Page 2 of 11 FirstFirst 1234 ... LastLast
  1.    01 May 2017 #11
    Join Date : Oct 2014
    In a house with a crazy cat trying to kill me
    Posts : 16,939
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition

    In addition to the suggested malware scanners, suggest you add TDSSKiller to the list to see if you have a rootkit present.

    Note   Note
    When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.


    Also it may help to go back to a restore point before the infection, provided this action isn't blocked. You may have to do this in safe mode if it is blocked in regular mode. Be sure to go 2 to 3 points back past the point of infection as malware can infect the 1st restore point so that the virus will reappear.

    Another scanner you could use would be Norton Power Eraser. Please read the tutorial if you opt to use this.

    Note   Note
    Norton Power Eraser uses aggressive methods to detect threats, and there is a risk that it can select some legitimate programs for removal. You should carefully review the scan results page before removing files.


    You also have the option of doing a refresh or a reset if the damage is too deep to restore normal operations.

    Be aware that if you do have a rootkit it will have to be cleaned before using refresh or reset. A rootkit is a hidden boot partition that hides at the end of the drive & boots up before the OS, thus taking control over it before it has a chance to boot. Hence the reason some infection keep coming back.

    Refresh Windows 10 - Windows 10 Installation Upgrade Tutorials

    Reset Windows 10 - Windows 10 Installation Upgrade Tutorials
      My ComputerSystem Spec
  2.    01 May 2017 #12
    Join Date : Oct 2014
    Posts : 2,457
    W10 Pro + W10 Preview

    A suggestion...open Task Manager, under Processes look for any abnormal or suspicious programmes running especially anything linking to the Trojan and click on End Task.....then repeat MBAM Anti-Root scan
      My ComputersSystem Spec
  3.    01 May 2017 #13

    Quote Originally Posted by dencal View Post
    A suggestion...open Task Manager, under Processes look for any abnormal or suspicious programmes running especially anything linking to the Trojan and click on End Task.....then repeat MBAM Anti-Root scan
    I've already done so and also ran rKill to take out any hidden tasks.

    Also, Do you want me to post the MBAR log files here? from both the first and 2nd time i ran it?
    Last edited by Vikdal; 01 May 2017 at 08:31.
      My ComputerSystem Spec
  4.    01 May 2017 #14

    Well, the computer does not seem to be having trouble by the trojan. The only problem is that i can't run the installer for neither MalwareBytes or ADWcleaner. I don't know if the trojan is still in my PC, but neither Zemana AntiMalware or MalwareBytes Anti-rootkit can find anything. Am i clear or do i need to keep on troubleshooting?
      My ComputerSystem Spec
  5.    01 May 2017 #15
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,897
    Windows 10 (Pro and Insider Pro)

    Quote Originally Posted by Vikdal View Post
    Well, the computer does not seem to be having trouble by the trojan. The only problem is that i can't run the installer for neither MalwareBytes or ADWcleaner. I don't know if the trojan is still in my PC, but neither Zemana AntiMalware or MalwareBytes Anti-rootkit can find anything. Am i clear or do i need to keep on troubleshooting?
    Not being able to run antimalware installer is not good! Can you post the message of prevented malwarebytes installation?

    I've reread you first post and would like to know:
    -what was original program you mentioned, that sent you online and caused install of malware (and that site location - if you remember)
    - can you translate that picture you posted in Norwegian to English. just beginning and the last words. I'm not sure that's the same as smartscreen...

    That would help to identify the real malware.
      My ComputerSystem Spec
  6.    01 May 2017 #16
    Join Date : Oct 2014
    Posts : 2,457
    W10 Pro + W10 Preview

    Try running Hitman Pro....its free for 30days

    Downloading HitmanPro
      My ComputersSystem Spec
  7.    01 May 2017 #17

    Hi, The original program that was installed and gave me the malware, i do not remember the name of, but what it did was downloading a html file, that then opened and sent me to another website where it downloaded a program that dissapered out of nowhere.

    The image i posted says that the "publisher" has been blocked from running the program aka installer on this computer.
    the rest of the "translation" is basicly. Navn = Name, Utgiver = Publisher, Type = type, Fra = Where and what file was trying to run.

    When trying to install ADWCleaner thought it says:

    This program has been blocked for your own safety. it then leads to say that a system administrator (me being the only) has blocked access to run this application. Contact the administrator for more information

    Mystery is: I am the only administrator and user on this computer
      My ComputerSystem Spec
  8.    01 May 2017 #18
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,897
    Windows 10 (Pro and Insider Pro)

    Quote Originally Posted by Vikdal View Post
    Hi, The original program that was installed and gave me the malware, i do not remember the name of, but what it did was downloading a html file, that then opened and sent me to another website where it downloaded a program that dissapered out of nowhere.

    The image i posted says that the "publisher" has been blocked from running the program aka installer on this computer.
    the rest of the "translation" is basicly. Navn = Name, Utgiver = Publisher, Type = type, Fra = Where and what file was trying to run.

    When trying to install ADWCleaner thought it says:

    This program has been blocked for your own safety. it then leads to say that a system administrator (me being the only) has blocked access to run this application. Contact the administrator for more information

    Mystery is: I am the only administrator and user on this computer
    You mentioned that administrator rights were removed?
    Post that file you mentioned. ADWcleaner would be more useful, but to no avail.
      My ComputerSystem Spec
  9.    01 May 2017 #19

    I do have Administrator rights to open other things, but i just don't have higher rights than this program that stops me from running the AWCleaner. What file are you talking about, the html? i would not recommend opening it then

    The picture i get when trying to run AWCleaner is difficult to get, but it looks similar to this.
    https://gyazo.com/da0bdcaa06859ee53507d99d316b8619
      My ComputerSystem Spec
  10.    01 May 2017 #20
    Join Date : Oct 2014
    Posts : 2,457
    W10 Pro + W10 Preview

    Have you tried running link on post #16.
    It does not install on your computer....its run from the cloud.
      My ComputersSystem Spec

 
Page 2 of 11 FirstFirst 1234 ... LastLast


Similar Threads
Thread Forum
Solved Trojan or not ?
Hi all, Not quite sure when this started but roughly somewhere around July I noticed a file called NTUSER.rhk that resides in "Users\My username". Googling for the .rhk file extension gave me a bit of a scare as most sites suggest this is...
AntiVirus, Firewalls and System Security
Solved Do I Have A Trojan?
Hello, First post here :) Lately my Windows Defender is finding a Trojan in the Recovery D (Trojan:Win32/Dynamer!ac) It only shows up after a full 3 hour search and not in the fast search A full search with Malwarebytes, Adware and Hitman...
AntiVirus, Firewalls and System Security
.ecc Extension: Trojan ? Can't Seem To Delete Them ? Help please
Hello, I received an eMail from a friend who said that any file with an .ecc extension is one of those Crypto ransom ware trojans. True ? My old PC7 PC was wiped out, literally, a few months ago, so I am literally paranoid about this.
AntiVirus, Firewalls and System Security
Solved Trojan Detected in OneDrive
The odd thing is I don't even use OneDrive except to automatically upload photos from my Android phone to my desktop; nothing has been detected on the phone. I've run another full scan with Bitdefender and Malwarebytes Anti-Malware (free) without...
AntiVirus, Firewalls and System Security
Trojan in My Registry
I have an older 15 inch HP with W10 that I recently updated. I have always had McAfee on the computer, it has never lapsed. I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup. When I recently bought a new printer...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 03:06.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums