Might have a virus


  1. Posts : 128
    W10 Pro 1909 18363.476
       #1

    Might have a virus


    Working for a client. Opened a safe looking word doc. Followed promts to enable it started loading the doc. Had all kinds of actresses names...quickly shut it down
    I had already scanned the file manually w Kasperky
    Deleted it completely...everything seemed fine
    This a.m. logged in, Kasperky stuck at 1% scanning something. Everything is sluggish. Used task mgr to shut down...took 10 minutes
    Boots up. Loads dtop wallpaper but doesnt seem to do anything. Trying shut down from login screen seems like it will never shut down
    Got it into safemode (LAN unplugged) malwarebytes doesnt find anything. Kasp looking...much slower but hasnt found anything. (I have 4 drives)
    Should I boot to some sort of virus killer? I have a 2nd pc
    I'm old...and suck at typing on my phone.

    The doc had efax in its title and was a collection letter

    Kasperky grinds away and then is just done. It does not say anything. I am in selective scan where you have to add a drive or file and when I look up its just sitting there waiting for me to add something

    Logged into my Kasperky online...virus detected
    Win32.badur in colorfonts
    There is an option to resolve but im paranoid about connecting to the net
      My Computer


  2. Posts : 6,969
    windows 10
       #2

    MS says defender can remove it but there are lots of ways to get rid see How to Remove Trojan.Win32.Badur.lhoi From Your PC? [COMPLETE GUIDE] – Remove Windows Malware Tips
      My Computer


  3. Posts : 128
    W10 Pro 1909 18363.476
    Thread Starter
       #3

    Samuria said:
    MS says defender can remove it but there are lots of ways to get rid see How to Remove Trojan.Win32.Badur.lhoi From Your PC? [COMPLETE GUIDE] Remove Windows Malware Tips
    Looked around but did not see anything. Thanks
    Tempted to just reinstall
    defender = error opening
    spyhunter - scripting error upon install
      My Computer


  4. Posts : 6,969
    windows 10
       #4

    It locks into browser and appdata clean install is safest
      My Computer


  5. Posts : 128
    W10 Pro 1909 18363.476
    Thread Starter
       #5

    Samuria said:
    It locks into browser and appdata clean install is safest

    you mean as far as reinstalling windows? I was going to wipe the drive and start brand new.

    I have the OS drive plus 4 other drives. Do you think those drives are infected? Does the virus work that way?
      My Computer


  6. Posts : 1,604
    Win 10 home 20H2 19042.1110
       #6

    once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Be sure all passwords are new. Do not use the old passwords.
      My Computers


  7. Posts : 128
    W10 Pro 1909 18363.476
    Thread Starter
       #7

    Jacee said:
    once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Be sure all passwords are new. Do not use the old passwords.

    I reformatted and reinstalled. I will change passwords...thanks...did not think of that.
      My Computer


  8. Posts : 1,604
    Win 10 home 20H2 19042.1110
       #8

    If you've used a credit card or any banking on the machine, you'll also want to notify the correct institutions.
      My Computers


  9. Posts : 8,689
    Mac OS Catalina
       #9

    Dump Kaspersky and use Mbam to scan.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 10:19.
Find Us




Windows 10 Forums