Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[HELP] Random WEIRD names appears on my windows directory


  • This topic is locked This topic is locked
5 replies to this topic

#1 Shnxxx

Shnxxx

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 19 February 2018 - 05:45 PM

I just reformatted my LAPTOP because it is slowing down and ALSO because of some weird file names appears on my windows directory. It just happen when I was exploring my laptop and noticed them on my windows directory and somewhat bothered me and after few more days they are expanding so I decided to reformat my laptop.

 

What I just did after reformat was :

  • Installed firstly Avast as my anti-virus and Malwarebytes for further protection.
    •   Scanned my whole PC after installing them. And decided to perform full scan again every after installations.
  • Installed .NET Frameworks from Microsoft and all vcredist.
  • Installed MS Office 2016
  • And other programs (Potplayer [Media player], Sublime [Text Editor], Chrome, qBittorrent)

 

At first they were not there but now, they are appearing again like mushrooms and expanding.

 

Here they are: 

image.png

 

 

*.ini* files contains almost identical texts :

  • 3lpy35e76blo1bok3bo61hep7nyx1pin
  • 3yqv3z8r62w61rv730zw1u2679zl1y6f
  • 3mj13yy86ktv1spp34go1aav73h514td
  • 3lin39yk6uip1nnz3cwm10sj7ntr13uo
  • etc...

 

I experience:

  • High CPU usage
  • High Memory usage
  • My PC slows down

 



BC AdBot (Login to Remove)

 


#2 Shnxxx

Shnxxx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 20 February 2018 - 01:03 AM

bump



#3 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:32 PM

Posted 20 February 2018 - 08:51 PM

Hi adanish,

I'm afraid I've got bad news for you. It seems that you were hit with a file infector. Notably this one: https://en.wikipedia.org/wiki/Sality

With this particular infection the safest solution and only sure way to remove it effectively is to Clear all partitions of you computer,  reformat and reinstall the OS.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

This is what security expert miekiemoes has to say: Virut and other File infectors - Throwing in the Towel?

This is what Jesper M. Johansson at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

 

There is nothing we can do to completely remove this virus.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#4 Shnxxx

Shnxxx
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:08:32 AM

Posted 21 February 2018 - 09:26 PM

Hi adanish,

I'm afraid I've got bad news for you. It seems that you were hit with a file infector. Notably this one: https://en.wikipedia.org/wiki/Sality

With this particular infection the safest solution and only sure way to remove it effectively is to Clear all partitions of you computer,  reformat and reinstall the OS.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

This is what security expert miekiemoes has to say: Virut and other File infectors - Throwing in the Towel?

This is what Jesper M. Johansson at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

 

There is nothing we can do to completely remove this virus.

 

That was I thought too before posting here but I was hoping if there is any way to remove it manually. Is there really no other way than wiping the whole drive?



#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:32 PM

Posted 21 February 2018 - 10:35 PM

That was I thought too before posting here but I was hoping if there is any way to remove it manually. Is there really no other way than wiping the whole drive?

 

 

There is no other way. The entire drive must be cleared and proceed with a reinstall. A Factory Reset will not do as the files may be infected. A clean install is what is call for.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,635 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:07:32 PM

Posted 25 February 2018 - 10:26 PM

In view of the type of infection, i am closing this topic.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users