Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible infection, re-installing windows while not getting re-infected?


  • Please log in to reply
2 replies to this topic

#1 askingalot

askingalot

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 14 December 2017 - 07:55 AM

Hi Guys,

 

I am not sure in which part of the forum to post this but this seemed like the best place, hope that is okay. I am having a bit of trouble with my pc, my knowledge is very limited so I wanted to ask for some advice here. My laptop (running windows 10) behaves strangely and I got multiple pop-ups from my antivirus (ESET) without finding the actual problem (even with tech support). On top of this programs are sometimes crashing. I will give the list of problems below but let me start with that I am planning to do a windows re-install as my pc already is slow. With this procedure, I hope to get my laptop a bit faster and that will hopefully cure the possible "infection" problem also. The question for me is now if it is necessary to check whether I am infected or that the problem will go away with re-installing windows (which I assume). Besides that, I do not want to get re-infected when I copy files back to my laptop from the back-up. As said, I am not experienced so I do not know where the problems may lie. Below I will give the kind of problems I have now, maybe that helps.

 

It started with a pop-up of a port-scan a few months ago. After that a weird ad was blocked repeatedly (when only Hotmail was open). The ad did not concern me much but when I later got a little pop-up window saying something like "server is busy", I clicked on OK figuring it was one of my programs having problems to connect to the server. Immediately afterwards I realized I had never seen such a pop-up, making me suspicious. Besides that, programs started crashing the last few months, windows updates get installed and the laptop asks for an update immediately after not seeming to have installed the last. A few weird pop-ups about a cache poisoning and some other messages blocking websites/incoming traffic made me inclined to post a message here. It could be that this are all non-correlated events but I wanted to be sure and check here. I became a bit paranoid about something possibly wanting to break in or some weird virus.

 

As said I am planning to re-install windows. First, I will make a back-up. I will re-install all programs by hand I will only copy some files back (most is on Dropbox). I will keep the back-up for a few weeks in case I forget something. I am changing security software also in the process, I bought Norton for the coming year as it had better results in some tests I had seen. I will scan the back-up hard drive before copying my files back (maybe in some sort of quarantine mode?). Is this enough or should I take extra precautions like checking before re-installing or other steps in the re-installing process?

 

I hope you can help!



BC AdBot (Login to Remove)

 


#2 askingalot

askingalot
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:34 PM

Posted 19 December 2017 - 04:52 PM

Maybe text was to long, I'll try to be shorter in my update here.

 

I tried re-installing Windows with partial success, some parts couldn't be deleted as my laptop told me. More important: today I was on my phone searching for an extra cloudservice and also reading about Apple's virus protection. Not 15 minutes later I got a phishing e-mail from "Apple" saying I bought a cloudservice. I never left my e-mail or anything when browsing so now I am afraid they have (more) personal data as this is to much of a coincidence to me. That I was on my phone and not on my laptop makes me think that I maybe infected my laptop with my phone via files or connection via USB. I am highly confused and do not know what to do as I need at least my phone tomorrow. Can anyone help?

 

Edit: That it came from my Android phone could make sense as I had trouble with that as well for a while. Still unlikely to me but how else would the searchhistory be coupled to my e-mail?
 


Edited by askingalot, 19 December 2017 - 05:00 PM.


#3 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:02:34 AM

Posted 21 December 2017 - 06:58 AM

G'day,

 

 

I'd say that your post has been overlooked as you posted more than once in your own topic. In this forum we generally look for posts with no replies, which generally means they have had no assistance. Please bear that in mind for future reference. Better to EDIT your original post until someone helps you.

 

I need to advise you that I am a Standard Member, like you. I am NOT a Trained Malware Removal Expert. If anything I suggest concerns you, please contact me or a Moderator before actioning it. I have been working on and with computers since the 1970s.

 

I know you said you were running ESET Antivirus, but please do the following to start:

 

 

Let's start relatively simply.....

 

 

 

Download a copy of a program called RKill (Courtesy of Grinler at Bleeping Computer) which is available at the links below:

(This program attempts to stop any running malware processes so other tools may function efficiently, plus a few other things.)

 

Save it to your Desktop so you can easily locate it.

 

(If one won't run, download the other. Malware sometimes recognises RKill.exe and tries to interfere with it.)

 

 

RKill.exe                              <<== Try this first.

 

RKill as iExplore.exe         <<== Try this one if option one doesn't work.

 

  • Right Click RKill and Select "Run As Administrator."
  • Soon after a Black Box will appear while RKill Runs. (This is normal. RKill may appear to hang. It's just working.)
  • When RKill has finished it will Open a Report in Notepad.
  • RKill will also save a copy of its log to your Desktop called "RKill.log"
  • After RKill has run successfully Don't Restart your computer until the other tool(s) have run.
  • Please Copy and Paste the contents of the Report into your Next Reply.
  • If the RKill will not run in Normal Windows Mode, Restart in Safe Mode and Repeat the above Steps.

 

NOTES:

 

Please Ignore any warnings from about RKill containing Viruses or Trojans etc. If necessary, shut down or temporarily disable your Antivirus while RKill runs. Don't forget to Re-enable your Anti-Virus once RKill completes, unless I ask otherwise.

 

If RKill still won't run, please Post back here and advise me.(After trying both versions and Safe Mode.) Please note any Error messages or other useful information and Include it in your Reply.

 

 

Then.......

 

 

Download and run the ESET Free Online Virus Scanner from:  HERE

 

  • Turn off your antivirus program. See here how to do this.
  • Accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth Technology
    • Click on the Change button and select only Operating Memory, Autostart Locations and drive(s) C:\ D:\ etc., to be scanned
    • Click Start to begin the Scan.
  • The ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
  • Push the SAVE to TEXT FILE button and save the file to your desktop using a unique name, such as ESETScan+Date.txt. Include the contents of this report in your next reply.
  • CLEAN any THREATS found.
  • Click Back, then Finish to exit ESET Online Scanner.
  • ​Do NOT delete the ESET scanner at this stage please.

Please re-enable your antivirus when the scan is complete.

 

Let me know if you encounter any problems.

 

 

After you've finished the ESET Online scan:

  • Please ensure you've saved the Log File to your desktop.
  • Post the Log File contents in your Reply, assuming there was one.
  • Close down any other open programs.
  • Reboot.

 

​I'll look over your log file(s.)

 

Log back in to your thread for further instructions please.

 

We're in different time zones, so there may be a delay.

If I don't respond in 48 hours Please Personally Message Me.

If you don't hear back after 3 days, please post in the Topic at the "Top of the Am I Infected..." Forum.

 

I am a Volunteer and do my best to be here. This is sometimes interrupted by sleep, eating, outages.......

 

 

 

Cheers,

 

 

 

Kilt :thumbup2: 

 

 

:santa: I'd like to wish all Bleeping Computer Members a Very Merry Christmas and a Happy New Year! :santa:


Edited by Unworn_Kilt, 21 December 2017 - 08:04 AM.

PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users