Microsoft bananas

Page 2 of 2 FirstFirst 12
  1.    20 May 2016 #11

    Lost focus... Difficult to stay focused whene everything is in slow motion and sometimes no motion at all.
    As I said before; I gave up using mbam. TDSS-killer I have been using from my portable-apps... I'm loosing it again too annoying - have to reboot, re-install, whatever...
      My ComputerSystem Spec

  2.    20 May 2016 #12

    Folstart is a worm. It spreads via flash drives and across LANs, in torrents, etc. and that's why it's spreading to your other systems.
    Worm/Folstart.A.19 - Avira Virus Lab
    I suspect that when you reinstall your OS, and load your stuff back on, you are loading on the same stuff that got you infected. For instance, if you are installing a P2P program again, that could be where it's coming from. Or, it's already in a file that was torrented, and when you put it back on your system, you reinfect it. And, any flash drives or external backups are probably infected and spread it back to your newly installed operating system. Of course, it goes without saying, that any illegal software or cracking programs are loaded with this stuff too.

    TDSSKiller and Malwarebytes are good starts, but you say you're having problems with them.

    First run RKILL. I would suggest downloading the file version named iExplore.exe, as the worm probably will recognise RKILL.exe and block it from running. RKILL stops suspicious operations to give you control to run other scans. Everything that RKILL does is "undone" by a reboot. So, if you have to reboot after running any scans, run RKILL again before proceeding.

    Then, try ADWCleaner.

    Another superb one for these things is HitmanPro. They have a free 30-day trial.
    HitmanPro offers you a Free Scan for a second opinion. It is designed to check if your security measures work. If nothing is found (and we sincerely hope so), then you will never need a license. When a virus is found, then you will receive a free 30-day license to remove the threat.

    Then, for protection, install FoolishIT's CryptoPrevent, which blocks rogue executables from running in your %AppData% folder (which is where this worm operates). Upon first install, it will ask you if you want to "whitelist" everything - say no because you don't know if you're clean or not, and you don't want to whitelist the worm.

    Then install Panda's USB Vaccine to prevent this from happening again.

    Finally, get all your portable media cleaned out - either scanned or formatted.

    As @Fabler mentioned, it's quite possible that your router is compromised, if all your systems are getting infected, but I really think it's because you are fighting a worm and it "travels".

    There is also the possibility that your hard drive has a low-level infection. This has happened in the past - Hard drives from China were being shipped from the manufacturer with viruses already installed. On your next OS install you might want to include a "cleanall" function. @essenbe can tell you how to do that.

    Once you have control of your system, run the ESET Online Scanner.
    Last edited by simrick; 20 May 2016 at 17:06.
      My ComputerSystem Spec

  3.    24 May 2016 #13

    My suggestions
    1. Use a pc of which you are 100 % sure it's clean to purchase and download a decent anti virus software. Copy it onto a usb flash drive, again you need to be sure it's 100 % clean (you might want to purchase a new one for this task).
    2. Disconnect all your computers, phones, tablets etc. from the network (LAN and internet) as each and every one of them could be the source of the infection (yes, even Android phones can spread Windows viruses)
    3. Format the hard disks of your laptop
    4. Reinstall Windows from scratch (just to make myself clear: it needs to be a legit copy, cracked Windows versions often come with "preinstalled" malware).
    5. Don't connect anything and don't install anything.
    5. Connect your clean usb flash drive with the anti virus software and install it.
    6. Now connect only the laptop to your LAN and the internet again. Use it for a while without connecting any usb drives.

    If it runs for a while without being infected again you can assume that this pc is clean now. Repeat the process with every Windows PC you've got. As soon as all of your Windows PCs are clean you can start to clean out your usb drives. But don't do it with Windows. Create a boot disc using your anti virus software and boot one of your PCs with it. As soon as the live system is booted connect one usb drive (not before) and scan it. As soon as it's clean repeat the process for all your usb drives.

    Once all your usb drives are clean start reinstalling your software. But heed the following advice: Never ever install cracked software. The motivation for most crackers is to spread malware with their cracked software. And don't download software from some random website. Only download it from the developers website.

    Please keep in mind that not following the exact sequence of my description would possibly result in one or more of your computers being infected again.
      My ComputerSystem Spec

  4. Slartybart's Avatar
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3
       24 May 2016 #14

    joarthur98 said: View Post
    Lost focus... Difficult to stay focused whene everything is in slow motion and sometimes no motion at all.
    As I said before; I gave up using mbam. TDSS-killer I have been using from my portable-apps... I'm loosing it again too annoying - have to reboot, re-install, whatever...
    After a quick read of your thread, I suggest a clean install.
    Tutorial: Windows 10 - Clean Install
    Read all Information, Note, Tips, and Warning colored boxes
    Watch the Video
    Ask questions first, then proceed

