Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need to know what step to do next regarding my severely infected computer


  • Please log in to reply
1 reply to this topic

#1 Judoyo13

Judoyo13

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:50 AM

Posted 15 August 2016 - 10:27 AM

Three nights ago, I was infected by a very malicious group of viruses, malware, adware, and ransomware. I made a misclick on a deceiving download and allowed the virus access to make changes to my computer. I spent about seven hours battling this virus. It locked me out of my proxy settings on all accounts. I changed assorted registry files as per instruction by many websites and nothing changed. I realize now that it may not have been wise to do that without specific instruction.  No proxy settings could be changed and thus i could not access the internet. It also disabled all of my antivirus software and downloaded quite an assortment of adware and deep rooted several viruses into my computer. Eventually I was able to reactivate windows defender and I installed malwarebytes from a flash drive after numerous times of being blocked from the installation process by this group of viruses. Windows defender came up with about 30 assorted files, some just PUP's, some serious malware, trojans, and hijack files. The malwarebytes came up with 650 assorted files, and right as the quarantined items were about to be deleted, I was forced out of my computer and was restarted. When I logged back in some sort of ransomware type window blocked me from even entering my desktop. No combination of assorted window closers, including task manager would work. Eventually after spamming several keys, I was able to get past it and went back into windows where I was able to continue my process of deleted malware files manually and with my 2 antivirus softwares. Eventually the viruses logged me out yet again and when I went back in through safe modes I was still locked out until I did it with networking, and I magically got past the ransomware. At that point I had memorized the specific file name. It was a "windows file" and was also called "clear lock". It took a bit of work to fully delete those files. It transferred over to other files and copied itself, but in the end, that ransomware was removed. After that was removed, I took my time and meticulously found a lot of the adware programs and deleted them and did several more scans amongst windows defender and malwarebytes. After this I was able to get my regular internet access back but still couldn't access some antivirus websites,  and the proxy settings were still all greyed out and inaccessible, so I knew it wasn't completely taken care of, but the majority of the problem was removed. After this I did some research into rootkits and how the virus can attach itself in deep files, so I ran malwarebytes rootkit antivirus several times, found about 15-25 of them I believe, including hijack files, and promptly deleted them. After the latest one, and several other antivirus scans that come up with 0 infected files, I found out that I could access my proxy settings were accessible again. I then ran one more malwarebytes scan, and found a couple of PUP  amonetize files in my driver files, so I still have concern that something still lingers in the depths of my computer. Based off of this information, I would appreciate having some input and advise and instruction on what to do from here. My MSI GE62 is very new. I have little to no important files or progress saved in its files, but also have a couple programs that came with the computer that I may not be able to get back after a hard reset. I am running windows 10 and have office 365, so I am worried that may be un-recoverable. I am leaving for my engineering university in 3 days, where my computer's files are extremely important to me, and if this possible lingering infection somehow sprouted up in the severity that it did the first time, I am afraid I could lose precious work. Is there any way for me to know if all the virus is gone, or at least gone enough to the point where it may not be a huge enough issue to warrant a factory restore/reset? 



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,204 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:50 AM

Posted 15 August 2016 - 07:24 PM

Welcome to BC.....

 

Start a new topic in the Malware Removal Forum by following the instructions below. It may take a few days for the

Malware Removal team to respond as the last time I looked they were very busy.

 

Please follow the instructions in the Malware Removal and Log Section Preparation Guide starting at Step 6.

  • If you cannot complete a step, then skip it and continue with the next.
  • In Step 6 there are instructions for downloading and running FRST which will create two logs.

When you have done that, post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team.

Start a new topic, give it a relevant title and post your log(s) along with a brief description of your problem, a summary of any anti-malware tools you have used and a summary of any steps that you have performed on your own. If you cannot produce any of the required logs...start the new topic anyway. Explain that you followed the Prep. Guide, were unable to create the logs, and describe what happened when you tried to create them. A member of the Malware Removal Team will walk you through, step by step, on how to clean your computer.

After doing this, please reply back in this thread with a link to the new topic so we can close this one.

 

DO NOT bump your new topic. Wait for a response from one of the Team Members.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users