No, not a stupid question at all.
We are making the flash drive differently now, with RUFUS.
So - run RUFUS with your KYHI flash drive plugged into the clean PC.
Click on the ISO icon in RUFUS and navigate to the ISO that you downloaded - not a mounted version, just the ISO file. That's what RUFUS will use to create the flash drive and make it bootable for both MBR+UEFI.
I don't know If you're back. I'm running malwarebytes for the 2nd time, thing is the log files has been saved to log.txt and I can't seem to find It ://
Last edited by Vikdal; 05 May 2017 at 16:35.
Okay, So I was not able to find the log file. I was able to save a result file before the log.txt was saved. I do not know if this will be helpfull. Also the 2nd scan with malwarebytes found nothing.Result Amalware.txt
Hi.
It appears the rootkit box was not selected:
The rootkit is what makes the infection come back over and over again.Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Scan>Custom Scan>Configure Scan
Can you please run it once more, in the Kyhi environment, and see if it finds anything with rootkits selected? Is so, please post the log of what it found and cleaned.
After that, boot into your normal OS, and run RogueKiller once more. Post the log if it found anything else.
Look here (showing hidden files) and make sure these are gone:\Users\Janisin\AppData\Local\SANARE\ (Sanare folder should be gone)
\Program Files (x86)\MIO\ (MIO folder should be gone)
\Program Files (x86)\Aripgharisose\ (Aripgharisose folder shoulf be gone)
\Windows\System32\Tasks\Windows-PG (Leave the Tasks folder there, but make sure the Windows-PG task is gone)
Try ADWCleaner again now. Post the cleaning log: C:\AdwCleaner\AdwCleaner[C1].txt or C2 or C3, whichever is most recent.
If you still can not run ADWCleaner at this point, then try running Malwarebytes again. If it is working now, please take the system online and update the definitions. Run the full scan, make sure to include rootkits, and scan all drives. Or, try the Chameleon version as suggested by Borg.
Trojan, Trojan.Generic? - Page 5 - - Windows 10 Forums
If these still will not run, please try the Sophos tool (I think you still have that on your system).
Stay online to update the definitions and run the tool.
Note: If threats are found it may stop scanning and ask you to remove the threats. This is because further scanning could allow the infection to spread.
I will not be available tomorrow morning through mid-day (my time).
Assuming you're successful with the above, I will give next steps, and perhaps if @AndreTen or @Borg 386 are around, they can answer any questions you may have:
(This assumes all remaining browsers have been reset and data is backed up, as I posted earlier)
1. ESET Online Scan
Free Virus Scan | Online Virus Scan from ESET ESET
Select Scan Now, download the scanner and run. Please post log if anything is found.
2. Open an admin Command Prompt or admin PowerShell and enter
The result should be "no integrity violations found". If anything else, please run again (up to 3 times).Code:sfc /scannow
3. Select Properties of your C drive, then Tools, then Check the Disk for Errors.
4. Download the latest Windows 10 ISO from Microsoft to prepare for a repair install using an in-place upgrade.
Download Windows 10 ISO File - Windows 10 Installation Upgrade Tutorials
Here's the tutorial for the in-place repair:
Repair Install Windows 10 with an In-place Upgrade - Windows 10 Installation Upgrade Tutorials
Be sure to download the same edition as what is on the system. You can use the Media Creation Tool, and select to Create installation media for another PC. This will give you an ISO file.
Download the ISO, mount it and run setup.exe.
Any questions, please ask.
(If we still have permissions issues after all these steps, we can try Tweaking.com to fix that.)
Quote
