Page 4 of 14 FirstFirst ... 23456 ... LastLast
  1.    14 Aug 2016 #31
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    Wait, JRT is NOT Mbam? Of course not, or its name would say it was....once again, ugh! To think I thought intelligence was one of my strong points! Oh, Crap! ESET is now in the red! It is not halfway done...Do I still run the Mbam, after? Of course, I have to run it. Then what?
      My ComputerSystem Spec
  2.    14 Aug 2016 #32
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    Rambling on, (not a Zeppelin ref ...: I had to Stop the ESET scan during its last 5-8%, because lines blacked out. Example:
    Click image for larger version. 

Name:	example1.jpg 
Views:	4 
Size:	24.4 KB 
ID:	96225

    I am certain the scan was still in progress (?), but without seeing its results or my options what is the purpose to continue? Right before the screen put "blindfolds" on 8 threats were detected, but I did not take notice of where taking for granted a log would give me that info. I will run it again, but after Malwarebytes, again. I, still do not know if this is the right scan, because it looks no different.

    I made sure "rootkits" was checked and covered all drives. What am I missing?

    Thanks
      My ComputerSystem Spec
  3.    14 Aug 2016 #33
    Join Date : Apr 2015
    Posts : 12,588
    W10Prox64

    Hi.
    ESET have just updated their online scan recently and I can tell you, I have had the same exact problem on three different systems over the past 2 days. After a while, it just locks up too. I don't know what they've done, but it's not pretty.

    I've had to select a custom scan and tell it to scan parts of drive C, then after that finishes I tell it to scan the next parts of drive C, and then the next, until I get through a full scan of the C drive. What a pain! Well, ESET should be done last, as it is usually the "all-clear" tell-tale scan for us. But, it seems we can't depend on them right now.

    The log file for ESET can be found in %userprofile%\AppData\Local\Temp\log.txt
    You can post what it's done so far.

    Malwarebytes Antimalware (MBAM for short) log files are in the program in the HISTORY section; select Application logs on the left, then double-click the SCAN LOG from today and select EXPORT.
      My ComputerSystem Spec
  4.    14 Aug 2016 #34
    Join Date : Apr 2015
    Posts : 12,588
    W10Prox64

    Quote Originally Posted by myrnsterMash View Post
    I made sure "rootkits" was checked and covered all drives. What am I missing?

    Thanks
    Not missing anything - that's correct. Hope you're feeling better.
      My ComputerSystem Spec
  5.    15 Aug 2016 #35
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    Bad news, but Malwarebytes will fix it, right? I have not done anything, but take a snapshot:

    Click image for larger version. 

Name:	ScreenHunter_01 Aug. 15 07.06.gif 
Views:	2 
Size:	20.4 KB 
ID:	96283

    I assume "Remove Selected" is the correct choice, here.
      My ComputerSystem Spec
  6.    15 Aug 2016 #36
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    Mbam Log


    Here is today's Mbam log (heavy sigh):

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 8/14/2016
    Scan Time: 6:56 PM
    Logfile: Mbam log 8-15-16.txt
    Administrator: Yes

    Version: 2.2.1.1043
    Malware Database: v2016.08.15.01
    Rootkit Database: v2016.08.09.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x86
    File System: NTFS
    User: MyrnaZ

    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 650015
    Time Elapsed: 5 hr, 2 min, 45 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 1
    Trojan.Poweliks.B, HKU\S-1-5-21-2048041476-2006749296-819459500-1035_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}, Quarantined, [baa397b466340a2c842de121ed13966a],

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 0
    (No malicious items detected)

    Physical Sectors: 0
    (No malicious items detected)


    (end)

    No need to keep these quarantined, right? I should delete?
    Click image for larger version. 

Name:	ScreenHunter_04 Aug. 15 08.07.gif 
Views:	3 
Size:	12.8 KB 
ID:	96290
    Last edited by myrnsterMash; 15 Aug 2016 at 10:11. Reason: Additional info
      My ComputerSystem Spec
  7.    15 Aug 2016 #37
    Join Date : Oct 2013
    Penns Forrest
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3

    Quote Originally Posted by myrnsterMash View Post
    Here is today's Mbam log (heavy sigh):

    Registry Keys: 1
    Trojan.Poweliks.B, HKU\S-1-5-21-2048041476-2006749296-819459500-1035_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}, Quarantined, [baa397b466340a2c842de121ed13966a],


    No need to keep these quarantined, right? I should delete?
    Click image for larger version. 

Name:	ScreenHunter_04 Aug. 15 08.07.gif 
Views:	3 
Size:	12.8 KB 
ID:	96290
    Yes, remove both entires from quarantine. They don't pose any threat there, but why have them on your system, eh?

