[HELP] I think I'm infected with UNKNOWN malware/virus

Page 1 of 4 123 ... LastLast

  1. Shnxxx
    Posts : 53
    Windows 10 Pro 10586.494 v1511
       New #1

    [HELP] I think I'm infected with UNKNOWN malware/virus


    I have a newly bought laptop, an Acer Aspire E 15. What that lead me to think that I'm infected is because when I tried to visit my Windows folder (because I was searching for 'SystemApps' folder to disable Cortana) I saw random weird files with random names and all of the are 1KB only.
    [HELP] I think I'm infected with UNKNOWN malware/virus-capture-2.png

    I have not done anything yet. I have an Avast Free installed and a Norton pre-installed when I bought it.
    Please help me.

    NOTE:
    I don't want to reformat it, I was traumatized on windows update, I don't want to download updates that took 2 days making my laptop unusable because of resource hog of windows updates.

    EDIT:
    I tried to delete them and checked them every time if they will return and they did not so I stopped checking it but a little while ago, they appeared again.
      My Computers
    Quote Quote

  3. Clintlgm
    Posts : 1,099
    Win 10 pro Upgraded from 8.1
       New #2

    I would get rid of the Avast, keep the Norton and get Malwarebytes, Run full scans with both Norton and Malwarebytes. If you don't come up with anything don't worry about it. Pay for Malwarebytes so that it will run full time it great for malware and ransomware, I pay for Norton more because I always have, and it plays well with Malwarebytes Together and personal responsibility I feel pretty safe I take all the warning serious that both programs notify of and don't unblock them unless I am completely sure of the file or program.

    As far as all those files go just google them they could be tied to any program even maybe Avast.

    To Disable cortana Enable or Disable Cortana in Windows 10 Windows 10 Tutorials

    If your convinced your infected, and don't feel you can resolve yourself, Norton has pretty good tech support, I have no Idea if Avast does or not but since if you got a virus or malware using there product they would be the best ones to identify what you have and how to get rid of it.
      My Computers
    Quote Quote

  4. Bree
    Posts : 31,622
    10 Home x64 (22H2) (10 Pro on 2nd pc)
       New #3

    Clintlgm said:
    As far as all those files go just google them they could be tied to any program even maybe Avast.....
    Googling some of those file names often finds them associated with a W32.Sality infection.
    https://www.symantec.com/security_response/writeup.jsp?docid=2006-011714-3948-99
     @simrick would know more and be best placed to advise.
      My Computers
    Quote Quote

  6. simrick
    Posts : 16,325
    W10Prox64
       New #4

    Hi.
    If it is indeed Sality, then Bree has given you the link for Symantec's Norton Power Eraser, which they recommend to use (look under the removal tab).

    Sality can get in many times through infected flash drives. So, Panda's USB vaccine can help against that.
    Download Panda USB and AutoRun Vaccine - MajorGeeks

    But, here's the real problem: If you have Avast and Norton on the system at the same time, they tend to cancel each other out, and you get very little protection. You should only have one anti-virus and one anti-malware actively running on a system.

    Malwarebytes Antimalware has a free trial which will actively protect you for (I think) 30 14 days. This plays nicely with Norton or Avast or Defender. Incidentally, Avast free is VERY good, and I would not discount it.

    So here's what I would do:

    Uninstall one of your active anti-virus programs.

    Run RKILL
    This will stop any malicious processes currently running. Everything it does is undone by a reboot.
    Download RKill
    If it won't let the rkill.exe run, try the one named iExplore (to fool the infection). If that doesn't work, try the unsigned one...
    Post the log here for us to review.


    Run ADWCleaner (scan, then clean)
    Downloads - AdwCleaner - ToolsLib
    It will require a reboot to clean.
    Post the log.

    Run RKILL again.
    Post the log if it finds anything this time round.

    Run the Norton tool.

    It's quite possible that, after you are clean, the DISM commands will be required to restore some of your system files. Bree can help you with that.
    Last edited by simrick; 30 Mar 2018 at 19:15.
      My Computer
    Quote Quote

  7. simrick
    Posts : 16,325
    W10Prox64
       New #5

    Here are a couple other options if you find the Norton tool doesn't work:

    How to Remove Win32/Sality in 3 Easy Steps | AVG

    How to disinfect my computer from Virus.Win32.Sality
      My Computer
    Quote Quote

  8. Shnxxx
    Posts : 53
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       New #6

    wait wait wait, I'll follow your instructions @simrick I'll update ASAP Thank you all for your replies!
    I'll stick with nortron too @Clintlgm
    @Bree How harm is sality is?
      My Computers
    Quote Quote

  9. Shnxxx
    Posts : 53
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       New #7

    @simrick the unsigned one was detected by Windows defender as a Trojan
    [HELP] I think I'm infected with UNKNOWN malware/virus-capture-3.png
    Here's the results.
    RKill
    AdwCleaner
    RKill (2nd)

    What's Norton Tool?
      My Computers
    Quote Quote

  10. Shnxxx
    Posts : 53
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       New #8

    I found the Norton Tool that @simrick talking about, it's the Norton Power Eraser. And it says no threats found.

    I run as admin the AVG tool and It just opened and somewhat scanned so fast and close itself too. So I don't know what really happened.

    Right now I'm scanning using the Kaspersky tool. I will update again ASAP when it finished.
      My Computers
    Quote Quote

  12. Shnxxx
    Posts : 53
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       New #9

    Kaspersky Tool somewhat stuck for already 30 mins. and looks like it doesn't do anythings else, no success or fail messages appears. So decided to close it and will start it again later on. I'll update again here ASAP.
      My Computers
    Quote Quote

  13. Shnxxx
    Posts : 53
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       New #10

    bump

    I still have these annoying files and I'm scared from what it can do to my pc
      My Computers
    Quote Quote

 

  Related Discussions
Infected by mail.ru virus
in AntiVirus, Firewalls and System Security

Hi, 2 days ago I ran a infected Russian .exe file to download a intro template from "Frogges" Youtube channel with mediadisk.net website. But with that I downloaded some unwanted programs to my computer. The virus opens an advertising tab on my...
Every...i mean every anti malware blocked by unknown malware/virus
in AntiVirus, Firewalls and System Security

i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on 1. the PC got infected on windows defenders watch, the infection...
PC infected with malware
in AntiVirus, Firewalls and System Security

I recently ran kmspico.exe and couple other unverified programs(of course by mistake) and now my pc's loaded with malware and virus. I reset my pc completely but I still think there are virus files saved which weren't deleted as I had opted to kept...
Backdoor virus infected
in AntiVirus, Firewalls and System Security

Can I launch a police report if I know who are installing backdoor virus into my computer system? Many thanks.
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 00:23.
Find Us




Windows 10 Forums