Login
▼
Register
Home
Help
Search
Login
Register
Adlice.com
Adlice forum
»
General Category
»
Malware removal help
»
infected. no boot to cd ,usb or recovery mode.
« previous
next »
Print
Pages: [
1
]
2
Author
Topic: infected. no boot to cd ,usb or recovery mode. (Read 18221 times)
0 Members and 4 Guests are viewing this topic.
May 16, 2018, 01:33:50 PM
DMG49
Newbie
Offline
12
Reputation:
0
infected. no boot to cd ,usb or recovery mode.
«
on:
May 16, 2018, 01:33:50 PM »
I downloaded something that my antivirus cannot remove. I have tried different anti virus removal programs and rescue disks but virus remains. Any help or suggestions would be great. Thank You.
Logged
Reply #1
May 17, 2018, 04:27:29 PM
Curson
Global Moderator
Hero Member
Offline
2809
Reputation:
100
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #1 on:
May 17, 2018, 04:27:29 PM »
Hi DBG49,
Welcome to Adlice.com Forum.
What makes you think your system is infected ? Could you please attach RogueKiller full scan report with your next reply ?
Regards.
Logged
Reply #2
May 20, 2018, 02:32:55 AM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #2 on:
May 20, 2018, 02:32:55 AM »
web pages get redirected most times. I lose Internet connection very often. I get popup ads on desktop. Kaspersky warned me that a program was using my laptop camera. I have run multiply anti virus programs (including rogue killer) many times trying to get rid of the infection. most of it is gone but not all. I am not able to run Kaspersky rescue disk from cd or usb because the virus has blocked booting from cd or usb. I can not even run the reimaging software on my computer.
Here is the roguekiller text file.
RogueKiller V12.12.17.0 (x64) [May 14 2018] (Free) by Adlice Software
mail :
http://www.adlice.com/contact/
Feedback :
https://forum.adlice.com
Website :
http://www.adlice.com/download/roguekiller/
Blog :
http://www.adlice.com
Operating System : Windows 10 (10.0.16299) 64 bits version
Started in : Normal mode
User : David [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Scan -- Date : 05/19/2018 08:28:48 (Duration : 00:22:02)
¤¤¤ Processes : 2 ¤¤¤
[VT.Detected] Receivers.exe(7172) -- C:\Program Files (x86)\Gerdes\Receivers.exe[-] -> Found
[VT.Detected] Receivers.exe(6820) -- C:\Program Files (x86)\Gerdes\Receivers.exe[-] -> Found
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 1 ¤¤¤
[PUP.Firefox][File] C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\j5tnosjs.default\Invalidprefs.js -> Found
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Micron_1100_MTFDDAK512TBN +++++
--- User ---
[MBR] 7f949192c851047c6f5a8a9079563995
[BSP] 62c2b6e0a7f01dca0381e5fd05a1b615 : Empty|VT.Unknown MBR Code
Partition table:
0 - EFI system partition | Offset (sectors): 2048 | Size: 260 MB
1 - Microsoft reserved partition | Offset (sectors): 534528 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 567296 | Size: 387251 MB
3 - [SYSTEM] | Offset (sectors): 998459392 | Size: 857 MB
4 - | Offset (sectors): 793659392 | Size: 91924 MB
5 - | Offset (sectors): 981919744 | Size: 8076 MB
User = LL1 ... OK
User = LL2 ... OK
Logged
Reply #3
May 20, 2018, 04:41:08 PM
Curson
Global Moderator
Hero Member
Offline
2809
Reputation:
100
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #3 on:
May 20, 2018, 04:41:08 PM »
Hi DMG49,
Please download
Farbar Recovery Scan Tool (x64)
and save it to your Desktop.
Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click
Yes
to disclaimer.
Press
Scan
button.
It will produce a log called
FRST.txt
in the same directory the tool is run from.
Please attach log back here.
The first time the tool is run it generates another log (
Addition.txt
- also located in the same directory as FRST.exe). Please also attach that along with the FRST.txt into your reply.
Do not copy pas the report directy in your message, please use the "Attach" feature under "Attachments and other options".
Regards.
Logged
Reply #4
May 21, 2018, 04:05:51 AM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #4 on:
May 21, 2018, 04:05:51 AM »
Here are the two files.
