kaspersky rescue not finding threats

[clydewine]

On your clean PC, download the following file by right-clicking it and select save as

fixlist.txt

and save it onto your flash drive.

Then, boot to REATOGO, plug in your flash drive, open FRST and click fix. Post the generated log.

Attempt to boot normally.

I have a successful bootup into windows. Here is the fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-12-2013
Ran by SYSTEM at 2013-12-11 10:54:49 Run:1
Running from G:\
Boot Mode: Recovery
==============================================
Content of fixlist:
*****************
HKLM\...\Run: [ATT-SST_UninstallTracking] - C:\Users\Clyde\AppData\Local\Temp\InstallHelper.exe /uninstalltrackingvendor=ATT-SST <===== ATTENTION
C:\Users\Clyde\AppData\Local\Temp\InstallHelper.exe
HKLM\...\Run: [ErrorWiz] - C:\ErrorWiz\ErrorWiz.exe /scan
C:\ErrorWiz
Startup: C:\Users\Clyde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7tllf4bj.lnk
ShortcutTarget: 7tllf4bj.lnk -> C:\ProgramData\jb4fllt7.dss (Microsoft Corporation)
Startup: C:\Users\Clyde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodfdwfr.lnk
ShortcutTarget: bodfdwfr.lnk -> C:\ProgramData\rfwdfdob.dss (Microsoft Corporation)
S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [387072 2011-01-28] (Spigot, Inc.)
C:\Program Files\Application Updater
2013-12-05 12:53 - 2013-12-05 12:53 - 00000285 _____ C:\ProgramData\bodfdwfr.reg
2013-12-05 12:52 - 2013-12-11 04:18 - 95025368 ____T C:\ProgramData\bodfdwfr.bxx
2013-12-05 12:52 - 2013-12-11 04:18 - 95025368 ____T C:\ProgramData\7tllf4bj.bxx
2013-12-05 12:52 - 2013-12-11 04:17 - 00000000 _____ C:\ProgramData\bodfdwfr.fvv
2013-12-05 12:52 - 2013-12-11 04:17 - 00000000 _____ C:\ProgramData\7tllf4bj.fvv
2013-12-05 12:52 - 2013-12-05 12:52 - 00206336 _____ (Microsoft Corporation) C:\ProgramData\rfwdfdob.dss
2013-12-05 12:52 - 2013-12-05 12:52 - 00205312 _____ (Microsoft Corporation) C:\ProgramData\jb4fllt7.dss
C:\Users\Clyde\AppData\Local\Temp
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ATT-SST_UninstallTracking => Value deleted successfully.
"C:\Users\Clyde\AppData\Local\Temp\InstallHelper.exe" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ErrorWiz => Value deleted successfully.
"C:\ErrorWiz" => File/Directory not found.
C:\Users\Clyde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7tllf4bj.lnk => Moved successfully.
C:\ProgramData\jb4fllt7.dss => Moved successfully.
C:\Users\Clyde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bodfdwfr.lnk => Moved successfully.
C:\ProgramData\rfwdfdob.dss => Moved successfully.
Application Updater => Service deleted successfully.
C:\Program Files\Application Updater => Moved successfully.
C:\ProgramData\bodfdwfr.reg => Moved successfully.
C:\ProgramData\bodfdwfr.bxx => Moved successfully.
C:\ProgramData\7tllf4bj.bxx => Moved successfully.
C:\ProgramData\bodfdwfr.fvv => Moved successfully.
C:\ProgramData\7tllf4bj.fvv => Moved successfully.
"C:\ProgramData\rfwdfdob.dss" => File/Directory not found.
"C:\ProgramData\jb4fllt7.dss" => File/Directory not found.
C:\Users\Clyde\AppData\Local\Temp => Moved successfully.
==== End of Fixlog ====

 

[TwinHeadedEagle]

I have a successful bootup into windows

You see that we made it

Let's make another check for remnants:

1. Please download ComboFix by sUBs from here and save it to your Desktop.
If you are unsure how ComboFix works please read this guidehttp://www.bleepingcomputer.com/combofix/how-to-use-combofix carefully.
Note: ComboFix must be downloaded to your Desktop.

--------------------------------------------------------------------
2. Temporarily disable your AntiVirus program.
If you are unsure how to do this please read http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.htmlthis or this Instruction.


Note: Do not forget to turn on this option after the cleaning.

--------------------------------------------------------------------
3. Run ComboFix. Click on I Agree!

ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
Note:Do not mouse-click Combofix's window while it is running.
If you see a message like "Illegal operation attempted on a registry key that has been marked for deletion" just restart computer once more.

--------------------------------------------------------------------
4. When the tool is finished, it will produce a log report for you. (typical location: C:\ComboFix.txt )
Attach log reports ( ComboFix.txt) back to topic.

 

[clydewine]

You see that we made it

Let's make another check for remnants:

1. Please download ComboFix by sUBs from here and save it to your Desktop.
If you are unsure how ComboFix works please read this guide carefully.
Note: ComboFix must be downloaded to your Desktop.

--------------------------------------------------------------------
2. Temporarily disable your AntiVirus program.
If you are unsure how to do this please read this or this Instruction.


Note: Do not forget to turn on this option after the cleaning.

--------------------------------------------------------------------
3. Run ComboFix. Click on I Agree!

ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
Note:Do not mouse-click Combofix's window while it is running.
If you see a message like "Illegal operation attempted on a registry key that has been marked for deletion" just restart computer once more.

--------------------------------------------------------------------
4. When the tool is finished, it will produce a log report for you. (typical location: C:\ComboFix.txt )
Attach log reports ( ComboFix.txt) back to topic.

I am so happy to get my computer back. You are awesome. My virus software let this thing in. Can you recommend a good program?
Thank you very much ! Can I pay you guys for your service?

 

[TwinHeadedEagle]

Your PC is now clean

My virus software let this thing in. Can you recommend a good program?

No one antivirus is able to block all threats, simply huge number of threats is on the internet every day, and simply there is no time for antivirus companies to put them all in their database. As I saw you don't have antivirus on your system, so please install it immidiately.

We need to remove used software:


Please download DelFix by "Xplode" to your Desktop.

Run the tool and check the following boxes below;

• Remove disinfection tools
• Create registry backup
• Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

> I don't need DelFix log report.

Can I pay you guys for your service?

My help is always free, but if you wish to make a donation to show your appreciation, then click the button below. Thank you

​

 

[clydewine]

Your PC is now clean




No one antivirus is able to block all threats, simply huge number of threats is on the internet every day, and simply there is no time for antivirus companies to put them all in their database. As I saw you don't have antivirus on your system, so please install it immidiately.

We need to remove used software:


Please download DelFix by "Xplode" to your Desktop.

Run the tool and check the following boxes below;

• Remove disinfection tools
• Create registry backup
• Purge System Restore

Now click on "Run" button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

> I don't need DelFix log report.





My help is always free, but if you wish to make a donation to show your appreciation, then click the button below. Thank you

​

I'm trying to Donate but paypal says Serbia accounts can not recieve funds. What's up with that?

 

[TwinHeadedEagle]

Never mind, there are some difficulties. You're very welcome