AtuZi not completely removed (?)

[Katy1]

Hi OCD,

Oh boy.

-Ran malwarbites from desktop. Found 6 quarantined items. Did not find any log, searched for MBAM.log in notepad, in computer. nothing.

- Ran ESET smart installer from desktop. Would not let me run; error messages about 'symantec corporation, Norton antivirus 2014': could not find in my add/remove programs.

-Could not disable Spybot for scans.

-Could not run programs in administrative mode; right clicked; didn't work.

-Never used Chrome browser. only Firefox

Katy

[OCD]

Hi Katy1,

Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

• Chrome

=========================

Could not run programs in administrative mode; right clicked; didn't work.

1. Can you explain in more detail?
2. What options (if any) were you presented with when you right clicked?
3. Do you have Administrator Privileges on the computer?

=========================

Reboot

=========================

Could not disable Spybot for scans

Try these steps:

Disable Spybot Search & Destroy (temporarily)

• Launch Spybot S & D
• Select Mode it the top menu bar, select Advanced
• Select the Tools sub menu on the left
• Select the Resident from the left hand menu
• Remove the check marks from both options in the right hand menu under "Resident Protection Status"
• Exit Spybot

=========================

Try this other online scanner.

TrendMicro HouseCall Online Scanner

• Go to http://housecall.trendmicro.com/
• Download HouseCall - Free Online Scanner
• Select get HouseCall Now, save the file to your computer.
• Double-click to launch HouseCall
• Click Yes for the UAC
• Click the Scan Now button
• Fix any problems found
• Copy and paste the results in your next reply

=========================

Reboot

=========================

Re-run Farbar Recovery Scan Tool it should be on your desktop.

• • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
• When the tool opens click Yes to disclaimer.
• Select the Addition box
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• It will also make (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:

• Housecall results
• FRST.txt
• Addition.txt
• How is the computer running?

[Katy1]

Hi OCD,

Not sure if you got my last post so I'll repeat.

-could not delete Chrome from from Control Panel or Add/Remove programs so deleted it thru registry.

-could not right click on programs. They just 'hung' there. I do have administrators privileges.

- Opened Spybot Search and Destroy and clicked Advanced mode, went to Tools, and there is no 'Resident' option. I have Home version.

-I will go to Trend Micro House Calls then to Farber....

You are a saint to stick with me all this time and I thank you very much.

Katy

[Katy1]

Hi OCD,

-Ran Trend Micro House Call; 'No Threats found'.

-rebooted

- tried to rerun Farber and was sent to OCD-WTT Bucket;

got a blank screen with a little bullseye in the middle and a popup to run Media Player;

then a screen for Windows PC Repair.

Computer running slooooow.

Katy

[OCD]

Hi Katy1,

could not delete Chrome from from Control Panel or Add/Remove programs so deleted it thru registry.

It is very important that during the malware removal process you do not take any cleaning steps unless I specifically ask you to do so. I can't stress strongly enough that you do not edit the Registry in any manner. Doing so can render your computer un-bootable, and may be the cause of some of the issues you are experiencing.

could not right click on programs. They just 'hung' there. I do have administrators privileges.

When you right click on the executable file, do you get an expanded menu of options?
If so, what are the menu options?

Opened Spybot Search and Destroy and clicked Advanced mode, went to Tools, and there is no 'Resident' option. I have Home version.

Try the instructions provided here >> http://www.safer-networking.org/faq/...d-temporarily/

- tried to rerun Farber and was sent to OCD-WTT Bucket;

got a blank screen with a little bullseye in the middle and a popup to run Media Player;

then a screen for Windows PC Repair.

I'm a bit confused as to why you are experiencing these issues.

=========================

System File Checker (SFC)

• Click on the Start button and in the Search programs and files box type the following:
  
  
  • command
  
  
• Don't press Enter, just let the search results populate above.
• In the search results, locate the Programs section.
• Locate the Command Prompt shortcut and right-click on it.
• Select Run as administrator.
• Click Yes on the User Account Control window that appears.
• Important: If you see a User Account Control window but also a message that says To continue, type an administrator password, and then click Yes, then your user account must be a standard account, not an administrator account. Before you can click Yes and open an elevated command prompt, you'll need to type the password of another user on your Windows 7 computer that has administrator level privileges.
• Note: You will not see this window at all if your User Account Control settings are turned all the way down. See How To Disable User Account Control in Windows 7 for more information.
• An elevated Command Prompt window will appear.
  
  
  • Type: sfc /scannow (There's a space between sfc and /scannow.) , then hit Enter
  
  
• Let the check run to completion. DO NOT reboot the PC or close the cmd window.
• Copy & Paste the following command at the Command Prompt and press Enter:
  
  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt
  
• This will place a file on your desktop called sfcdetails.txt which contains the results of the scan.
• Copy and Paste the contents of the file into your next post.
• After the scan runs type exit to close the command prompt window

=========================

In your next post please provide the following:

• sfcdetails.txt

[Katy1]

Hi OCD,

-followed instruction you provided on Spybot; would did not show a 'resident' listing in Advanced mode, tools.

- when I right clicked on executable files I got nothing; no listings, nada.

- System file checker sent me to bullseye_zpsect36, where I got OCD-WTT bucket list, media player popup, etc. :(

Thank you,

katy

[OCD]

Hi Katy,

Please read the instructions all the way through before beginning so you are familiar with the steps you are about to take. You can even print them out for easier reference.

System file checker sent me to bullseye_zpsect36, where I got OCD-WTT bucket list, media player popup, etc. :(

If I am not mistaken, I think you are clicking on this image and trying to proceed from there. That little "bulls-eye" is just a marker for each new step, not a click-able link for that step.

when I right clicked on executable files I got nothing; no listings, nada.

When you right click on an executable file you should see a menu similar to this?



Pick any desktop icon and try it. Your menu may be different, but does it include Run as Administrator?

Please also retry the System File Checker from my previous post again. Don't worry about disabling Spybot for now.

[Katy1]

Hi OCD,

you're right, I was clicking on the 'bullseye'.

I do read all the instructions all the way thru but i didn't want/don't want to make mistakes so I was copying ever message each day. oh boy. doh!

I right clicked on icons on my desktop and never get run as administrator or the menu you provided as an example.

I will reload system file checker. thanks.

Katy

[Katy1]

Hi OCD,

you're right, I was clicking on the 'bullseye'.

I do read all the instructions all the way thru but i didn't want/don't want to make mistakes so I was copying ever message each day. oh boy. doh!

I right clicked on icons on my desktop and never get run as administrator or the menu you provided as an example.

I will reload system file checker. thanks.

Katy

[Katy1]

can't get back to where I was to down load system file checker. I googled it and got microsoft sites for techies. (?)