Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Having Trouble Removing Trojan Skeeyah.A!rfm


  • Please log in to reply
3 replies to this topic

#1 Faxed

Faxed

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 26 June 2017 - 10:07 AM

I began having my anti-virus and malware protection not being able to update. MalwareBytes could not even open which led me to run Microsoft Windows Malicious Software Removal Tool. It found Trojan Win32/Skeeyah.A!rfm which the tool removed but I am still having problems with Nod32 Antivirus and Superantispyware being able to update while Malwarebytes still cannot start. I tried using Malwarebytes Chameleon but none of the alt programs could start.

I ran Rkill in an attempt to get Malwarebytes to run but it didn't do the trick. I've also ran Junkware Removal Tool which I've attached the logs for.

Attached Files


Edited by hamluis, 26 June 2017 - 11:06 AM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:56 AM

Posted 27 June 2017 - 08:34 PM

Hello, have you run RKill and then MBAM immediately? No restart between.

Try booting to Safe Mode with Networking and run ESET's Online scan.

Scn your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Faxed

Faxed
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 13 July 2017 - 12:13 PM

I tried downloading ESET Online Scanner in windows safe mode with networking and the program is being blocked from opening. I tried re-downloading to desktop all three rkill programs. Every one except Rkill-unsigned was blocked which I renamed to something random. The renamed rkill-unassigned still does not start. 

 

I think the trojan has become worse and now other programs cannot start or are being blocked. I'm lost on how to combat this now or what to do. 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:56 AM

Posted 13 July 2017 - 01:33 PM

Ok yes Rkill sows issues that we need a deeper look to fix.. WE need a NEW topic.
 
Start at step 6...
 
 Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.

Edited by boopme, 13 July 2017 - 01:33 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users