Messages

1

General Computer Support / Re: Super malicious root kit virus Trojan.msil

« on: January 26, 2015, 06:54:58 pm »

Thank you guys, I will come back if I do have questions.

Nvm I guess I claimed victory too soon. Windows 8.1 asked if I wanted to start from the last saved configuration which was elrammstein system manufacturer(I built this pc) 01/14/2015. Is it possible that the corrupted registry was uploaded there as well?

Shane, how do I upload the registry log?just In case

Update: restarted the updates and they are loading now

System required restart, system is locked in restart pic attached

System restarted normally and installed updates

2

General Computer Support / Re: Super malicious root kit virus Trojan.msil

« on: January 25, 2015, 05:45:09 pm »

Let's see if a couple of commands will nail things down a bit more.

Boot up into Safe Mode with Networking and open Command Prompt (Admin) and enter dism /online /cleanup-image /checkhealth

That command will tell you if Windows is repairable.

Repeating the command and swapping /checkhealth for /scanhealth may show what is wrong.

Finally using the switch /restorehealth may fix what's wrong or you could run this first, but you may glean more info from the other two.

Depending upon what those commands give, enter sfc /scannow to see what that reports.

There are other options to a reinstall and they are Refresh or Reset.

As you now have an install USB, give the Refresh option a whirl if none of the above resolve, but if/when you're back up and running, create the Custom refresh image as this article advises.
http://www.davescomputertips.com/how-to-perform-a-windows-8-1-refresh/

Might be a bit too late for that I formatted the ssds for a clean install. Now I'm just trying to figure out how to convert them to GPT.

3

General Computer Support / Re: Super malicious root kit virus Trojan.msil

« on: January 25, 2015, 10:41:06 am »

Attempted to run windows defender offline beta, I received an error message. My windows is corrupted I'm assuming so I'll attend a fresh install.

Update downloaded the win 8.1 media file to a usb. My win 8.1 was a download so I don't have a disk.

Here are the results.

4

General Computer Support / Re: Super malicious root kit virus Trojan.msil

« on: January 24, 2015, 12:36:39 am »

Update: ran explorer thru command run command, I then had 2 explorer.exe I ended the task of one and now I have my desktop back.

I know Shane is prob with his fam, do u guys have any suggestions? What kind of system diagnostic can I provide?

I am still having the same symptoms as before :/

5

General Computer Support / Re: Super malicious root kit virus Trojan.msil

« on: January 24, 2015, 12:26:50 am »

Hi, elram,
                     Immediate reply would give you quick solution. For shanes 16th dated post, your interim reply in 24th.

Srry I have been moving and busy at work.

6

General Computer Support / Super malicious root kit virus Trojan.msil

« on: January 14, 2015, 10:30:01 pm »

I recently started noticing my PC not having access to control panel options, such as security, windows update trouble shooter, and most of the control panel options. The system would not shut down, I left it on for 24 hours once before I manually shut it down by holding the power cord.


Fixing the issue :
In safe mode
I ran malwarebyte root beta, the program only found one file a .jpg file with Trojan.passwords.msil which I cleaned up. Assuming my system was clean I proceeded to do a normal boot and log in. Turns out I was wrong, removing the Trojan and booting in normal now only returned a black screen with my cursor on it. After some researched I read that Ctrl alt del would still work, so I made it so that I could at least restart in safe mode.

I'm on 2 small solid state drives so there is no chance I can start in safe mode by pressing the f8 key

I ran tweaking.com windows repair and everything seemed ok it went thru the entire process, however, I am receiving the black screen with only a cursor and Ctrl alt del capability.

I'll try to post my specs if I can get a follow up

Pls note I wrote this on an iPhone so spelling might be off