Page 8 of 11 FirstFirst ... 678910 ... LastLast
  1.    05 May 2017 #71
    Join Date : Apr 2015
    Posts : 12,840
    W10Prox64

    Quote Originally Posted by Vikdal View Post
    I don't know if this is a stupid question and confirms my stupidity. But, am i suppose to mount all files including the iso image? as the setting in rufus on your picture is an Iso Image
    No, not a stupid question at all.
    We are making the flash drive differently now, with RUFUS.

    So - run RUFUS with your KYHI flash drive plugged into the clean PC.
    Click on the ISO icon in RUFUS and navigate to the ISO that you downloaded - not a mounted version, just the ISO file. That's what RUFUS will use to create the flash drive and make it bootable for both MBR+UEFI.
    Click image for larger version. 

Name:	image.png 
Views:	19 
Size:	4.7 KB 
ID:	133617
      My ComputerSystem Spec
  2.    05 May 2017 #72
    Join Date : Apr 2015
    Posts : 12,840
    W10Prox64

    @Vikdal
    I have to leave for a while now. Is RUFUS working? You all set?
      My ComputerSystem Spec
  3.    05 May 2017 #73

    All set
      My ComputerSystem Spec
  4.    05 May 2017 #74
    Join Date : Apr 2015
    Posts : 12,840
    W10Prox64

    Quote Originally Posted by Vikdal View Post
    All set
    Super. Will check for your updates when I return.
      My ComputerSystem Spec
  5.    05 May 2017 #75
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,971
    Windows 10 (Pro and Insider Pro)

    Quote Originally Posted by simrick View Post
    Super. Will check for your updates when I return.
    I have to go for couple of hours too, will check back later.
      My ComputerSystem Spec
  6.    05 May 2017 #76

    Trojan, Trojan.Generic?


    I don't know If you're back. I'm running malwarebytes for the 2nd time, thing is the log files has been saved to log.txt and I can't seem to find It ://
    Last edited by Vikdal; 05 May 2017 at 16:35.
      My ComputerSystem Spec
  7.    05 May 2017 #77

    Okay, So I was not able to find the log file. I was able to save a result file before the log.txt was saved. I do not know if this will be helpfull. Also the 2nd scan with malwarebytes found nothing.Result Amalware.txt
      My ComputerSystem Spec
  8.    05 May 2017 #78
    Join Date : Feb 2017
    Home
    Posts : 480
    Windows 10 Home x64, V1709 (16299.64)

    You are making progress.
      My ComputersSystem Spec
  9.    05 May 2017 #79
    Join Date : Apr 2015
    Posts : 12,840
    W10Prox64

    Quote Originally Posted by Vikdal View Post
    Okay, So I was not able to find the log file. I was able to save a result file before the log.txt was saved. I do not know if this will be helpfull. Also the 2nd scan with malwarebytes found nothing.Result Amalware.txt
    Hi.
    It appears the rootkit box was not selected:
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
    The rootkit is what makes the infection come back over and over again.

    Scan>Custom Scan>Configure Scan

    Click image for larger version. 

Name:	image.png 
Views:	2 
Size:	40.4 KB 
ID:	133686


    Click image for larger version. 

Name:	image.png 
Views:	18 
Size:	17.3 KB 
ID:	133687

    Can you please run it once more, in the Kyhi environment, and see if it finds anything with rootkits selected? Is so, please post the log of what it found and cleaned.

    After that, boot into your normal OS, and run RogueKiller once more. Post the log if it found anything else.

    Look here (showing hidden files) and make sure these are gone:
    \Users\Janisin\AppData\Local\SANARE\ (Sanare folder should be gone)
    \Program Files (x86)\MIO\ (MIO folder should be gone)
    \Program Files (x86)\Aripgharisose\ (Aripgharisose folder shoulf be gone)
    \Windows\System32\Tasks\Windows-PG (Leave the Tasks folder there, but make sure the Windows-PG task is gone)

    Try ADWCleaner again now. Post the cleaning log: C:\AdwCleaner\AdwCleaner[C1].txt or C2 or C3, whichever is most recent.

    If you still can not run ADWCleaner at this point, then try running Malwarebytes again. If it is working now, please take the system online and update the definitions. Run the full scan, make sure to include rootkits, and scan all drives. Or, try the Chameleon version as suggested by Borg.
    Trojan, Trojan.Generic? - Page 5 - - Windows 10 Forums

    If these still will not run, please try the Sophos tool (I think you still have that on your system).
    Stay online to update the definitions and run the tool.
    Note: If threats are found it may stop scanning and ask you to remove the threats. This is because further scanning could allow the infection to spread.

    I will not be available tomorrow morning through mid-day (my time).
    Assuming you're successful with the above, I will give next steps, and perhaps if @AndreTen or @Borg 386 are around, they can answer any questions you may have:

    (This assumes all remaining browsers have been reset and data is backed up, as I posted earlier)

    1. ESET Online Scan
    Free Virus Scan | Online Virus Scan from ESET ESET
    Select Scan Now, download the scanner and run. Please post log if anything is found.

    2. Open an admin Command Prompt or admin PowerShell and enter
    Code:
    sfc /scannow
    The result should be "no integrity violations found". If anything else, please run again (up to 3 times).

    3. Select Properties of your C drive, then Tools, then Check the Disk for Errors.

    4. Download the latest Windows 10 ISO from Microsoft to prepare for a repair install using an in-place upgrade.
    Download Windows 10 ISO File - Windows 10 Installation Upgrade Tutorials

    Here's the tutorial for the in-place repair:
    Repair Install Windows 10 with an In-place Upgrade - Windows 10 Installation Upgrade Tutorials

    Be sure to download the same edition as what is on the system. You can use the Media Creation Tool, and select to Create installation media for another PC. This will give you an ISO file.

    Click image for larger version. 

Name:	image.png 
Views:	18 
Size:	13.5 KB 
ID:	133693


    Download the ISO, mount it and run setup.exe.

    Any questions, please ask.

    (If we still have permissions issues after all these steps, we can try Tweaking.com to fix that.)
      My ComputerSystem Spec
  10.    06 May 2017 #80
    Join Date : Feb 2016
    Maribor, Slovenia
    Posts : 8,971
    Windows 10 (Pro and Insider Pro)

    Sound like a good plan and should bring you back to working system.
      My ComputerSystem Spec

 
Page 8 of 11 FirstFirst ... 678910 ... LastLast


Similar Threads
Thread Forum
Solved Trojan or not ?
Hi all, Not quite sure when this started but roughly somewhere around July I noticed a file called NTUSER.rhk that resides in "Users\My username". Googling for the .rhk file extension gave me a bit of a scare as most sites suggest this is...
AntiVirus, Firewalls and System Security
Solved Do I Have A Trojan?
Hello, First post here :) Lately my Windows Defender is finding a Trojan in the Recovery D (Trojan:Win32/Dynamer!ac) It only shows up after a full 3 hour search and not in the fast search A full search with Malwarebytes, Adware and Hitman...
AntiVirus, Firewalls and System Security
.ecc Extension: Trojan ? Can't Seem To Delete Them ? Help please
Hello, I received an eMail from a friend who said that any file with an .ecc extension is one of those Crypto ransom ware trojans. True ? My old PC7 PC was wiped out, literally, a few months ago, so I am literally paranoid about this.
AntiVirus, Firewalls and System Security
Solved Trojan Detected in OneDrive
The odd thing is I don't even use OneDrive except to automatically upload photos from my Android phone to my desktop; nothing has been detected on the phone. I've run another full scan with Bitdefender and Malwarebytes Anti-Malware (free) without...
AntiVirus, Firewalls and System Security
Trojan in My Registry
I have an older 15 inch HP with W10 that I recently updated. I have always had McAfee on the computer, it has never lapsed. I have also run Spybot, Malwarebytes, Google Ghostery and ABP Adblock Popup. When I recently bought a new printer...
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 13:49.
Find Us
Twitter Facebook Google+ Ten Forums iOS App Ten Forums Android App



Windows 10 Forums