Jump to content

DOS/Rovnix.gen!A


Recommended Posts

Hello,

They call me TwinHeadedEagle around here, and I'll be working with you.

Before we start please read and note the following:

icon_arrow.gif Limit your internet access to posting here, some infections just wait to steal typed-in passwords.

icon_arrow.gif Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.

icon_arrow.gif Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.

icon_arrow.gif Do not paste the logs in your posts, attachments make my work easier. There is a Attach Files option below which you can use to attach your reports. Always attach reports from all tools.

icon_arrow.gif Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.

icon_arrow.gif Note that we may live in totally different time zones, what may cause some delays between answers.

icon_arrow.gif Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.

icon_arrow.gif If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

icon_idea.gif I can't foresee everything, so if anything unexpected happens, please stop and inform me!

icon_idea.gif There are no silly questions. Never be afraid to ask if in doubt!

Please download Farbar Recovery Scan Tool (FRST_canned.png) by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.

Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

I would like you to first run MalwareBytes

 

 

We'll search for some remnants that might be hiding.
 
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Install the progam and select update
 
  • Once it has updated select Settings > Detection and Protection >Tick Scan for rootkits

MBAMsettings.JPG

 
  • Go back to the Dashboard and select Scan Now

MBAMScan.JPG

 
  • If threats are detected, click the Apply Actions button, MBAM will ask for a reboot

MBAMReboot.JPG

  
  • On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop.

MBAMLog.JPG

 
 
Please post that log for my review.
Link to post
Share on other sites

I'm posting this from my phone. I ran the scan as you instructed and just before it was finished the program froze.

I shut down the computer and rebooted it. I received a System Shutdown message. I don't remember exactly what it said. Something about a "DCOM server process error and the computer will have to restart". The computer shuts down and when it restarts I get the same message again

Link to post
Share on other sites

I'm using my phone to post. I attached the images using the attached file button. Did you see them?

I just tried another full scan and am attaching an image of Review Detections. If you don't think we can resolve this let me know so I can take a different approach. Thanks.

Link to post
Share on other sites

I was able to log on to the internet. Malwarebytes is still freezing up when I perform a full scan but I was able to do a Hyper Scan. I'm attaching that log and some screen shots of the Quarantine History and the Review Detected Items on the freeze.

 

Do you have any ideas as to why the program is freezing before it finishes the full scan?

 

If you don't think we're going to be able to remove the Rovnix Malware and the other malware, please let me know right away. Thanks.

 

 

 

 

hyper scan.txt

post-169130-0-75354500-1406248102_thumb.

post-169130-0-31863700-1406248116_thumb.

post-169130-0-23869500-1406248131_thumb.

Link to post
Share on other sites

I know what is going on, you have severe infections present.



Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

 

 

When you finish type the following in the edit box after "Search:"
 

rpcss.dll

Click Search File(s) button and post the log (Search.txt) it makes to your reply.

Link to post
Share on other sites

I appreciate that you're trying to help but we are't getting anywhere.

I have the premium version and I've posted that it's freezing during the full scan. Can you put me in contact with the people I bought the Premium Version from so they cyan help with the freezing issue and help me remove the malware?

Link to post
Share on other sites

  • Root Admin

Hello Tom

 

My name is Ron Lewis and I will assist you with your issue and see if we can get it resolved.  Please run the FRST program again and post back new logs.

Make sure you place a check mark in the ADDITIONS.TXT check box to get a new log for that as well.

 

Thank you

Link to post
Share on other sites

  • Root Admin

The infection you have is probably causing difficulty for the computer to keep running but assuming that MBAM took out something that made it worse we'll go back in time.
 
Please review the following website which will show you how to restore the sytsem back using a Restore Point.
You will probably need to use Option 2 since the computer is shutting down on you.
How to Do a System Restore in Windows 7
 
 

http://www.sevenforums.com/tutorials/700-system-restore.html
 
Then see if you can start in Normal Mode and if so try posting back the original logs from MBAM.
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.