Cryptic Trojan Horse
- Thread starter paultess
- Start date
- Status
- Oct 5, 2012
- 2,697
Cool 
Please run the following utility so that I can get a log of your system...
STEP 1 : Run a scan with Combofix
Download ComboFix from one of the following locations:
COMBOFIX DOWNLOAD LINK #1 (This link will automatically download Combofix on your computer)
COMBOFIX DOWNLOAD LINK #2 (This link will automatically download Combofix on your computer)
----------------------------------------------------------------
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
<ul>
<li>Close any open browsers.</li>
<li>Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
<>Very Important!</> Temporarily <>disable</> your <>anti-virus</>, <>script blocking</> and any <>anti-malware</> real-time protection <em><>before</></em> performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause <em>"unpredictable results"</em>.</li>
<li><>WARNING: Combofix will disconnect your machine from the Internet as soon as it starts</>.Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.</li>
</ul>
-----------------------------------------------------------------
How to run the Combofix scan :
Additional notes:
<ol><li> Do not mouse-click Combofix's window while it is running. That may cause it to stall.</li>
<li> Do not "re-run" Combofix. If you have a problem, reply back for further instructions.</li>
<li> If after the reboot you get errors about programms being marked for deletion then reboot, that will cure it.</li></ol>
<hr />
Please run the following utility so that I can get a log of your system...
STEP 1 : Run a scan with Combofix
Please read and follow very carefully the below instructions
Download ComboFix from one of the following locations:
COMBOFIX DOWNLOAD LINK #1 (This link will automatically download Combofix on your computer)
COMBOFIX DOWNLOAD LINK #2 (This link will automatically download Combofix on your computer)
----------------------------------------------------------------
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
<ul>
<li>Close any open browsers.</li>
<li>Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
<>Very Important!</> Temporarily <>disable</> your <>anti-virus</>, <>script blocking</> and any <>anti-malware</> real-time protection <em><>before</></em> performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause <em>"unpredictable results"</em>.</li>
<li><>WARNING: Combofix will disconnect your machine from the Internet as soon as it starts</>.Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.</li>
</ul>
-----------------------------------------------------------------
How to run the Combofix scan :
- Double click on ComboFix.exe & follow the prompts.
- Accept the disclaimer and allow to update if it asks
- When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.
Additional notes:
<ol><li> Do not mouse-click Combofix's window while it is running. That may cause it to stall.</li>
<li> Do not "re-run" Combofix. If you have a problem, reply back for further instructions.</li>
<li> If after the reboot you get errors about programms being marked for deletion then reboot, that will cure it.</li></ol>
<hr />
Last edited by a moderator:
Combofix stopped working...another program was interfering. Windows didn't stop the other program.
I tried to start google to reply to you but it would not open. I have IE - that would not start. The windows icon at the bottom left of the screen would not funtion. The windows button on the keyboard didnt work.I received a message regarding 'Conduit' tool bar? Never heard of it. I tried to restart the computer...it would not and I had to turn power off.
I tried to start google to reply to you but it would not open. I have IE - that would not start. The windows icon at the bottom left of the screen would not funtion. The windows button on the keyboard didnt work.I received a message regarding 'Conduit' tool bar? Never heard of it. I tried to restart the computer...it would not and I had to turn power off.
- Oct 5, 2012
- 2,697
If you are still not able to run Combofix, shall we try to do one System Restore on your computer. ?
System Restore helps you restore your computer's system files to an earlier point in time. It's a way to undo system changes to your computer without affecting your personal files, such as e-mail, documents, or photos.
Before you start System Restore, save any open files and close all programs. System Restore will restart your PC.
Now your compute will restart automatically. It will take some time to complete the system restore point . After completing the restore point successfully you will get a confirmation message as below.
After completing the system restore please try to work on your computer. Check if you are able to access the Internet now.
System Restore helps you restore your computer's system files to an earlier point in time. It's a way to undo system changes to your computer without affecting your personal files, such as e-mail, documents, or photos.
Before you start System Restore, save any open files and close all programs. System Restore will restart your PC.
