Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Had a virus, removed it quickly, but a few things still aren't right.


  • This topic is locked This topic is locked
2 replies to this topic

#1 doubletrouble123

doubletrouble123

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:51 PM

Posted 01 July 2016 - 02:08 AM

Hi guys,

 

I was an idiot for 5 minutes and downloaded an .iso file from a sketchy website and then -without thinking- simply mounted/ran it. Instantly got a virus, the kind with constant pop-up ads, browser tabs opening, etc. I tried using windows defender, but the virus would close it immediately, so I had to be a little clever and boot into offline safe-mode to address this problem. I got it removed using malware-bytes and then I ran CCleaner, thinking that I had totally saved myself.

 

[Sorry I can't give you an exact name of the virus/file ... I simply got rid of it too quickly and have completely forgotten its origin.]

 

While the virus did definitely go away, upon a restart of my computer, I was greeted with a completely black screen after logging in. Startup would seem normal, the windows icon and loading screen stuff showed up, then the login screen, but right afterwards it was all blank.

 

So I googled what this problem could be, and figured out it [obviously] happened due to the virus and that running task manager and starting the process 'explorer.exe' would fix things. Sure enough, that worked.

 

OS: Windows 10 [64-bit]

500GB SSD Drive

16 GB RAM

GTX 970

i7-4770 @ 3.4 GHz

--------------------------------------------------------------------------------------------------------------------------

 

There are only 2 issues I still need resolved, and am eager for anyone's help.

 

(1) After booting up to the login screen and typing in my credentials, the loading time is abnormally long. Before the virus, I would type in my password and then BAM I would be at my desktop, but now it takes around 15-20 seconds.

(2) The second issue is I still get the black screen each time I log in. Running 'explorer.exe' works to fix this every time, but I would really like a permanent solution, because it is a bit tedious to have to do that every time. 

 

Other than that, I seem to have no other issues whatsoever. Everything apart from login works smoothly. 

 

Again, any help or advice is greatly appreciated. Thanks a lot  :thumbup2:

Attached Files


Edited by doubletrouble123, 01 July 2016 - 02:19 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:51 PM

Posted 05 July 2016 - 10:39 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] wscript,
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR Extension: (Chrome Web Store Payments) - C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
C:\Users\chuck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Task: {8F6C2929-EA11-4052-9226-E1D61855E945} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2015-08-10] (MSFree Inc.)
C:\ProgramData\KMSAutoS

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the log and let me know what problem persists.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,586 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:51 PM

Posted 11 July 2016 - 07:47 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users