|14 Dec 2014||#22|
This malware is a tough one. Your best bet may end up being a clean install, and that is something I recommend only in cases where hope does not appear to be a strategy.
You may want to think about it...
Are you running Malwarebytes Anti-Malware Free, or the Pro version?
In any event, please run the following programs, in the order presented: MBAM > RogueKiller > FRST and provide the four reports produced.
Open MBAM, click the Settings tab at the top, and, in the left column, select:
Detections and Protections
If not already checked, select: Scan for rootkits
Click the Scan tab at the top of the program window, and select: Threat Scan
Next, click: Scan Now
If you receive a message that updates are available, click: Update Now
At this point, the update is downloaded, installed, and the scan starts.
The scan may take some time to finish, so please be patient.
If potential threats are detected, select Quarantine All as the Action for all the listed items.
Next, click: Apply Actions
While still on the Scan tab, click the link for View detailed log
In the window that opens, click the Export button, select Text file (*.txt), and save the log to the Desktop.
Please post the MBAM report in your reply.
1. The log is automatically saved by MBAM and is also viewed by clicking:
History tab > Application Logs.
2. If MBAM encounters a file that is difficult to remove...
Click OK and allow MBAM to proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Next, please download RogueKiller:
Save to the Desktop
After closing all windows and browsers, right-click the downloaded RogueKiller file and select:
Run as Administrator
If your Antivirus program alerts you about the program, please allow it to run, or temporarily disable your AV.
Next, read and Accept the license terms.
At the program console, wait for the Prescan to finish. (Under Status, it says: Prescan finished)
When done, a report opens on the drive: RKreport.txt
Please provide the RKreport.txt (Mode: Scan) in your reply.
Last, please use the Farbar Recovery Scan Tool once agian.
At the program console, click on: Addition.txt
:ar When done, please post both reports (FRST.txt and Addition.txt), and let's see what they show.
|My System Specs|
|16 Dec 2014||#24|
If downloads are not allowed on Internet Explorer, re-enable them by going to: Tools > Internet Options > Security
In the Security tab, click on: Reset all areas to the default level
You should be able to download from IE.
Please do the following, and DO read the instructions carefully!
Trojan.Poweliks Removal Tool | Symantec
Download the Trojan.Poweliks Removal Tool to the Desktop.
FixPoweliks64.exe for 64-bit computers:
Close all the running programs/windows.
Double-click the FixPoweliks64.exe to start the tool.
Click to accept the EULA
Click Start for the tool to run.
When done, a message prompting you to check the results (FixPoweliks64.log) appears, click: OK
Restart the computer.
Please post the FixPoweliks64.log in your reply.
Right after you finish with the Poweliks Removal Tool, please run RogueKiller and perform a Scan as before.
Please run it from the Desktop.
Post its new RKreport.txt in your reply.
Next, please run FRST64. However, do not run it from H:\, also run it from the Desktop.
Also post the new FRST64.txt in your reply.
|My System Specs|
|16 Dec 2014||#25|
Let's use the following to make sure malware is not lurking in the Master Boot Record...
Select the .exe version
|My System Specs|
|18 Dec 2014||#27|
If that is the case, please do not use the instructions in Post #24 and 25.
In addition, you have requested and are accepting help here:
KeyHolder ransomware log - Virus, Trojan, Spyware, and Malware Removal Logs
There is no way I will offer any more help under these circumstances. It is like trying to drive two cars at the same time...a counterproductive endeavor.
|My System Specs|
|Similar help and support threads|
Extra help to block ransomware (no disk encryption unless keyboard OK)
The Sunday NY Times Week in Review (Jan 4, 2015) had an article about someone’s mother having to pay Bitcoin ransom in a ransom malware encryption attack. At home, what should I do to prevent a ransom encryption attack, in addition to Avast AV (on my home Win 7 Pro 64-bit and my home XP...
biggest encryption std to date+ most power encryption soft ?
biggest encryption std to date+ most power encryption soft ? nowadays I am so much excited about encryption after watching BlackHat 2013 videos and Def Con 19 ,20 can u help me to find out words most powerful encryption software and methods and where to learn it I think doing PHD in...
Trojan Ransomware Police Central e-crime Unit
hi we have had this issue with our computer where it was locked up by this virus at the time we did not know it was a virus and we paid the money , since then we have learned it was a scam and contacted the bank to cancel the card etc we have informed the bank and they have stopped the card but...
BitLocker Drive Encryption - Change Encryption Method and Cipher Strength
How to Change Windows 7 BitLocker Drive Encryption Method and Cipher Strength This will show you how to change the encryption algorithm and key cipher strength used by BitLocker to encrypt drives in Windows 7.BitLocker Drive Encryption supports 128-bit and 256-bit encryption keys. Longer...
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 21:29.