- Open System Restore by clicking the Start button
Picture of the Start button. In the search box, type System Restore, and then, in the list of results, click System Restore.
Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
- If You Have Not Done a System Restore Before.
Click on the Next button. (see screenshot below)
- If You Have Not Done a System Restore Before
Select (dot) Choose a different restore point, and click on the Next buton. (see screenshot below)
- Select a restore point where your computer was working fine before.
NOTE: Check the Show other restore points box to see any restore points (older) that may not be listed here.
Click on the Next button. - Click on the Finish button. (see screenshot below)
NOTE: The listed drives here will be restored back to how they were for the selected restore point.
Click on the Next button. - Click on Yes to confirm.
Now your compute will restart automatically. It will take some time to complete the system restore point . After completing the restore point successfully you will get a confirmation message as below.
After completing the system restore please try to work on your computer. Check if you are able to access the Internet now.
Sorry about the delay. Combofix indicated it might take longer, I ran in safe mode for an hour - it was working but did nothing.
Again when I tried to re-start from safe mode I had tp turn the machine off.
System restore is what alerted me to the problem in the first place. The computer was not creating start points, dates only went back 4-5 days.
Again when I tried to re-start from safe mode I had tp turn the machine off.
System restore is what alerted me to the problem in the first place. The computer was not creating start points, dates only went back 4-5 days.
- Oct 5, 2012
- 2,697
Okay... Please Click on Start Menu --> Control Panels --> Add or remove user accounts --> Create a new account.
Create one User Account as Computer Administrator... See More Details here...
After that restart the computer and login to new user accounts and check how it is working.......
Create one User Account as Computer Administrator... See More Details here...
After that restart the computer and login to new user accounts and check how it is working.......
There are 6 versions of AVG2012 installed????
When I try to remove them it indicates I need a 2012 disc.
For the other - Services "SBSD Security Centre Service" failed to uninstall - syst. error 1060.
Then a message saying Service successfully uninstalled.
I am logging out and in.
When I try to remove them it indicates I need a 2012 disc.
For the other - Services "SBSD Security Centre Service" failed to uninstall - syst. error 1060.
Then a message saying Service successfully uninstalled.
I am logging out and in.
Spybot still pops up.
I cant find it with 'search' or with the uninstall in windows or Advanced uninstaller pro.
I cant find it with 'search' or with the uninstall in windows or Advanced uninstaller pro.
- Oct 5, 2012
- 2,697
STEP 1: Download and Run Windows Repair (all in one)
Download Windows Repair (all in one)
Download Windows Repair (all in one)
- Install the program then run it.
- Go to step 2 and allow it to run Disc check by clicking Do It
- Go to step 3 and allow it to run SFC
- Go to start repairs tab select advanced mode and click start.
- Check the box next to "Restart/Shutdown system when finished" and ensure the following is checked along with the default checks
- Reset File Permissions
- Register System Files
- Repair WMI
- Remove Policies Set By Infections
- Remove Temp Files
- Then click Start.
Windows goes through a not responding phase...closes down. Same with windows mail.
Links in your email for example have no associated program to complete the action.
Links in your email for example have no associated program to complete the action.
- Oct 5, 2012
- 2,697
Can you please try to run a scan with Farbar Recovery Scan Tool. You will need a USB (Flash) pendrive.
For x32 (x86) bit systems download Farbar Recovery Scan Tooland save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
For x32 (x86) bit systems download Farbar Recovery Scan Tooland save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.
Plug the flashdrive into the infected PC.
Enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
- Restart the computer.
- As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
- Click on Repair your computer menu item.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account and click Next.
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
- Select Command Prompt
- In the command window type in notepad and press Enter.
- The notepad opens. Under File menu select Open.
- Select "Computer" and find your flash drive letter and close the notepad.
- In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive. - The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.
Yes, but it will have to later tonight or first thing tomorrow.
I havn't thanked you for all this effort you are making, but I really appreciate it.
I havn't thanked you for all this effort you are making, but I really appreciate it.
- Status
Similar threads
- Locked
