Solved Groogle.tr35.com virus
- Thread starter robgee
- Start date
- Status
Bobbye
Posts: 16,313 +36
Have you made any change in the BIOS? It sounds like you're going to have to boot from a disc> that means you are going to have to go into the BIOS and set the first boot order to CD, hard drive 2nd. Then put the OS CD in and boot into the Recovery.
As it stands now, you can't even get into this.
As it stands now, you can't even get into this.
Bobbye
Posts: 16,313 +36
Something went wrong at this point and I thing you've confused 'chkdsk' with 'Combofix'.
Where to set Error Checking up
You can do the Error Check from Command Prompt:
Using the Command Prompt should have been this: Start> Run> type in cmd> type in Chkdsk /f/r followed by a reboot. Chkdsk will start in a few seconds
Or Windows Explorer:
Right click on Start> Explore> My Computer> Right click on Local Drive (usually C)> Properties> Tools> Error Check> check both boxes on the screen that comes up> Apply> Close the message and reboot for the Error Checking to start.
You have nothing else to do except wait for the system to reboot after the Error Checking has finished.
The choices in Error Checking:
- CHKDSK or Error Check alone will only scan the current drive but will not fix errors on the disc or attempt to recover bad sectors. Using Start or Enter begins the process without a reboot.
- VolumeSpecifies the drive letter other than the Local Drive (followed by a colon), mount point, or volume name.) To have the checking use a different drive, the Command Chkdsk is followed by the drive letter, then a colon such as chkdsk volume E:
- File Errors can be found and fixed using the switch /F The nag message that comes up can be closed and the system rebooted to start the checking.
- Recovery of readable information in bad sectors can be done by using the switch /R This implies that the /F switch has also been used. Locates bad sectors and recovers readable information (implies /F).The nag message that comes up can be closed and the system rebooted to start the checking.
(Please note: this is not meant to include all of the options available for Error Checking- just the appropriate options here)
I'd like you to try and run Chkdsk one of the ways I've described above, usinbg both the /f and /r switches. Note there is a space before each slash: chkdsk /f /r
Booting again
There is definately something strange that happens when Combofix reboots the system. Its happened twice now. Both reboot options do not work after Combofix is run.
What I am confused about is why sometimes the F8 option to boot "last good config" works and sometimes it doesnt. This is why I tried the chkdsk option because it looked like Combofix had modified the bootsector. However, it seems selecting the chkdsk option doesnt work because the system boot back up to run it.
Also, the windows firewall is switching off again.
There is definately something strange that happens when Combofix reboots the system. Its happened twice now. Both reboot options do not work after Combofix is run.
What I am confused about is why sometimes the F8 option to boot "last good config" works and sometimes it doesnt. This is why I tried the chkdsk option because it looked like Combofix had modified the bootsector. However, it seems selecting the chkdsk option doesnt work because the system boot back up to run it.
Also, the windows firewall is switching off again.
Bobbye
Posts: 16,313 +36
As I said several times previously, I don't think this is a malware problem. I had you running without incident. Combofix didn't modify the boot sector- that is most likely due to your work in the system. You might want to temporarily disable the TortoiseOverlay and DesktopWindowManager, both of which are high resource users, both of which have a large number of entries loading and running
Desktop Manager
I had disabled Desktop Manager in line with your previous recomendation and that has had a positive effect on preformance - I havent modified Tortoise. Anyway, the machine is stable now and switching the firewall on when I boot is not a big deal.
In an earlier post you mentioned removing some of the tools and a cleanup?
I had disabled Desktop Manager in line with your previous recomendation and that has had a positive effect on preformance - I havent modified Tortoise. Anyway, the machine is stable now and switching the firewall on when I boot is not a big deal.
In an earlier post you mentioned removing some of the tools and a cleanup?
Bobbye
Posts: 16,313 +36
Removing all of the tools we used and the files and folders they created
You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
Creating a Restore Point in Windows 7:
Deleting all but the most recent System Protection point in Windows
Empty the Recycle Bin
If any of the Tools remain, you can remove them in Add/Remove Programs in the Control Panel.
The firewall should not be resetting like that. But again, I think it is due to some conflict in the system settings rather than malware.
Please let me know if you have any more questions.
- Uninstall ComboFix and all Backups of the files it deleted
- Click START> then RUN
- Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
- Download OTCleanIt by OldTimer and save it to your Desktop.
- Double click OTCleanIt.exe.
- Click the CleanUp! button.
- If you are prompted to Reboot during the cleanup, select Yes.
- The tool will delete itself once it finishes.
You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
Creating a Restore Point in Windows 7:
- Click on Start> right click on Computer> Properties
- Select System Protection
- Click on the Create button (near bottom)
- Type a name for the Restore Point
- Click on Create again to save the restore point.
Deleting all but the most recent System Protection point in Windows
- Click Start, type Cleanmgr.exe and press ENTER
- Select the drive-letter from the list and click OK
- Click Clean up system files
This restarts Disk Cleanup to run in elevated mode. - Select the drive-letter from the list and click OK
- Click the More Options tab
- Click the Clean up… button under System Restore and Shadow Copies.
- Click OK.
Empty the Recycle Bin
If any of the Tools remain, you can remove them in Add/Remove Programs in the Control Panel.
The firewall should not be resetting like that. But again, I think it is due to some conflict in the system settings rather than malware.
Please let me know if you have any more questions.
- Status
Similar threads
Latest posts
-
Ford is losing boatloads of money on every electric vehicle sold- Superconductor replied
-
Police arrest high school athletic director for deepfaking principal's voice
- Cal Jeffrey replied