    Run one more scan please

    Kaspersky TDSSKiller: Detect / Repair TDSS Rookits - Windows 7 Help Forums

    Note: Tick Loaded modules last.
    When this option is selected, a dialog window requests a restart to load a specialized monitor.
    Press OK to restart your machine and load the driver - answer yes to the allow prompt after the machine restarts.
      My ComputerSystem Spec
  8.    15 Aug 2016 #38
    Join Date : Apr 2015
    Posts : 12,588
    W10Prox64

    Hi.
    Sorry for the delay, as I have been busy cleaning out an infected laptop this morning...

    Poweliks is a very tricky infection, as it leaves no trace of it's infection anywhere except in some registry keys. It also brings in other infections. You can read more on it here:

    logo-symantec-dark-source

    Trojan.Poweliks | Symantec

    Although MBAM is very good, and indeed identified what we're dealing with, I would like you to also follow the instructions here at Bleeping Computer, to make absolutely sure this infection is eradicated.
    How to remove the Poweliks Trojan (Removal Guide)
    Last edited by simrick; 15 Aug 2016 at 23:30.
      My ComputerSystem Spec
  9.    15 Aug 2016 #39
    Join Date : Aug 2016
    So. CA
    Posts : 60
    Windows 10 32-bit x 64 processor
    Thread Starter

    The download is under "Reimage" compatible with my pc....when I clicked your link and then Kapersky download.
    http://www.reimageplus.com/lp/sqh/in...keyword=direct

    I am a pain, but trying to do things right. This is so ridiculous, but whatever "flips their switch," meaning those behind this dooky. I can imagine the theories of conspiracy are endless, or the discussions being endless, anyway...such as mine, here.

    I am not going to second guess my better judgement, so I shall proceed. You do not want me bugging you endlessly like....ummm (I will not finish that sentence for fear of offending any, many, or all persons). Fill in the blank however fits best for you. Oh, by the way I could not find the log for ESET, so? Here goes....
      My ComputerSystem Spec
  10.    15 Aug 2016 #40
    Join Date : Oct 2013
    Penns Forrest
    Posts : 3,506
    Win_8.1-Pro, Win_10.1607-Pro, Mint_17.3

    Quote Originally Posted by myrnsterMash View Post
    The download is under "Reimage" compatible with my pc....when I clicked your link and then Kapersky download.
    http://www.reimageplus.com/lp/sqh/in...keyword=direct

    I am a pain, but trying to do things right. This is so ridiculous, but whatever "flips their switch," meaning those behind this dooky. I can imagine the theories of conspiracy are endless, or the discussions being endless, anyway...such as mine, here.

    I am not going to second guess my better judgement, so I shall proceed. You do not want me bugging you endlessly like....ummm (I will not finish that sentence for fear of offending any, many, or all persons). Fill in the blank however fits best for you. Oh, by the way I could not find the log for ESET, so? Here goes....
    Oh .... you just got bit by the ad bug on SevenForums.

    If you're not logged on - you see adverts. Reimage must be one of those ads.

    Do NOT download anything that isn't part of the tutorial
    TDSSkiller
    Virustotal uploader

    are the only two things off the top of my head that you are directed to download.

    Glad you asked - not a PIAn at all.


    simrick pointed you to a specific removal tool for the detected malware. Run simrick's suggestion first

    In the Bleeping Computer guide, it asks you to run some of the same scans you already ran.
    Follow the guide step-by-step including the repeats - this makes sure no reinfection occurs
    simrick might tell you otherwise - I'll defer to her on that.

    , then run TDDSkiller, but ignore any downloads in the ads
      My ComputerSystem Spec

 
Page 4 of 14 FirstFirst ... 23456 ... LastLast


Similar Threads
Thread Forum
Make a drive ask for password before installing an application?
So, a little context: We have five public gaming computers wich is free to use. The computers are running a 120 GB SSD (C:) with windows 10 and a 2 TB HDD (D:) wich is primaly used for installing games. They are set up with noe administrator user...
User Accounts and Family Safety
Copy data files from a CDROM - access denied
I just upgraded to windows 10. I am trying to copy DATA files and folders from a DVD. This is not music, movies, or anything like that, these are data files I was able to access in prior versions of Windows 10 that I placed them on the DVD myself....
General Support
Solved Do I need to remove other non OS drive?
Hi, I'm pretty sure I'll be upgrading my desktop this week while I'm on vacation. I've done my laptop with no problems at all, it's a Dell Latitude E6400 with Win7 Pro bought refurbished from Newegg. The laptop was a mid 2008 model and W10 works...
Installation and Upgrade
Solved One Drive haters - here's how to remove One Drive from File explorer
Hi there Thanks to topgundcp here's how to remove One Drive from File explorer after a reboot. OneDrive Integration in Windows 8.1 - Enable or Disable 1.Win+R->gpedit.msc 2.Navigate to: Computer Configuration\Administrative...
Software and Apps
Solved How can I remove recent use application ?
As the topic sad how can I remove recent use application like this ? :( http://i.imgur.com/QxSBzLY.jpg
General Support
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 10:58.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums