Windows 10: [HELP] I think I'm infected with UNKNOWN malware/virus Solved

Page 1 of 4 123 ... LastLast

  1. Posts : 32
    Windows 10 Pro 10586.494 v1511
       30 Mar 2018 #1

    [HELP] I think I'm infected with UNKNOWN malware/virus

    I have a newly bought laptop, an Acer Aspire E 15. What that lead me to think that I'm infected is because when I tried to visit my Windows folder (because I was searching for 'SystemApps' folder to disable Cortana) I saw random weird files with random names and all of the are 1KB only.
    Click image for larger version. 

Name:	Capture 2.PNG 
Views:	8 
Size:	104.1 KB 
ID:	182871

    I have not done anything yet. I have an Avast Free installed and a Norton pre-installed when I bought it.
    Please help me.

    I don't want to reformat it, I was traumatized on windows update, I don't want to download updates that took 2 days making my laptop unusable because of resource hog of windows updates.

    I tried to delete them and checked them every time if they will return and they did not so I stopped checking it but a little while ago, they appeared again.
      My ComputersSystem Spec

  2. Clintlgm's Avatar
    Posts : 836
    Win 10 pro Upgraded from 8.1
       30 Mar 2018 #2

    I would get rid of the Avast, keep the Norton and get Malwarebytes, Run full scans with both Norton and Malwarebytes. If you don't come up with anything don't worry about it. Pay for Malwarebytes so that it will run full time it great for malware and ransomware, I pay for Norton more because I always have, and it plays well with Malwarebytes Together and personal responsibility I feel pretty safe I take all the warning serious that both programs notify of and don't unblock them unless I am completely sure of the file or program.

    As far as all those files go just google them they could be tied to any program even maybe Avast.

    To Disable cortana Enable or Disable Cortana in Windows 10 Windows 10 Tutorials

    If your convinced your infected, and don't feel you can resolve yourself, Norton has pretty good tech support, I have no Idea if Avast does or not but since if you got a virus or malware using there product they would be the best ones to identify what you have and how to get rid of it.
      My ComputersSystem Spec

  3. Bree's Avatar
    Posts : 8,852
    10 Home x64 (1809) (10 Pro on 2nd pc)
       30 Mar 2018 #3

    Clintlgm said: View Post
    As far as all those files go just google them they could be tied to any program even maybe Avast.....
    Googling some of those file names often finds them associated with a W32.Sality infection.
    @simrick would know more and be best placed to advise.
      My ComputersSystem Spec

  4.    30 Mar 2018 #4

    If it is indeed Sality, then Bree has given you the link for Symantec's Norton Power Eraser, which they recommend to use (look under the removal tab).

    Sality can get in many times through infected flash drives. So, Panda's USB vaccine can help against that.
    Download Panda USB and AutoRun Vaccine - MajorGeeks

    But, here's the real problem: If you have Avast and Norton on the system at the same time, they tend to cancel each other out, and you get very little protection. You should only have one anti-virus and one anti-malware actively running on a system.

    Malwarebytes Antimalware has a free trial which will actively protect you for (I think) 30 14 days. This plays nicely with Norton or Avast or Defender. Incidentally, Avast free is VERY good, and I would not discount it.

    So here's what I would do:

    Uninstall one of your active anti-virus programs.

    Run RKILL
    This will stop any malicious processes currently running. Everything it does is undone by a reboot.
    Download RKill
    If it won't let the rkill.exe run, try the one named iExplore (to fool the infection). If that doesn't work, try the unsigned one...
    Post the log here for us to review.

    Run ADWCleaner (scan, then clean)
    Downloads - AdwCleaner - ToolsLib
    It will require a reboot to clean.
    Post the log.

    Run RKILL again.
    Post the log if it finds anything this time round.

    Run the Norton tool.

    It's quite possible that, after you are clean, the DISM commands will be required to restore some of your system files. Bree can help you with that.
    Last edited by simrick; 30 Mar 2018 at 19:15.
      My ComputerSystem Spec

  5.    30 Mar 2018 #5

    Here are a couple other options if you find the Norton tool doesn't work:

    How to Remove Win32/Sality in 3 Easy Steps | AVG

    How to disinfect my computer from Virus.Win32.Sality
      My ComputerSystem Spec

  6. Posts : 32
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       01 Apr 2018 #6

    wait wait wait, I'll follow your instructions @simrick I'll update ASAP Thank you all for your replies!
    I'll stick with nortron too @Clintlgm
    @Bree How harm is sality is?
      My ComputersSystem Spec

  7. Posts : 32
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       01 Apr 2018 #7

    @simrick the unsigned one was detected by Windows defender as a Trojan
    Click image for larger version. 

Name:	Capture 3.PNG 
Views:	4 
Size:	35.6 KB 
ID:	183099
    Here's the results.
    RKill (2nd)

    What's Norton Tool?
      My ComputersSystem Spec

  8. Posts : 32
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       01 Apr 2018 #8

    I found the Norton Tool that @simrick talking about, it's the Norton Power Eraser. And it says no threats found.

    I run as admin the AVG tool and It just opened and somewhat scanned so fast and close itself too. So I don't know what really happened.

    Right now I'm scanning using the Kaspersky tool. I will update again ASAP when it finished.
      My ComputersSystem Spec

  9. Posts : 32
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       01 Apr 2018 #9

    Kaspersky Tool somewhat stuck for already 30 mins. and looks like it doesn't do anythings else, no success or fail messages appears. So decided to close it and will start it again later on. I'll update again here ASAP.
      My ComputersSystem Spec

  10. Posts : 32
    Windows 10 Pro 10586.494 v1511
    Thread Starter
       02 Apr 2018 #10


    I still have these annoying files and I'm scared from what it can do to my pc
      My ComputersSystem Spec

Page 1 of 4 123 ... LastLast

Related Threads
Solved Infected by virus in AntiVirus, Firewalls and System Security
Hi, 2 days ago I ran a infected Russian .exe file to download a intro template from "Frogges" Youtube channel with website. But with that I downloaded some unwanted programs to my computer. The virus opens an advertising tab on my...
Every...i mean every anti malware blocked by unknown malware/virus in AntiVirus, Firewalls and System Security
i have looked up this issue and apparently this must be a new one since there is no solution what so ever, even the hidden admin account is defenseless, here is what's going on 1. the PC got infected on windows defenders watch, the infection...
PC infected with malware in AntiVirus, Firewalls and System Security
I recently ran kmspico.exe and couple other unverified programs(of course by mistake) and now my pc's loaded with malware and virus. I reset my pc completely but I still think there are virus files saved which weren't deleted as I had opted to kept...
My desktop pc got infected with a virus, still having problems in AntiVirus, Firewalls and System Security
Hello, Tonight around 9:14 pm I was trying to merge my friends 5 videos together... I remembered that Windows Live movie maker had a feature that you could merge the files together... I must have gotten an illegitimate version of the program...
Backdoor virus infected in AntiVirus, Firewalls and System Security
Can I launch a police report if I know who are installing backdoor virus into my computer system? Many thanks.
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 05:00.
Find Us