Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I don't know if the virus is still on my computer


  • Please log in to reply
8 replies to this topic

#1 Endermental

Endermental

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 AM

Posted 24 July 2017 - 05:29 PM

A few months ago I got a virus that prevented Windows 10 from booting and also prevented me from using windows recover environment (it just showed a black screen instead of going to windows RE). I thought that I had fixed it by just reinstalling windows without cleaning both my hard drive and my SSD. My computer then did the same thing about 2 weeks later. I then used the clean command in diskpart and reinstalled windows 10. After I had reinstalled Windows 10, I found that windows update was saying that updates were failing and that I needed to try again later. I finally managed to get it to the latest version of Windows 10 by downloading and installing it from online. I am now paranoid that the virus still exists on my drives and I would like to know if that is possible and how to make sure that it isn't there. I have been using Kaspersky, Malwarebytes, CCleaner, Adwcleaner, RKill, and KVRT. They all have said that everything is safe but I am still very paranoid. Thanks!



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,309 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:48 AM

Posted 24 July 2017 - 06:40 PM

Welcome to BC...

 

I doubt the problem was malware. Malware purveyors are looking to profit either from using your computer in a botnet, gleaning financial info from your computer,

using your computer to serve spam, ransom ware or place popup ads and other ads...sometimes unseen but clicked on in the background. There wouldn't be

any profit in preventing your computer from booting up.

 

Visit the Windows 10 Forum and see all of the problems users are asking for help in.

 

cw_2015_05_klossner_windows10_onetimeuse


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Endermental

Endermental
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 AM

Posted 24 July 2017 - 06:47 PM

When I first encountered the virus, Kaspersky had told me that there were malicious files and in a panic I restarted the computer and it was unable to boot up again. Also I forgot to post the report from RKill:

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 07/24/2017 07:44:15 PM in x64 mode.
Windows Version: Windows 10 Home 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * DcpSvc [Missing Service]
 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]
 
 * agp440 [Missing ImagePath]
 
 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * RetailDemo => %SystemRoot%\System32\svchost.exe -k rdxgroup [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
 
 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 07/24/2017 07:44:19 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
 
I see that it says that there are some incorrect or missing things. Is this a problem?


#4 Endermental

Endermental
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 AM

Posted 24 July 2017 - 07:08 PM

Welcome to BC...

 

I doubt the problem was malware. Malware purveyors are looking to profit either from using your computer in a botnet, gleaning financial info from your computer,

using your computer to serve spam, ransom ware or place popup ads and other ads...sometimes unseen but clicked on in the background. There wouldn't be

any profit in preventing your computer from booting up.

 

Visit the Windows 10 Forum and see all of the problems users are asking for help in.

 

cw_2015_05_klossner_windows10_onetimeuse

When I first encountered the virus, Kaspersky had told me that there were malicious files and in a panic I restarted the computer and it was unable to boot up again. Also I forgot to post the report from RKill:

 

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 07/24/2017 07:44:15 PM in x64 mode.
Windows Version: Windows 10 Home 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * DcpSvc [Missing Service]
 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]
 
 * agp440 [Missing ImagePath]
 
 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * RetailDemo => %SystemRoot%\System32\svchost.exe -k rdxgroup [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
 
 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 07/24/2017 07:44:19 PM
Execution time: 0 hours(s), 0 minute(s), and 4 seconds(s)
 
I see that it says that there are some incorrect or missing things. Is this a problem?


#5 buddy215

buddy215

  • Moderator
  • 13,309 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:48 AM

Posted 24 July 2017 - 07:57 PM

....is that a problem...no, not a problem...see that a lot in RKill logs.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 Endermental

Endermental
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 AM

Posted 24 July 2017 - 07:58 PM

....is that a problem...no, not a problem...see that a lot in RKill logs.

 

Ok thanks! Do you know why the OS wouldn't boot or why I couldn't update windows 10 using the install disc that I had? Also, is it possible for the virus to have survived the cleaning using diskpart and could it have gotten onto the disc or BIOS?

 

When I first encountered the virus, Kaspersky had told me that there were malicious files and in a panic I restarted the computer and it was unable to boot up again

 

Do you think that the virus still exists on the system or am I in the clear?

 

It has also been almost 2 months since the last time that I had to reinstall the OS


Edited by Endermental, 24 July 2017 - 09:35 PM.


#7 buddy215

buddy215

  • Moderator
  • 13,309 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:48 AM

Posted 25 July 2017 - 04:55 AM

No, I would be guessing as to the cause of the problems. It's possible Kaspersky removed some files that it shouldn't have.

99.99% of malware is removed/ killed by just reformatting hdd and reinstalling the OS on the same hdd.

 

If you are not experiencing any malware or adware symptoms then your computer is okay.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 Endermental

Endermental
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 AM

Posted 25 July 2017 - 12:16 PM

No, I would be guessing as to the cause of the problems. It's possible Kaspersky removed some files that it shouldn't have.

99.99% of malware is removed/ killed by just reformatting hdd and reinstalling the OS on the same hdd.

 

If you are not experiencing any malware or adware symptoms then your computer is okay.

 

Alright. Thank you!



#9 buddy215

buddy215

  • Moderator
  • 13,309 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:48 AM

Posted 25 July 2017 - 01:54 PM

You're welcome....happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users