49 replies to this topic

[lookingforaname]

So my husband clicked on something and uploaded a crazy awful virus onto our family laptop.  I notice "Optimizer Pro" on our desktop and have googled that and it looks like that may be the thing he fell for? 

 

I ran Malware bytes and Avast and they quarantined a bunch of stuff but we are still haviing issues - way way way slow browsers, internet explorer is basically unusable (although we usually use firefox). 

 

Another major issue is that I tried to run HiJackThis, OTL, and DDS - but each of them are blocked from running.  Two of them are a purple windows rectangle that first blocks it saying it's Windows Smart Screen, then says "This app can't run on your machine."   I don't know if Windows Smart Screen is legit or not (because when I google it it seems legit), but I've never seen it previous to trying to work on this issue.  I also tried to run the online ESET scanner, but on internet explorer, the eset.com page never loads, and when I use it from firefox, I get the "this app won't work" message.

 

You guys have been so helpful in the past - I'm definitely donating this time for your services, as we're getting into the upper handful of times you've helped.  Thank you in advance for your service!

[LiquidTension]

Hello lookingforaname, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. 
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

• Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
• Please do not post logs using the CODE, QUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
• Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
• Please backup important documents before proceeding with my instructions.
• If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
• Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.
   

======================================================
 
Please run the following diagnostic scans so I can ascertain the state of your computer. If Windows Smart Screen pops-up, please click More info followed by Run anyway.
 
STEP 1
 Farbar Recovery Scan Tool (FRST) Scan

• Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
• Right-Click FRST64.exe and select  Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
   

STEP 2
 TDSSKiller Scan

• Please download TDSSKiller and save the file to your Desktop.
• Right-Click TDSSKiller.exe and select  Run as administrator to run the programme.
• Click Change parameters. Place a checkmark next to Detect TDLFS file system.
• ​Click Start Scan. Do not use the computer during the scan.
• If objects are found, change the action to skip.
• Click Continue and close the window.
• A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
   

======================================================
 
STEP 3
 Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

• FRST.txt
• Addition.txt
• TDSSKiller log

[lookingforaname]

Hi - I'm stuck on step one.  Like the other things I've tried to run, when I hit FRST64 as run administrator,  Windows Smart Screen pops-up and then I do the More Info/Run Anyway thing, and then it gives me an error saying that  "This app can't run on your PC.  To find a version that will run with your system, check with the software publisher.

 

Thanks,

 

Emily
 

[LiquidTension]

Hello Emily, 
 
Please try the following. 
 
 RKill

• Please download RKill and save the file to your Desktop.
• Right-Click RKill.exe and select  Run as administrator to run the programme.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• Important: Please do NOT reboot your computer until the next set of instructions. 
• A log (C:\rkill.log) will open once the scan has completed. Copy the contents of the log and paste in your next reply.

Note: If the programme fails to run, or encounters an error, please delete RKill.exe and download the following file. Repeat the steps using the newly downloaded iExplore.exe.

[lookingforaname]

Same old problem.  Window Smart Screen says the app can't be run. 

[LiquidTension]

And when you click More Info, followed by Run Anyway? Do you receive, "This app can't be run"? 

[lookingforaname]

Yes.  The first time it doesn't say "This app can't be run," it says, something like Windows Smart Screen has blocked this from opening and then I do the more info.run anways, and then  it says this app can't be run. 

[lookingforaname]

This happened with to HiJackThis, OTL, and DDS, and the ESET download for firefox. 

[LiquidTension]

Hello,
 

I need some information before we proceed. Please do the following. 

 

 System Summary Information

• Press the Windows Key  + r on your keyboard at the same time.
• Type msinfo32 and click OK.
• Click on System Summary to select it. 
• Click File, Save. Name the file System Summary and save the file to your Desktop.
• Upload the file (System Summary) to my channel, here.

[lookingforaname]

done. 

[LiquidTension]

Hello, 

 

The file appears to be corrupt, so I'll just ask you for the information. 

• What is the make and model of your machine? 
• What is the Operating System and bit-type (32 or 64-bit)? 

[lookingforaname]

HP Pavilion g6 notebook

 

Windows 8 64 bit

[LiquidTension]

OK, lets see if resetting your .exe association helps.

• Please download the following .reg file and save to your Desktop.
• Right-Click the file and click Merge.
• Accept any prompts.
• Reboot your computer.
• Attempt to run RKill.

[lookingforaname]

I was able to do the merge thing, but upon restart, I was still not able to open RKill - still the same "This machine cannot run this app." message from the windows smart screen. 

[lookingforaname]

I got an Optimizer Pro popup upon start up as well.