hi guys
hope someone can help me as I’m at the end of my tether.
I’ll start at the beginning.
I run Windows XP
A few days back I updated a youtube program (dvd video soft) and I wish I hadn’t bothered, my pc went crazy. It downloaded all this junk ad stuff and something called Uline? Anyway I deleted it and thought everything was ok.
Then I started to get a Google desktop error read (please see attached .jpg)
so I thought I should just uninstall completely as I’ve never used it. But I was concerned that it would mess up my PC (if it was attached to other programs?) so I have left it.
anyway, long story short -
yesterday on the right hand side of my screen the google desktop pops up “thank you for installing google desktop”
I had no idea how this happened as a) I didn’t install, it was already on PC b) why on earth would that happen now when I’m contemplating uninstalling? does it know!? (haha)
since then my pc has been very slow, browser, opening files, etc.,
Did a boot scan and avast found 3 viruses, one is in chest, one has been deleted and the other (a trojan no less) is yet to be dealt with “on next boot scan” I’ve done a boot scan (twice) and the trojan is still there.
Why can’t avast delete it? am I doing something wrong?
please help as I need my pc for work etc., and honestly can’t do without it for more than a day or 2.
sorry guys, forgot to add the image for the trojan, see below! sorry.
hi Pondus
thanks for your reply.
I already have Malwarebytes on my PC and have completed a good few scans since finding virus, but Malwarebytes has come up with nothing. It says my PC is clear of threats (!!)
I really have no idea what to do next…
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
[*]Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
[*]Select additions at the bottom
[*]Press Scan button.
ok, I’m going to wait until this scan has finished then I will do the FRST thing. (is it safe?) thanks!
one other thing…I tried to put the trojan into chest but I got a error message "the system cannot find the file specified (2) " is this good or bad? has it spread? I am so confused right now… ???
Hey essexboy
Having major problems today. Using my phone for this message.
Can’t open a browser connect to Internet and it won’t let me update
Avast.
I haven’t downloaded FRST yet either! So I don’t know what to do???
EDIT: finally downloaded! attached logs essexboy, many thx for your help! will await your instructions. also… should I delete the FRST or keep it on PC???
EDIT 2: re your Google desktop question, forgot to mention that I use XP (!) and have had this pc for about 7/8 years?? so not sure what version of GD this is. It was installed on pc when I got it. Never use it! I definitely want rid of it after this trojan is gone!
hi Pondus,
thank you for your reply, I shall await instructions
I have Avast and MBAM installed. Used to have AVG years ago, but deleted that and used MS Essentials then when Microsoft stopped XP updates I had to delete MSE and that was when I started using Avast. There are leftover files from AVG and many other programs that I no longer have on my pc! (>.<)
EDIT hey Pondus / essexboy, I’m busy copying files onto a USB ( worried in case I lose stuff ) and I just got this message (attached jpg) Should I be worried?? Is it spreading???
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
not sure what’s happening but the FRST has frozen, should I stop it? run it again?
EDIT: FRST log attached!
EDIT 2: I’m attaching the threats Avast found, the one where it says move to chest - when I check chest it isn’t there (!) and the Trojan - action postponed until next reboot one - I rebooted twice after getting this message and its still there. Sorry if I’ve already told you this, I’m a total idiot when it comes to PCs and I’m worried…
EDIT 3: AdwCleaner log attached! I’ll await your instructions and once again thank you for helping me!
What was the full folder path ? Were they in the temp internet folder ?
Download and Install Combofix
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
