Author Topic: Is AIO windows repair capable of  (Read 3734 times)

0 Members and 1 Guest are viewing this topic.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Is AIO windows repair capable of
« on: January 05, 2018, 10:59:10 AM »
removing the virus, specifically the vmx client virus?


I have used most all of the virus programs and  when you go into task manager there are two client applications are running.  ou can not end task with either.

Thank you

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #1 on: January 05, 2018, 01:34:24 PM »
No, AIO can only repair infection damage to services after the infection has been removed.

Which antimalware scanners have you used ?

I have a lot of faith in the free version of MBAM and the ESET Free Online Scanner.

I'd advise downloading and running both of these programs in Safe Mode with Networking.

For the free version of MBAM, click on Scan in the left pane then click on Custom/Configure Scan, check the box for C: and the one for rootkits and then Scan.

https://www.malwarebytes.com/mwb-download/

For the free ESET scanner, click on the left Scan Now button then on the top button to Enable detection of potentially unwanted applications.

Click on Advanced Settings and check all boxes except the bottom one for proxy settings.

https://www.eset.com/us/home/online-scanner/

I'd run one then the other for good measure, but each will take some time to complete.
Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #2 on: January 05, 2018, 02:01:53 PM »
I will try Eset.  I believe it is a rootkit problem. I tried a lot of them from bleeping computer. There have been many that are getting this.
I have tried Farbar and it tells me stuff but  the trick to learn is to interpret the the stuff to make a fixit txt.  I tried Malaware rootkit fix but I did not get it repaired.
I will report back  to you. Tell Shane to work on an automatic interpreter of the frst log files.  That would be a big winner.

Thanks

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #3 on: January 05, 2018, 02:16:12 PM »
There are other forums with dedicated malware experts you should go to if ESET doesn't find and remove it.

Did you use the rootkit option in MBAM ?

http://www.techsupportforum.com/forums/f50/new-instructions-read-this-before-posting-for-malware-removal-help-305963.html and www.sysnative.com forum

If you need open a thread on either of these forums, but not both, let the helper know which scan tools you have used so they aren't duplicating what you have already tried.

Malware removal is a specialised subject and is best done by people who have studied it over years.
Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #4 on: January 05, 2018, 03:09:26 PM »
Yes I did have the root kit option ticked on MBAM.
I am sure that Shane could look at the frst txt and come up with a few recommendations.
I will probably be on bleepings forums shortly but I am going to back the laptop up one more time before I try myself with some silver bullets.
 
One of the problems is with an extension called city page today.  It is a redirect. ESET is about 70% done and has found 2 infected files.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #5 on: January 06, 2018, 12:22:36 AM »
If you still have problems then download and run AdwCleaner - it's particularly good at getting rid of PuPs.

https://www.malwarebytes.com/adwcleaner/

Click on Scan and it may list programs in the lower pane it considers as PuPs - just untick any you want to keep.

When it has finished its scan, click on Log File to see what else it has found then close the log and click on Cleaning.

It will produce another log after the reboot which will list what it has removed.

There is another powerful antimalware/virus removal tool but it's quite aggressive and has been known to remove legit programs.

This is the Norton Power Eraser - https://us.norton.com/support/tools/npe.html

However, I would prefer Kaspersky Rescue Disk over that which you boot up with, but you would get more expert help from dedicated forums.

https://support.kaspersky.co.uk/4162

Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #6 on: January 06, 2018, 12:33:07 AM »
ESET found another 24 files which I promptly deleted and it took a LONG TIME after it got to 70%.  It seemed it was doing a very thorough scan.
But after it rebooted the two vmxclient applications were still there.
I will look at the Kaspersky rescue disk and report back.
Thank you

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #7 on: January 06, 2018, 12:42:15 AM »
On Googling for that application, it appears to be adware which I would first give AdwCleaner a run as antimalware scanners may not detect it as a threat, which is why they can get past your antivirus programs.
Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #8 on: January 06, 2018, 01:20:06 AM »
If you go to bleeping forums and search for vmxclient you will see many recent incidents.

I only see a success with a user from Boston.  What this does is change the search to bing.  It also through another variant shut down most virus programs.
I have tried ad aware cleaner with no success. It originally appeared with current radio music playing and no application running. I believe one of the many virus programs run killed that problem.  It is getting better and better so all of the many scans are taking away more of the  problems BUT  the double client applications continue to run. I may note it is on a ASUS with Intel processor and was originally a Windows 8 laptop which I hated and did a Acronis restore from an Acer windows 7(this one) to Windows 7.  It was very, very difficult and time consuming and has been running great until 12/23 at 3AM.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #9 on: January 06, 2018, 01:30:10 AM »
Well if Kaspersky doesn't get rid of or find it then I'd go to one of those forums I've suggested.
Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #10 on: January 06, 2018, 11:17:46 AM »
Okay, another problem.  I just made two Kaspersky live repair dvds.  I tried it on this laptop and it booted into the menu and after making some selections said in about 22 hours it will be completed.

I canceled out of it in about 20 minutes and said I better leave this alone because this is working properly. So I go to my ASUS model x551ma  and try it out..  It did not go into the menu but came up with 8 errors one of which was no terminal access and 7 other errors. I knew the dyd worked in this windows 7 OS and I believe this virus is that good that it saw Kaspersky and it said NO.
It will boot up an Ubuntu dvd and a windows RE  dvd but not Kaspersky.

I tried the same dvd in a windows 8 AND a windows 10 laptop and after doing the bios change it works with both of those. I said to myself I have 2 usb ports on this laptop so I will make a Kaspersky live for usb. The darn thing does not have usb option in the boot menu.

Suggestions please?

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #11 on: January 06, 2018, 03:05:09 PM »
Some older machines don't have the option to boot from USB.

Can you Ethernet connect and try the Kaspersky disk again.

I can only assume that no terminal access meant that it was unable to phone home to update its definitions.

If that doesn't work then you can Ethernet connect another machine to the affected one and use the Internet connection from that one.

https://www.wikihow.com/Connect-Two-Computers-Together-with-an-Ethernet-Cable

You may not need a cross over cable.

Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #12 on: January 06, 2018, 03:14:27 PM »
I  GOOGLED  the  first line of the error list and it said I had a hardware VGA card that was not agreeable to the Kaspersky program.  I then followed the hints, directions of others and it is running presently. It will run all day and I will report back on Sunday.

Thank you

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #13 on: January 06, 2018, 03:17:07 PM »
That's good news.
Tom.

Offline em17976

  • Jr. Member
  • **
  • Join Date: Sep 2014
  • Posts: 60
  • Karma: 0
    • View Profile
Re: Is AIO windows repair capable of
« Reply #14 on: January 08, 2018, 03:32:38 AM »
After about 40 hours of scanning and dying @99% of the scan the score is vmxclient 1 and Kaspersky 0.


I just tried to do a registry restore with your ver. 5.3 Reg backup and at the end it failed saying 11 of 12 files were restored.
Where do I find the log file and will it tell me which file failed. 
By the way I am reporting this ON the infected laptop.

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 9086
  • Location: UK
  • Karma: 117
    • View Profile
Re: Is AIO windows repair capable of
« Reply #15 on: January 08, 2018, 04:41:34 AM »
I don't use the stand alone reg back up but the one within Windows Repair and it only has 11 boxes and I don't think it has that sort of log, but Event Viewer may have something recorded.

Goggle is awash with methods of getting rid of vmxclient but I would advise going to one of those websites for specialized malware removal.
Tom.