    Overview of the process
    1. Backup your personal data (Downloads, Documents, Music, Pictures, Videos, etc) to an external drive

    2. Create an audit with Belarc advisor

    3. Create new install media on an uninfected machine (friend, family, library)
      Tech Bench
      - OR -
      Get Windows 10
      either choice, Scroll down to Before you begin

    4. Boot the problem machine using the install media you just created

    5. Press Shift F-10 to open a Command Prompt
      list disk
      select disk #
      ** the number is the drive that contains Windows - normally 0
      ** make sure you select the correct disk.
      ** The next step removes everything from the disk

    6. Continue the install
      Select Custom install
      Install to the empty disk - you might have to scroll if you have more than one HDD
      Let Windows do the heavy lifting
      - it will initialize the disk
      - it will and create the partition schema
      - it will install device drivers (only backfill drivers if there are errors or warnings in Device Manager).

    7. Re-install your favorite applications, one at a time
      Download up-to-date versions instead of using old install packages
      Purchased software might have a download or you have to use the original disk.

      ** If problems arise - uninstall that application and continue installing other programs

    8. Scan your personal data for malware before restoring it
      My ComputerSystem Spec

  5.    02 Jun 2016 #15

    Not solved - I tried all the different methods. Sorry, that I haven't provided more for you to work with but on the when on the computer I rarely get time to other than start some virus check, and re-install. Other then that I feel sick just looking at it. And I rarely manage to focus more than a few minutes as long as I am not interrupted by this idiotic time consumer. A couple of times it has been running well after full clean of harddisk from usb and running bitdefender in linux. Yesterday I did it again and had a flash made ready from another machine with windows 10. I had spent the whole day again moving everything off ...again. Then flash drive didn't work so I used an old one - probably already infected. For a couple of hours everything was fine. I had mbam, defender and mrt running... and then some signs told me it started again. I had a tech from HP remotely logged on - he came with a lots of advice... Just to reinstall the factory package, but I needed the factory partition intact - and when he saw that I had deleted I was told that I had to buy the software one more time. I basically told him to **** off, some service... My is still five months inside warranty, and of course I had to wipe the machine clean. I hate this computer... That's really all I have to say...-
      My ComputerSystem Spec

  6.    02 Jun 2016 #16

    I anyone stop by here - can you tell me if it is normal to have files i "System Volume Information" looking like this {3808876b-c176-4e48-b7ae-04046e6cc752} and totally impossible to delete. Only way to delete is format the hard drive from linux on flash. The biggest I have seen was at 90 gigabyte. When I saw that internet connection was still running full speed in 'Airplane' mode I went into horror mode thinking I my machine was loading up on childporn and serving the Scandinavian marked. But what do I know, maybe it's Microsoft files...
      My ComputerSystem Spec

  7.    02 Jun 2016 #17

    Good advice, followed the procedure - and was clean for a few days. I had three-four antivirus running on shift pretty much all the time when I noticed some files growing inside 'System Volume Information' connected usbdisk. When I checked other partitions, they all had the same files - the biggest at 90 gigabyte. Tried every possible way to take control/become owner but it was impassible. Not 'takeown', icacls, del, rmdir... nothing. I got so angry I just formatted the whole lot. Well, probably spending another 8-10 hours on shifting pictures and all over to other media. Great fun...
      My ComputerSystem Spec

  8.    02 Jun 2016 #18

    PENDING-RENAMES-03.06.2016 06.26.pdf
    PENDING RENAMES... Just wonder if this is normal or virus related - hundreds of files waiting to be renamed in WinSxS folder 'Pending Renames*

    Click image for larger version. 

Name:	2016-06-02_21h42_24.png 
Views:	6 
Size:	1.44 MB 
ID:	83018
      My ComputerSystem Spec

  9.    03 Jun 2016 #19

    I am still waiting for you to follow my instructions in post #12, provide scan logs, and report on the results as things go along. If you are at another clean install, please run all the scans BEFORE re-loading your data and photos. Use the Panda USB Vaccine BEFORE connecting any external drives to the clean system. Scan each drive the minute you connect it.
      My ComputerSystem Spec

Page 2 of 2 FirstFirst 12

Related Threads
Microsoft Edge: What's Next for Microsoft's New Browser & Web Platform Source: Microsoft Edge: What's Next for Microsoft's New Browser and Web Platform Channel 9
Well, i made a search for a solution to this problem all over the net including your forum and other forums, no luck. it is not a matter of life or death, but i would like to be able at least to open the apps. Sorry if i posted an old problem,...
44725 I have been looking everywhere but I cannot find if this is normal or not. I was an Insider on 10547 but then had to install 10240 RTM( I remember seeing my name on the 'registered to:' tab. But now when I enter 'winver' I see it's registered...
Source: Microsoft Health and Microsoft Band: The Next Step in Our Journey - The Official Microsoft Blog
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 11:06.
Find Us