kevinf80 Posted September 17, 2017 ID:1164359 Share Posted September 17, 2017 The problem seems to be the navigational address for MBAR is not recognised, hence it is not correct... Try this please: Run FRST one more time: Type the following in the edit box after "Search:". mbar.exe Click Search Files button and post the log (Search.txt) it makes to your reply. Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164360 Share Posted September 17, 2017 Search.txt Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164361 Share Posted September 17, 2017 FRST does not find MBAR.exe.... very strange, Can you move the folder MBAR to the root of C:\ drive. So its navigational address is C:\MBAR Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164362 Share Posted September 17, 2017 Search.txt Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164363 Share Posted September 17, 2017 Ok, open command prompt at admin level, use this command C:\mbar\mbar.exe /r Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164365 Share Posted September 17, 2017 Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164366 Share Posted September 17, 2017 (edited) That looks like you`ve entered C:\ at the prompt then hit enter, then you`ve entered mbar\mbar.exe /r and hit enter....... At the prompt C:\Windows\system32> add this C:\mbar\mbar.exe /r So you have C:\Windows\system32>C:\mbar\mbar.exe /r Then hit enter... Edited September 17, 2017 by kevinf80 Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164367 Share Posted September 17, 2017 Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164368 Share Posted September 17, 2017 This is sooooooo frustrating, Open MBAR folder, from the list inside open "Plugins" folder, inside that folder double click on "fixdamage.exe" does it run...? Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164369 Share Posted September 17, 2017 No I get the requested resource is in use.. Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164370 Share Posted September 17, 2017 See you can run frst fix... Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Cheers, Kevin.... fixlist.txt Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164371 Share Posted September 17, 2017 After the scan it prompted me to restart to run fix Fixlog.txt Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164372 Share Posted September 17, 2017 Again we have a protected driver that refuses to go.... C:\Windows\system32\drivers\rdpxaxnt.sys Can you open MBAR folder, double click on mbar.cmd will it run... Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164373 Share Posted September 17, 2017 Just got the DDA drivier issues, rebooted and then DDA driver not active Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164374 Share Posted September 17, 2017 Can you recall how to run frst fix from reovery environment... I`ve attached fixlist.txt fixlist.txt Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164375 Share Posted September 17, 2017 Yes mate I will give it a go now Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164376 Share Posted September 17, 2017 Hiya Mike I`ll have to see if the MBAR developers have any new ideas.... When you shifted the driver via recovery environment boot back to normal windows, now run the following: Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop Ensure to get the correct version for your system.... 32 Bit version:https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en 64 Bit version:https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window In the "Scan Type" window, select Quick Scan Perform a scan and Click Finish when the scan is done. Retrieve the MSRT log as follows, and post it in your next reply: 1) Select the Windows key and R key together to open the "Run" function 2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:notepad c:\windows\debug\mrt.log The log will include log details for each time MSRT has run, we only need the most recent log by date and time.... Next, Download RogueKiller and save it on your desktop, ensure to download correct version..RogueKiller (X86)RogueKiller (x64) Exit all running applications. Double-click on RogueKiller.exe to launch the tool. On its first execution, RogueKiller will disply the software license (EULA), click on "Accept" to continue. If RogueKiller is unable to load, do not hesitate to try launching it several times or rename it winlogon. Click "Start Scan" to begin the analysis. This may take some time. Once the scan is complete, click the "Open TXT" button to display the scan report. Copy/Paste it's content in your next reply. Do not use delete function, let me check the log first Thank you, Kevin... Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164377 Share Posted September 17, 2017 --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 07 11:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 07 11:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 07 16:26:45 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 07 16:26:47 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 07 21:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 07 21:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sat Sep 09 13:26:48 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sat Sep 09 13:26:50 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sat Sep 09 18:26:46 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sat Sep 09 18:26:49 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sun Sep 10 14:26:46 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 10 14:26:47 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Wed Sep 13 12:26:54 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 13 12:27:14 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Wed Sep 13 17:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 13 17:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 14 13:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 14 13:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 14 18:29:44 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 14 18:29:46 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 14 23:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 14 23:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sun Sep 17 11:26:46 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 17 11:26:47 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.52, September 2017 (build 5.52.14201.0) Started On Sun Sep 17 16:02:33 2017 Engine: 1.1.14104.0 Signatures: 1.251.334.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 17 16:04:30 2017 Return code: 0 (0x0) Just doing the Rkiller bit now Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164378 Share Posted September 17, 2017 did the frst fix via recovery environment work..? Go to go out very shortly back in couple hours... Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164386 Share Posted September 17, 2017 Yes it did and the RK is running at the moment and has found 1 malicious item will post results. You must be a Man U fan? Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164389 Share Posted September 17, 2017 RogueKiller V12.11.14.0 (x64) [Sep 11 2017] (Free) by Adlice Software mail : http://www.adlice.com/contact/ Feedback : https://forum.adlice.com Website : http://www.adlice.com/download/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 10 (10.0.14393) 64 bits version Started in : Normal mode User : Micke [Administrator] Started from : F:\Data\Desktop\RogueKiller_portable64.exe Mode : Scan -- Date : 09/17/2017 16:11:56 (Duration : 00:24:29) ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 1 ¤¤¤ [PUP.Gen0] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 1 ¤¤¤ [PUP.Firefox][File] C:\Users\Micke\AppData\Roaming\Mozilla\Firefox\Profiles\0knd2vyl.default\Invalidprefs.js -> Found ¤¤¤ WMI : 0 ¤¤¤ ¤¤¤ Hosts File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: TOSHIBA DT01ACA100 ATA Device +++++ --- User --- [MBR] 8dea710877d0ee5b7670aae5ef23bdf7 [BSP] 3e11e1b1b7ab42232287469017668fcb : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 353 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 724992 | Size: 953514 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Hitachi HDT725032VLA380 ATA Device +++++ --- User --- [MBR] 4011c0a5ed567fe86c5843739afe9027 [BSP] 552e39f1515461950109f1902f784cd3 : Linux MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 305143 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: SPCC Solid State Disk ATA Device +++++ --- User --- [MBR] 5f0b32fdb3f2dd5d6607a83a65eff48a [BSP] 59b3360ce20f297d8df377bbe300eab7 : Windows Vista/7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1026048 | Size: 142270 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] EXTEN (0x5) [VISIBLE] Offset (sectors): 292397054 | Size: 86164 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive3: Generic USB SD Reader +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive4: Generic USB CF Reader +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive5: Generic USB SM Reader +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive6: Generic USB MS Reader +++++ Error reading User MBR! ([15] The device is not ready. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive7: TOSHIBA TransMemory-Mx USB Device +++++ --- User --- [MBR] 5ae6b146dbf6dc83696452e553f21cac [BSP] a72014c15b73c44b25888a853448cf89 : Windows Vista/7/8|VT.Unknown MBR Code Partition table: 0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 2048 | Size: 29765 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive8: Seagate Expansion Desk SCSI Disk Device +++++ --- User --- [MBR] bf435562d8d999d7478dff581e774eb2 [BSP] 4e9a0c6ad21a057eb5c8a45d4a708ee9 : Empty MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1907728 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK Error reading LL2 MBR! ([1] Incorrect function. ) +++++ PhysicalDrive9: Kingston DataTraveler 3.0 USB Device +++++ --- User --- [MBR] 29eaf41ef2ed4fbf65e5633cefb07a3d [BSP] 68222adb6fcd440aed3a5e89de469e6c : Windows XP MBR Code Partition table: 0 - [ACTIVE] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8064 | Size: 14992 MB User = LL1 ... OK Error reading LL2 MBR! ([32] The request is not supported. ) This is the RKiller open txt report I didn't delete anything Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164407 Share Posted September 17, 2017 No not a Man United fan, had to pop through daughters to fix kitchen taps.... Can you run RK again but this time delete all found entries.... post that log, also log from frst fix.. Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164409 Share Posted September 17, 2017 FRST log is above Link to post Share on other sites More sharing options...
kevinf80 Posted September 17, 2017 ID:1164410 Share Posted September 17, 2017 I do not see it....? Link to post Share on other sites More sharing options...
Mikey1 Posted September 17, 2017 Author ID:1164411 Share Posted September 17, 2017 Members 78 posts Report post #126 Posted just now --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 07 11:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 07 11:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 07 16:26:45 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 07 16:26:47 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 07 21:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 07 21:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sat Sep 09 13:26:48 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sat Sep 09 13:26:50 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sat Sep 09 18:26:46 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sat Sep 09 18:26:49 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sun Sep 10 14:26:46 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 10 14:26:47 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Wed Sep 13 12:26:54 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 13 12:27:14 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Wed Sep 13 17:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Wed Sep 13 17:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 14 13:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 14 13:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 14 18:29:44 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 14 18:29:46 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Thu Sep 14 23:26:47 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Thu Sep 14 23:26:48 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.51, August 2017 (build 5.51.14100.0) Started On Sun Sep 17 11:26:46 2017 Engine: 1.1.14003.0 Signatures: 1.249.316.0 Run Mode: Preparing Heartbeat Telemetry Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 17 11:26:47 2017 Return code: 0 (0x0) --------------------------------------------------------------------------------------- Microsoft Windows Malicious Software Removal Tool v5.52, September 2017 (build 5.52.14201.0) Started On Sun Sep 17 16:02:33 2017 Engine: 1.1.14104.0 Signatures: 1.251.334.0 Run Mode: Interactive Graphical Mode Results Summary: ---------------- No infection found. Microsoft Windows Malicious Software Removal Tool Finished On Sun Sep 17 16:04:30 2017 Return code: 0 (0x0) Just doing the Rkiller bit now Quote Edit Link to post Share on other sites More sharing options...
Recommended Posts