More Nefarious Strain of Zacinlo Malware Infecting Windows 10 Machines

BigFatBoy said:

In your post [no.5] you said the following:"You could boot your system to Kyhi's custom recovery media, connect to the internet, open Malwarebytes Anti-malware, update the virus definitions, and run a scan of your OS drive, being sure to select "rootkit" in the MBAM options. Then, open Macrium Reflect and select the option to "fixboot"."I downloaded Kyhi's Recovery Media from: Windows 10 Recovery Tools - Bootable Rescue Disk - Windows 10 Forums. The file was in an .ISO format that I saved on this computer's DATA drive. After downloading, I mounted the file to open its content. Kyhi's narrative for the Application stated: 'You would have to download the ISO and then burn it to USB or CD to create a bootable WinPE disk.' Simple, I can do that.

You should copy all the files of the mounted ISO to a FAT32-formated USB drive. Then boot your system to the USB drive.

BigFatBoy said:

Q:After I boot the Application on the 'infected computer' (a PC that can not run W10 loaded originally on its SSD as partition C:\ ), can I do all the tasks outlined above from within Kyhi's rescue Application?

Yes. Kyhi's custom rescue media has a collection of programs in it. One is a program to help connect to the internet. MBAM and Macrium are also in there, along with a bunch of other things. So,

• Boot to the USB drive
• At this point, if you have any personal files that need to be saved, they can be copied off the drive using File Explorer and Copy/Paste commands
• Use the internet connection software to assist connecting to the internet if needed
• Open MBAM, update the virus database, and check the box in options to include scanning for rootkits
• Run a FULL SCAN (Custom Scan) on your entire OS drive
• If it finds anything, save the log to the USB drive and post it here, so we can see what we're dealing with
• Open Macrium Reflect, select the FIXBOOT option

BigFatBoy said:

Q: IF everything went well in each and every Task above, the infected PC should boot on its own from the now repaired W10 install. Is this correct?I want to make sure I am doing what is required; and I am as tired as an Old Lost Dog and need to double check and double check again before I take my next step.....thanks again for your continuing support with this issue....bfb @tenforums.com

If these steps are sufficient to clean whatever infection you have, then hopefully your system should boot into the OS on the SSD. If it's not an infection, but a hardware problem, then this may not help at all. But let's see how it goes for you...

Glad you got things sorted and have all your files.
I think the corrupt BCD issue could have been fixed using Command Prompt. But, no matter, you are all set. Thanks for posting your solution; it may help others in the future.