Logged
Reply #5
May 21, 2018, 06:09:12 PM
Curson
Global Moderator
Hero Member
Offline
2809
Reputation:
100
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #5 on:
May 21, 2018, 06:09:12 PM »
Hi DMG49,
Your system is very infected. Please make sure to save all your personal data before following the process below.
Download attached
fixlist.txt
file and save it to the Desktop.
NOTE.
It's important that both files,
FRST
and
fixlist.txt
are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !
Run
FRST
and press the
Fix
button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.
How is your computer running ?
Regards.
Logged
Reply #6
May 21, 2018, 09:42:43 PM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #6 on:
May 21, 2018, 09:42:43 PM »
Hi Thanks for helping. I downloaded fixlist.txt and ran frst and it gernerated an empty fixlog.txt file. If I open fixlist.txt on the infected computer the file appears blank but if i open fixlist.txt on a noninfected computer then i can see whats in the file. also fixlist.txt is removed from the desktop after i run frst. Here is the fixlog.txt file. I see no differance.
Logged
Reply #7
May 21, 2018, 11:57:40 PM
Curson
Global Moderator
Hero Member
Offline
2809
Reputation:
100
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #7 on:
May 21, 2018, 11:57:40 PM »
Hi DMG49,
The malware denied access to the fixlist.txt file
Please follow the instruction in
shadowwar post
and attach MBAR log with your next reply.
Regards.
Logged
Reply #8
May 22, 2018, 02:01:54 AM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #8 on:
May 22, 2018, 02:01:54 AM »
The computer already seems better. Thank You. Here are the log files.
Logged
Reply #9
May 22, 2018, 02:30:12 AM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #9 on:
May 22, 2018, 02:30:12 AM »
Still infected. Kaspersky still detecting virus'. Malwarebytes ran once but will not start again. Here is the malwarebytes log file before i clicked clean.
Logged
Reply #10
May 22, 2018, 02:50:56 AM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #10 on:
May 22, 2018, 02:50:56 AM »
Latest kaspersky log.
Logged
Reply #11
May 22, 2018, 03:20:08 AM
Curson
Global Moderator
Hero Member
Offline
2809
Reputation:
100
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #11 on:
May 22, 2018, 03:20:08 AM »
Hi DMG49,
The malware is still here.
We need to use Windows Recovery Environment to get rid it of it
On a clean machine, please download
Farbar Recovery Scan Tool
and save it to a flash drive. Do the same with the attached fixlist.txt file.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Note
: You need to download the version compatible with your machine i.e. 32-bit or 64-bit.
Plug the flashdrive into the infected PC.
Enter
System Recovery Environment Command Prompt
:
Instructions for Windows 10
Instructions for Windows 8
Instructions for Windows 7
Once in the Command Prompt:
Run
FRST/FRST64
located on your flashdrive and press the
Fix
button just once and wait.
The tool will generate a log on the flashdrive (
Fixlog.txt
) please post it with your reply.
Please then generate a fresh FRST report on normal mode and attach it as well.
Regards.
«
Last Edit: May 22, 2018, 03:22:52 AM by Curson
»
Logged
Reply #12
May 22, 2018, 12:04:10 PM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #12 on:
May 22, 2018, 12:04:10 PM »
here is the log file from the command prompt. frst_cmd.txt
here is the log file from normal boot mode. frst.txt
Logged
Reply #13
May 22, 2018, 02:44:14 PM
Curson
Global Moderator
Hero Member
Offline
2809
Reputation:
100
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #13 on:
May 22, 2018, 02:44:14 PM »
Hi DMG49,
Your forgot to attach the fixlog.txt file that should be on your flashdrive. Please attach it with your next reply.
There is some leftovers but the main infection is gone.
Download attached
fixlist.txt
file and save it to the Desktop.
NOTE.
It's important that both files,
FRST
and
fixlist.txt
are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system !
Run
FRST
and press the
Fix
button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please attach it to your reply.
How is your computer running ?
Regards.
Logged
Reply #14
May 22, 2018, 04:06:04 PM
DMG49
Newbie
Offline
12
Reputation:
0
Re: infected. no boot to cd ,usb or recovery mode.
«
Reply #14 on:
May 22, 2018, 04:06:04 PM »
here is fixlog from flashdrive.
Logged
Print
Pages: [
1
]
2
« previous
next »
Adlice forum
»
General Category
»
Malware removal help
»
infected. no boot to cd ,usb or recovery mode.