Problem I'm in over my head. I clicked on a link...bad move.

I am so thankful for all you folks that help me! Soooo, I did it, I really did click on a link I should not have. Brain fart...someone sent me a message through Skype and because I knew this person I clicked on the link. Now this grandma's sweet computer is fubar..ed. The link was: http://www.baidu.com/link?url=jf2tgZ8xr2X5Jr1vnLGfJ_HtIMhgMYOZDJ-Q4zbC4WS#fenohu=
I didn't realize how bad it was until one of my grandsons asked me why I sent him this link through Skype and warned me not to open it... too late...and it sent the link to everyone in my Skype contacts. Strange things since: Garmin express downloaded onto my computer and icloud is asking me for information it shouldn't. I uninstalled icloud and Garmin express, restore my computer to an earlier date but these aberrations continue. Please help. I promise I will listen and do as I'm instructed but I'm way out of my scope of understanding what to do next. Thank you guru gods and may the Force be with you.

 

I know the feeling... I will attempt to help you, hopefully we will be able to find the problem...

First run Zemana and we'll see if it finds anything:

Please download Zemana AntiMalware and save it to your Desktop.

• Install the program and once the installation is complete it will start automatically.
• Without changing any options, press Scan to begin.
• After the short scan is finished, if threats are detected press Next to remove them.

Note: If restart is required to finish the cleaning process, you should click Reboot. If reboot isn't required, please restart your computer manually.

• Open Zemana AntiMalware again.
• Click on icon and double click the latest report.
• Now click File > Save As and choose your Desktop before pressing Save.
• The only left thing is to attach saved report in your next message.

Please attach all reports using button below. Doing this, you make it easier for me to analyze and fix your problem.

NOTE: All tools we use here are completely clean and do not contain any malware. If your antivirus detects them as malicious, please disable your antivirus and then continue.

2oG

 

Thank you 2oldGeek, you are truly a good egg for not judging me after I peed on the electric fence! I ran the Zemana and there were 7 issues, 6 were quarantined and one I didn't understand. The file is attached per your instructions. I wish Blessings in abundance rain over you.

 

The one you didn't understand was a browser hi-jacker, the rest were ad-ware....

Let's now run a FRST scan so I can look for problems. It does not fix anything until I write a script and you run it after I have found the problems. hopefully

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

• Right-click on the FRST icon and select Run as Administrator to start the tool.
• When the tool opens click Yes to disclaimer.
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please attach both logs to your next reply and let me know what problems you are having now..

2oG

 

Boo Hiss on the browser hi-jack and is me being so nice. Attached are the FRST.txt and Addition.txt per your request. Again I wish to express my utmost thanks.

 

OK, jmk, it's gonna take me some time to go through that log so hang in there and please do not run any virus, cleaner or malware programs and don't delete or install anything.. I'll be back with you later....

2oG

 

I promise to be a good grasshopper.

 

Ah So, grasshopper,
before I get too deep into FRST let's clean up a little more that I can see using Zoek.

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Please also download the attached scriptfile, named zoekscript.txt.

Note: Very Important!
Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here.

Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below:

​

Please approve any UAC prompt to allow this action to proceed.

Answer Yes to the following prompt to allow the zoek script to run:

​

This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning.

When the tool finishes, the zoek-results.log is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.

Please attach the zoek-results.log to your reply.

Also, this time please tell me what is happening on the computer so I will have an idea of what to look for..

2oG

 

Not certain how long this scan is suppose to take. Attached is a screen shot of where it's been sitting for an hour. Is this normal?

 

No!............ something is running in the background. ALL real time scanners MUST be stopped and all schedules that will run during this time must be stopped.... Be sure all real time virus/ malware scanners are stopped.. and give it another shot. It should start a new line every 2 or 3 minutes, if it goes 4 or five minutes it may be blocked. See what you can do....

 

I'm trying to start over but I can't close the Zoek.exe program. Secondly, there are numerous programs installed today, such as, google earth, iTunes, etc. Thirdly... any "site" I normally go to is asking for my password (haven't signed in to anything) but did go to Amazon and looked at the page. Without my hand on the cursor the page moved to the bottom, regardless of how many times I moved the page back to the top.

 

I'm so bleeped. Can't uninstall Zoek.exe and can't close it. Looked for it in the search bar, can't find it but I close the window and it just keeps coming back.
Attached is the picture now.

 

You may have a zero day that I haven't seen before..... not a good thing!
I had Zoek set a restore point before running.. You said in the first post that you restored. see if you can restore to the zoek restore point or maybe to a point before it..

 

use task manager to kill zoek.

 

ok, thank you

 

Dear Wise One,
I restored to the Zoek restore point. All virus protection and real time protection is off. Now what?
I already restored before seeing the Task Manager message.

 

Sorry I was away for awhile....
EDIT see next post
2oG

 

jmk, I had time to go over the log and here is a fix. I guess you still have FRST on the desktop. If not, download again.

Fix with Farbar Recovery Scan Tool

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location (on the desktop) or the fix will not work!

• Right-click on FRST icon and select Run as Administrator to start the tool.
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Attach the Fixlog.txt to your next post.

2oG

 

Another question please....my external TB was plugged in to my PC, do you think it is corrupted also? Is it possible to have infected all my devices because they shared iCloud and iTunes and Skype? Is it possible my laptop is corrupted also? My reason for the TByte question is: I want to plug it into my laptop so I can work but I am a scardy cat now. Second question. Is it possible to use a flash drive in my corrupted PC to copy some documents and pictures? Third question: Is there a way to wipe my PC and start over or do I have to buy a new hard drive? I can feel the waves covering my nose now! Thank you for the life persever, greatly appreciate you. Blessings for a beautiful and joy filled day.