Inactive Trying to remove virus: Everything I try to use force closes... including google chrome

T

Timbo51

Posts: 20   +0
Soooo, long story short during a period of sleep deprivation I downloaded a basket of fun stuff...


Now I am trying to get rid of it and for the most part I have been able to.

The worst part... there is something still here and I don't know how to get rid of it.

Everything I try to use to combat this unwanted virus is force closed either during installation or during the programs start up.... that includes many tools from this website. So far nothing has even been able to detect the problem although they did pick up a lot of other things.

093f4bd61f2da3407e4af3660792ca35.png


The processes with arrows are the processes that I have no idea what they are or where they came from.

I am 100% positive they aren't supposed to be there.... okay maybe 99% but I have never seen them and I know this process list like that back of my hand.

A google search doesn't turn up much information on them which makes me feel even more unsafe.

I also downloaded a few things from this website and they just close when I try to open/run them.

Anything that I want to use like games, internet browsing, forum posting, etc... works just fine. Only when I try to open a page that has anything for virus help, programs with virus removal, or other things of the sort do they force close.... hence how I am able to post this here but not use any tools elsewhere found on the website.

Alright, let me know where and how to start working on this... I am giving up and turning over the reigns.
 
Also, I can not open the programs recommended in the Preliminary Tools section for this process so if I could get help getting them to work that would be great as well.
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===================================

NOTE 1. Use another working computer to download Farbar Recovery Scan Tool and save it to USB flash drive.
NOTE 2. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 10 If you're having problems accessing System Recovery Options create Windows 10 USB or DVD as described here: http://betanews.com/2015/07/29/how-...your-own-installation-usb-flash-drive-or-dvd/ and boot from it.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt. To access Advanced Boot Options start and shut down computer TWICE. On third start you should see Advanced Boot Options.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note:     Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 
Hello! Thanks for the help here.

Okay so I got the Farbar Recovery Scan Tool 64-Bit downloaded onto the computer that is infected. When I try to run it, it just opens and then closes right away. No errors, no messages, no nothing.

Please note: All programs, games, and other functions of the computer are working great the only thing that force closes are malware removal tools, scan tools, and other things of the sort. Google Chrome even works great unless I try to download a tool, or search for something related to the removal of malware.

Also note: I have found a work around to be able to download tools if I open the link in a new tab but remain in the current tab. As long as I let that tab load and start the download everything downloads fine but if I so much as click on the tab the web browser instantly closes.

Edit: I forgot to mention that my computer blue screens every time I try to restart, or shut down, or if I attempt to close any of the processes listed in the OP with the arrows pointing to them in the picture.
 
Last edited:
You didn't read my reply carefully.
We need to access your computer from the outside, meaning booting it from USB flash drive.
Please, re-read.
 
Ahh, very sorry about that. I will reboot using a flash drive although I am very busy and unsure how long it will take. It shouldn't take me more than a day or 2 to pick up a flash drive and follow your instructions. Sorry for misreading them.
 
Alright, I now have a flash drive and it has Farbar downloaded to it from another computer.

If you wouldn't mind I would like a little more explanation or direction on what next you want me to do. I think you want me to plug in the flash drive to the infected computer and then restart and go to the BIOS menu.

I did that and I think you want me to go into the BIOS Repair Menu but I am unable to find that option while in the BIOS menu.

I was hoping that you would be able to help me figure out how to do that.

Thanks!
 
I am running Windows 7 Ultimate and I believe the BIOS is from ASUS... Here I took a screen shot for you with my phone.

Also worthy of note some of the programs I was unable to run before I can now run like the FarBar Recovery tool. Since I was able to run it I went ahead and did that. I hope that is what you would have wanted as I didn't want to lose the opportunity.

This is what I see when I boot up:
6822513d70e188093c81c09be36a9426.png

There are screenshots from within that menu:
500ffd63ebbad03bcbd0d49d707f68ae.png

36b0111a91fa8fbf1eeb9551cb993b6a.png

4adbf29b45961a359638ea7a1b6d4db2.png
 
You really need to read my instructions...it's all there...

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item......and read on in my initial instructions....




 
There is no Repair your computer option :( I promise I am reading very carefully and trying to follow each step to the letter.... I posted screen shots of the menu I get when I press F8 during start up.
 
This is what I see when I boot up and press F8 repeatedly:
As you will see there is no "Repair Your Computer Option"
6822513d70e188093c81c09be36a9426.png

There are screenshots from within that menu:
500ffd63ebbad03bcbd0d49d707f68ae.png

36b0111a91fa8fbf1eeb9551cb993b6a.png

4adbf29b45961a359638ea7a1b6d4db2.png
 
Here is a paste bin post of the logs from the Farbar Tool:

https://pastebin.com/kyQxN7Ai

It says the post is spammy if I try to post it here and it doesn't allow me to.

I am unsure if that is what you wanted but either way I can no longer run the Farbar Recovery tool as it just opens and then closes imminently.
 
You do NOT enter BIOS setup...

As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.

Your screen will look like this: advanced-boot-options-windows-7-57c99e725f9b5829f4de12b3.png
 
Ohh, yea I don't get that screen. It brings me to the first screenshot I posted.

:(

When I repeatedly press F8 I get brought to this:
6822513d70e188093c81c09be36a9426.png
 
I did find this and will attempt to try it. So I hope it works to get into the advanced menu.

13YouTube video says that on some computers, F8 brings up the "Select boot device" menu that I described above, and if that happens, to hit Esc then keep hitting F8 until the Advanced Boot Options screen appears.

I'll give it a go.

Update

First attempt failed: it just booted normally.

On second attempt, I tapped the F8 as rapidly as I possibly could, after hitting the Esc key, and almost immediately got the Advanced Boot Options menu.

So, I think the issue is that the SSD makes the PC boot so very fast that the standard advice of 'hit the F8 once a second is useless!

(Thankfully, TDSSKiller reported no rootkit, and Malwarebytes' Anti-Malware is now chugging away, and finding stuff to remove, so things are looking up, relatively speaking)

shareimprove this answer
 
If you have SSD drive than it's a matter of quick right timing.
Wait until BIOS screen clears and then start tapping F8 key.
Another option, try to keep tapping space bar instead as soon as your computer starts.
 
Awesome because what I posted didn't work I will try the space bar right now and get back to you.

Thanks again for the help
 
But previously you said:
"On second attempt, I tapped the F8 as rapidly as I possibly could, after hitting the Esc key, and almost immediately got the Advanced Boot Options menu."
 
I just checked your FRST log which you were able to post and it looks like you're infected with Smartservice rootkit.

In this case we need to take some precautions.

You're infected with Smartservice rootkit.
It can't be fixed from within Windows so you must follow these instructions.
Please pay attention to every single step.
http://www.smartestcomputing.us.com/topic/102856-smartservice-rootkit/?do=findComment&comment=351953

It's very important that you don't insert USB flash drive too early because this rootkit will corrupt FRST.
 
So just out of curiosity... I only have the one USB drive that I bought last night and I downloaded Farbar and plugged it into the computer just like you said in your instructions.

If that is the case does that mean I need another one before continuing?
 
You must log in or register to reply here.

Similar threads

M
Virus warning popup
Replies
1
Views
541
Mark Fuller
M
midian182
US Air Force successfully tests AI-controlled fighter jet in dogfight against human pilots
2
Replies
31
Views
330
Gameredic
G
midian182
Survey reveals almost half of all managers aim to replace workers with AI, could use it to lower wages
2
Replies
40
Views
594
waclark
W

Latest posts

Back