tanz 0 Posted August 27, 2017 Share Posted August 27, 2017 Hi There, Can someone please help with my horrible problem? My computer has either been hijacked, remotely accessed and I can't get rid of them, or they have planted a bot which is controlling my computer. I can't select anything, as soon as I click on it, it wants to delete it, and some files have been deleted and I am too afraid to click the Recycle bin, in case it gets wiped. I have tried every antivirus software I can think of, have tried malware, and just ran eset as well, but nothing is detecting the problem. I am not able to access my internet banking either, otherwise I would have paid for eset already. I have run SysInspector, have generated log files, I have tried RogueKiller, nothing works, AND my computer keeps booting to setup. I have some screenshots but unable to attach them. Link to comment Share on other sites More sharing options...
Wolf Igmc4 6 Posted September 2, 2017 Share Posted September 2, 2017 (edited) Download Process explorer (https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer), run It as admin, in options click on virus total and allow terms and conditions. Then, in the tabs, you will see "Virustotal", click It and find a program with detections that you dont know his origin. Suspend It. Go to his Path, and try deleting It. If you cant, remember the path and run Windows in safe mode, go to the path and delete the files.Then, reboot. If the malware persist, download Autoruns (https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns), another Microsoft essentials program. In options allow Virustotal terms, then find an entry with derections, make sure it's not an important entry or a program you installed, and delete It. You can try finding the name of the entry, just go to the path where the malware is alocated, copy it's name and find it on Autoruns. Edit: You can also try using second opinion scans first, I recommend Hitman Pro, Zemana and Malwarebytes. If you are not able to kill the virus, run win in safe mode, hit Windows key and R, and write Rstrui.exe, and select a copy where the virus wasnt in ur pc. If any important file is deleted, download shadow Explorer and find in the backups your files (you can find tutorials in YT). Edited September 2, 2017 by Wolf Igmc4 Add information. Link to comment Share on other sites More sharing options...
Recommended Posts