • log.txt
      File size:
      119.9 KB
      Views:
      1
    dhs51, Aug 31, 2012
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Yes it would be best to minimize your use until we get your PC fixed and then reprotected.

    Clean full installs are always better than upgrades?

    The below fix is going to be long since ( as mentioned earlier ) you have so many malware drivers/services to remove.


    Now we need to use ComboFix to remove a bunch of malware files.
    • Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
      • If it is not on your Desktop, the below will not work.
    • Also make sure you have shut down all protection software (antivirus, antispyware...etc) or they may get in the way of allowing ComboFix to run properly.
    • If ComboFix tells you it has expired or need to be updated to a new version, make sure you allow it to update.
    • Open Notepad and copy/paste the text in the below quote box into it:
    • Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
    • At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
    • You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
    • Now use your mouse to drag CFscript.txt on top of ComboFix.exe
    • Follow the prompts.
    • When it finishes, a log will be produced named c:\combofix.txt
    • I will ask for this log below
    Note:

    Do not mouseclick combofix's window while it is running. That may cause it to stall.

    If after running Combofix you discover none of your programs will open up because you recieve the following error: Illegal operation attempted on a registry key that has been marked for deletion then you will need to reboot your computer which will normally fix this problem.


    Now download the current version of MGtools and save it to your root folder. Overwrite your previous MGtools.exe file with this one.

    Run MGtools.exe ( Note: If using Vista or Win7, make sure UAC is still disabled. Also don't double click on it, use right click and select Run As Administrator )

    Now attach the below log:
    • C:\ComboFix.txt
    • C:\MGlogs.zip
    Make sure you tell me how things are working now!
     
    chaslang, Sep 1, 2012
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds