Trojan, Trojan.Generic?

Page 6 of 11 FirstFirst ... 45678 ... LastLast

  1. Posts : 16,325
    W10Prox64
       #51

    Vikdal said:
    Hi and thanks for the guide.

    However, there are two problems with this thought. First of all AdwCleaner has been blocked by a administrator (i am the only one). The other problem is that roguekiller does not aloud to change these settings in their free version. Malwarebytes can neither run.
    No problem. Please uninstall WinZip Registry Optimizer. Then, go ahead and run RogueKiller again. This time I'd like you to delete everything it finds. The only possibly legit program it's flagging is WinZip Registry Optimizer, and you really shouldn't be using that anyway (it will cause more problems than it will help). However, if this program was a torrent, then it is suspect. Everything torrented is suspect. Torrents are nothing but problems nowadays.

    Vikdal said:
    Hi!, yes I have tried renaming both applications. Also here is the logs from the programs I was able to run.Attachment 133582 Attachment 133583 Attachment 133584

    EDIT: And to run Chameleon I would need a internet connection, and as far as I have seen this would let the trojan download more viruses/adwares.

    And if Chameleon does not help, I would then have all the adwares that the trojan downloaded still on the PC :/
    Vikdal said:
    I followed the guide from word to word untill I got to ADwcleaner.

    EDIT: I almost forgot, the MCafee app and no IOBits were on the system. Sorry for forgetting this.
    Okay thanks.

    Chrome is completely gone, right?
    Did you find ESEADriver2 in Device Manager or no?
    Were you able to run FIX in the FRST tool?

    What I'm seeing are browser hijackers/redirectors, a trojan and rootkit. Nothing that warrants a clean install at this point, as long as we can get control over the system. Malwarebytes will get rid of most of this - that's why it's being prevented from running. So, we're going to run it outside the operating system:

    Go to a clean PC and download Kyhi's custom rescue environment.
    Windows 10 Recovery Tools - Bootable Rescue Disk - - Windows 10 Forums
    Save the ISO to the desktop of the clean PC. Right-click the ISO and select MOUNT or OPEN WITH WINDOWS EXPLORER. This will mount the ISO and assign a drive letter to it.
    Copy all the files inside the ISO over to a clean flash drive.

    Boot the infected system to the flash drive.
    Use the included network connection utility to get it online, if necessary.
    (no worries going online with this, as your OS is dormant at this point.)

    Open up Malwarebytes, update the definitions, select full scan of OS drive, and select to scan for rootkits.
    Open the scan log and post it here on the thread before you leave the rescue environment.
      My Computer


  2. Posts : 250
    Windows 10
    Thread Starter
       #52

    I uninstalled WinZip? :/, Also that EseaDriver was not found. I searched around could not find it. Google was completely uninstalled, but there was an error in the middle of removing it. Not sure what it is, but after 10min Chrome was gone. The one log in the FRST shows the "fix" and yes, i was able to run it.the ISO right now.
      My Computer


  3. Posts : 16,325
    W10Prox64
       #53

    Vikdal said:
    I uninstalled WinZip? :/, Also that EseaDriver was not found. I searched around could not find it. Google was completely uninstalled, but there was an error in the middle of removing it. Not sure what it is, but after 10min Chrome was gone. The one log in the FRST shows the "fix" and yes, i was able to run it.the ISO right now.
    Okay thank you.
      My Computer


  4. Posts : 250
    Windows 10
    Thread Starter
       #54

    So there is no problem using the internet connection while still booting that Rescue?

    Also, You want me to not leave the recovery while you're checking the logs?
      My Computer


  5. Posts : 16,325
    W10Prox64
       #55

    Vikdal said:
    So there is no problem using the internet connection while still booting that Rescue?
    Nope, no problem using internet while in the rescue environment. Your OS (Operating System) is not running, so the infections are dormant and can be removed.
      My Computer


  6. Posts : 250
    Windows 10
    Thread Starter
       #56

    Okay:) Going to boot it up now
      My Computer


  7. Posts : 16,325
    W10Prox64
       #57

    Vikdal said:
    So there is no problem using the internet connection while still booting that Rescue?

    Also, You want me to not leave the recovery while you're checking the logs?
    That's not necessary, but you may want to run a second Malwarebytes scan after the first; only because sometimes, some things need to be removed so others can be found.

    You may want to run Ccleaner on your browsers and remove everything (not sure how well this works in the rescue environment, as I've never tried that one personally).

    But I think you can go ahead and leave the rescue environment when you are finished, and then go back to my instructions post and try to run the scans again, in the order I suggested.

    You can find all the programs here, in X:, when you've booted to the rescue environment:

    Trojan, Trojan.Generic?-image.png
      My Computer


  8. Posts : 16,325
    W10Prox64
       #58

    Vikdal said:
    Okay:) Going to boot it up now
    Just to be clear, I only suggested you post the Malwarebytes log while in the recovery environment, because you will lose it after leaving the recovery environment. It's also possible to create a folder on the flash drive and save it there.
      My Computer


  9. Posts : 250
    Windows 10
    Thread Starter
       #59

    It seems like it is not letting me boot into the drive. I boot the Flash Drive on the PC, but nothing special happens. It just runs Windows as usual and all files starts and loads in as usual? Is it supposed to do this?
      My Computer


  10. Posts : 16,325
    W10Prox64
       #60

    Vikdal said:
    It seems like it is not letting me boot into the drive. I boot the Flash Drive on the PC, but nothing special happens. It just runs Windows as usual and all files starts and loads in as usual? Is it supposed to do this?
    Usually there is a special key you can press as soon as you turn the system on (like F12, or Esc - it depends on the system manufacturer), and it will pause the boot process and give you a menu to select what media you want to boot from. For instance, for some Dell and HP models, you can press Esc (Escape key), and the boot menu comes up before Windows loads. There you have a selection of Windows Boot Manager (which is your normal OS), USB drive, optical drive, network, etc... Sometimes you have to start tapping this key as soon as you turn the system on, and keep tapping it until the one-time-boot-menu appears.

    Kyhi's rescue environment is like a mini-W10, but you'll see the desktop looks different.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 00:12.
Find Us




Windows 10 Forums