Hijack.folderoptions won't remove.
Posted 23 May 2016 - 09:53 PM
Posted 23 May 2016 - 10:31 PM
Posted 24 May 2016 - 07:19 AM
Posted 24 May 2016 - 07:27 AM
ESET found something hiding in the RECYCLE bin on D. Merge the the last pol.reg again (the one from http://www.geekstogo...e/#entry2563384) Reboot and then see if MBAM is still finding it.
Posted 24 May 2016 - 08:09 AM
It seems to be gone, and after looking thru the EST scan that file in recycle bin "Enigma protector" I stopped using a few months back, I was using it to protect my cheats from anti-cheats on some games I played. I'm going to wait till tomorrow to for sure say its gone as in the past it seemed fixed and after the next night it was detected again.
Posted 25 May 2016 - 07:06 AM
Checked today and it's still there, is there anything else we can attempt?
Posted 25 May 2016 - 07:45 AM
Posted 25 May 2016 - 09:11 AM
Posted 26 May 2016 - 06:54 PM
Sorry for the delay. Was on a trip and the hotel's WiFi was broken
I'm wondering if one of the scheduled tasks is at fault. They look OK but could be bad. Search for scheduler. It should find Task Scheduler. Click on it and hit Enter. Click on Task Scheduler Library and look in the right pane. For each task you see, right click on it and disable. Close Task Scheduler. Merge the last pol.reg. Then reboot. See if the problem comes back. If it does then the tasks are not at fault and can be enabled the same way.
Some time you need to step out of windows to find a culprit. You can try running a scan from a bootable CD like AVG's Rescue Disk:
Another possibility if we can't find the cause would be to prevent it from making changes by going into the Registry and changing the permission so no one can write to the 3 registry keys. These are not keys that need to change so it should work without impacting normal operations.
Posted 27 May 2016 - 01:40 PM
After disabling those tasks it seems to be gone, but once again I'm going to wait until tomorrow morning to be safe because it seems like after every night the 3 files show back up.
Posted 27 May 2016 - 05:26 PM
It's also possible that some program you run may bring them back so keep track of what programs you run,
Posted 27 May 2016 - 09:00 PM
Programs I run throughout the day are steam games, chrome, and sometimes adobe premiere/photoshop, OBS for streaming (which I dont run EVERY day), and gyazo for screenshots. Some of those I dont use everyday.
Posted 28 May 2016 - 12:16 PM
I didn't restart my PC just to be safe, but some time inebetween 2AM and 5AM, because when I woke up at 5 I had the malware warning.
Posted 28 May 2016 - 04:54 PM
Copy the next line:
DISM /Online /Cleanup-Image /RestoreHealth
Open an elevated command prompt as before.
Right click and Paste (or Edit then Paste) and the copied line will appear. Hit Enter.
Once the prompt returnes:
Does this finish without complaint? If not copy the next two lines:
findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt notepad \windows\logs\cbs\junk.txt
Return to the elevated command prompt and paste it in as before. If notepad does not open hit Enter. Copy and paste the text to a Reply.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users