Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 28, 2014 9:52:21 GMT -8
FRST would have created the FRST.txt and addition.txt, but the addition.txt will have less data as it would have stopped creating more data in that log when FRST was stopped.
Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Dec 28, 2014 18:29:54 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 28, 2014 18:38:49 GMT -8
Whoever is helping you clean your computer with advanced tools can finish cleaning your system
Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Dec 28, 2014 22:45:34 GMT -8
I don't have anyone helping me clean my computer with advanced tools. When I tried to stop my computer from restarting (when I first realised I had a virus), I downloaded some anti-malware software on the usb and ran them. Some didn't run fully, others did (it was a random patchwork, I had just done a quick google search regarding getting anti-virus engines). I realised what I was doing by myself wasn't working, which is why I had given up trying to take care of this myself and came to this forum. I would really appreciate your guidance, I will implement each step and only those you tell me to.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 28, 2014 23:14:58 GMT -8
Combofix is an advanced tool and should not be run without supervision as it has the ability to cause problems to windows and Programs, even the creators give the warning.
TDSSKiller can also cause problems if it has a fight on its hands or there is a new variant of the families detect, OR if the user uses the wrong settings.
Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Dec 29, 2014 0:21:13 GMT -8
Yeah, I think I tried to run them once and it did not work. I haven't touched anything after that. I basically googled for help regarding the virus and downloaded antimalware engines that were linked in those websites (I wasn't able to read the creator's notes which I totally should have). Please tell me how to get rid of them as well as the virus (if it's still there), or is it just the advanced tools that are debilitating my computer.
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 29, 2014 13:44:49 GMT -8
I have tested by infecting my system with Poweliks
The Symantec Removal tool for Poweliks, which only targets Poweliks does work successfully at dealing with the Registry key
It only targets Poweliks in the registry, so if your system has Tracur, Cidox, Zeroaccess or a Ransomcrypt (like Cryptowall), it will not target any of those
Windows 64 Bit tool Download here.Windows 32 bit tool Download here I will allow users that turn up aor are already here to use it to break Poweliks, so their system settles down, the FRST logs just looks different with the possible <=== ATTENTION for the parent keyAND / Or This one www.eset.com/int/download/utilities/detail/family/252/Quads
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Dec 30, 2014 17:23:41 GMT -8
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Dec 30, 2014 17:49:00 GMT -8
You may want to read carefully all of this message first before starting the steps. NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemDownload the script attached, needs to be the same file name as well (fixlist.txt), have it on the Desktop, so that fixlist.txt is next to FRST.exe, DO NOT DRAG AND DROP to download the script, it won't work for FRST (Right click on the attachment link (not the normal left click) and from the menu choose Save As or Save Link as.)
The script tells FRST what to do. Start FRST that is on the desktop
When the tool opens click Yes to disclaimer. (if it still does) Press the Fix button just once and wait.The tool will make a log on the Desktop (Fixlog.txt) please post it to your reply (attach or paste) Quads Attachments:fixlist.txt (7.5 KB)
|
|
nooby
New Helpee
Posts: 24
|
Post by nooby on Dec 30, 2014 19:30:13 GMT -8
Dear Quads, There was no 'Save As' so I right clicked on 'Save Link As' and it appeared as 3998.html (something like that) so I changed the name to fixlist.txt (and where it said 'save as type' I put 'All files' instead of 'Google Chrome' (something like that) because in the instructions it says the file name should be fixlist.txt and not a html file. Then I ran FRST.exe and clicked Fix. It took one second and made a log. Here it is: Fixlog.txt
wikisend.com/download/768586/Fixlog.txt
Fixlog.txt
|
|