Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Definite infection, seeking help


  • Please log in to reply
3 replies to this topic

#1 jdprebe7

jdprebe7

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 24 September 2017 - 03:52 AM

I stupidly managed to get a virus downloading something I thought was safe, and now I'm stuck with the consequences. This is my first time dealing with one, so I'm not sure how to deal with it anymore than I already have. I've tracked down as many files as I could, going through the random processes running on my task manager that aren't supposed to be there and tracking their file locations and deleting them, however there are a couple of locked folders containing more files that I can't get to. I've tried resources like FileAssassin and RKill, but they won't delete the files and RKill isn't even detecting the malware to stop it. My PC is virtually unusable at the moment, as my CPU usage stays at at least constantly due to the malware processes (it was at 100% but I brought it down through deleting as many files as possible). I've tried multiple ways of accessing those locked folders, but nothing has worked. I've went into the security tab and tried to change the ownership/permissions, and I've even went into the registry and edited the values to give myself a "take ownership" option, yet nothing would work.

I know this probably isn't the most technologically in-tune post, but like I said, this is my first (and hopefully last) rodeo with a virus. Please ask any questions necessary so I can elaborate and help you understand my problem.

Edited by Platypus, 24 September 2017 - 04:19 AM.
Moved from Logs forum, no logs posted. Deleted duplicate.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:00 AM

Posted 24 September 2017 - 07:39 AM

"Object is locked skipped", "File locked", "Locked file. Not tested", "file cannot be accessed, "Access Denied", "Some files could not be scanned", "file could not be opened", "Error Opening", "unable to open", "Password Protected" or "Encrypted" notations in an anti-virus/anti-malware scan are not uncommon. Some files and services are locked by the operating system or running programs during use for protection, so security scanners may encounter problems attempting to access them. Other legitimate files, especially those used by security programs, may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access as a protective measure. When the scanner finds such an object, it makes a note and then just skips to the next one. That explains why it may show with such notations but no action taken in certain anti-virus or anti-malware log scan reports. These are normal when using security scanning programs so there is seldom a need for concern.Note: It is also not unusual for an anti-virus or anti-malware scanner to have problems with or be suspicious of compressed, archived, .cab, .rar, .jar, .iso, and packed files because they have difficulty reading what is inside them. These kind of files often trigger alerts by security software using heuristic detection because they are resistant to scanning (difficult to read). This resistance may also result in some scanners to stall (hang) on these particular types of files or just ignore (skip) them.

Usually when a computer is infected with malware there most likely will be obvious indications (signs of infection and malware symptoms) that something is wrong.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 jdprebe7

jdprebe7
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 24 September 2017 - 12:19 PM

Sorry, I should've added a bit more detail. There are two folders which have time stamps of precisely the time I downloaded the virus, and there are processes which run that are traced back to one of them, yet when I try to delete them I get the "Access Denied" message. It won't let me search or run anything close to malware removal software, and closes my connection when I try to, and I get numerous pop ups in my browser on startup. Also, there is now something at the bottom right of my screen that says "Windows 7 Build 7601 This Copy of Windows is not Genuine." Which I have never seen before.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,613 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:00 AM

Posted 24 September 2017 - 02:00 PM

If you want a comprehensive look at your system for possible malware by our experts, there are advanced tools which can be used to investigate but they are not permitted in this forum. Please follow the instructions in the Malware Removal and Log Section Preparation Guide. When you have done that, start a new topic and post your logs in the Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team. If you choose to post a log, please reply back in this thread with a link to the new topic.

If you choose to post a log, please reply back in this thread with a link to the new topic.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users