Pergamentina

This is the guide I used for this portion (I tried all the steps in that guide and it seemed to help) : https://www.pcworld.com/article/243818/how-to-remove-malware-from-your-windows-pc.html

Sounds wonderful! Thank you very much for your time, Maurice. I really appreciate all your efforts and help. I would mark the post made on "Posted December 14" as a Solution as well, since it helped with removing the files. Thanks again!! 💚

Installed all the updates. Thanks again!

Would the Disk Cleanup tool on Windows be sufficient (screenshot in spoiler below)? I completed the steps outlined. 🙂 I will run the updates today; thank you! So I do not need to worry about the things that were on my computer before? It should be safe now? 😏

For now, I am using Malwarebytes as an on-demand scanner. I will also be using Kaspersky as an on-demand scanner. Windows Defender is the only one enabled to do protections in real-time. I only installed Kaspersky to try a different anti-virus to see if it can detect the issue. I did uninstall Sophos first, yes. I scanned TrendMicro a little while after Kaspersky found the issues and I deleted the files through it. TrendMicro did not find anything when I did a "Full" scan. I updated it today (please see screenshot in the "spoiler" section below). Please see file attached. The grammar/spelling could be improved on the tool (makes it seem more malicious, heh). For example: Yes, sir. My apologies for earlier - it was just getting quite frustrating/annoying because I could not go to the Internet with my computer and also my computer was kinda sluggish, so I wanted to get rid of things faster; hence, asked my cybersecurity teachers helped me out. Please let me know if the SecurityCheck.txt looks alright and if there are further actions to be taken. Thank you so much, Maurice. I appreciate your help! SecurityCheck.txt

Here's the file since now I am able to attach it. Let me know if you see anything odd. MpCmdRun.log

One other thing I forgot to mention is that I did end up clearing cache files in all the browsers within safe mode. It would NOT let me delete them outside of safe mode... something must have been trying to use my browsers for other purposes.

Alright, Maurice! We fixed it (I think... see below 😸). Here are the steps I took to fix the problem (along with your incredible guidance 💚). My class instructors are cybersecurity people, so they were able to help me as well. We found out that by turning off web protection, malware protection, ransomware protection, and exploit protection on Malwarebytes Premium Trial 4.3.0, I was able to connect to the internet through the browser again. However, those yucky files were not removed still (of course) and something did seem to be affecting my browsing situation (I am guessing Malwarebytes was trying to battle it but through that, I was unable to access the internet as well - it was just loading forever). So, I was given some feedback to complete similar steps below. 1. Downloaded Kaspersky Total Security 2. Disconnected from Internet 3. Booted up into Safe Mode (F4 from the "Advanced settings area") - had to follow a guide for this online, but was not hard to find 4. Ran Kaspersky Total Security (full scan) - this is without internet in safe mode [this took around 1.5 hours] 5. Kaspersky found over 1K infected files and issues in safe mode 6. Deleted the files and issues using Kaspersky in safe mode [this took around 2 hours] 7. Ran Windows Security Defender (full scan) - this is without internet in safe mode [this took around 1.5 hours] 8. Windows Security Defender found one additional file in safe mode 9. Windows Security Defender was able to delete the additional file in safe mode [this took around 15 mins] 10. Rebooted computer and ran Kaspersky Total Security (full scan) as well as Windows Security Defender (full scan) afterwards - this is with internet and in "normal" mode (i.e. desktop/with features) 11. Kaspersky and Windows Security Defender did not find anything [this took around 1.5+1.5 = 3 hours] 12. Problem solved? Please let me know what you think. I know I derailed from some of your suggestions but rebooting the computer did not work for me (normally) unfortunately. Do you think we still need to continue checking or do you think the computer is safe now? I was unable to find the file that was causing the issues anymore and it was actually deleted by Kaspersky (or so it seems); as mentioned before, I could not delete it myself as it kept saying that it was "calculating" the size and that there were 0 bytes. I really appreciate your feedback, help, and thoughts. Thanks, Maurice. PS: I was keeping track of time to see if the scanning speed would improve but it seems like it always takes long for my computer; I guess I just have a lot of files.

I will do that ASAP. I have a class ATM on my computer through Teams (so internet is working) but I should have a break soon and I'll do that then. I am also connected through cable (not WiFi) - my computer ("tower") does not have WiFi capability (only cable).

Unfortunately, I cannot attach them since I cannot access the internet anymore through any browser (IE, Edge, Firefox, Google Chrome). That's right. It is a file within that directory. I tried deleting it in the past (before reaching out on this forum) and it would not work - it kept trying to load and delete it but could not detect the size and saying 0 KB (even though it's well over 3GB; it's an ISO file that I installed for school before - Kali Linux). I cannot access internet via Edge neither. Pinging works (DNS is fine), Proxy is not turned on, pinging google.ca works as well. I am currently on this step and will let you know the status once it completes.

Thank you for the details; it is good to know. I am getting assistance with this issue in the other sub-forum as well, to try and get rid of whatever is plaguing my computer.

Here are the screenshots in timely order. Hope the info helps. http://imgur.com/a/mih6w4E

Alright, thank you for your assistance and patience. Unfortunately, Windows Defender could not remove anything. The same items are still there and there are more popping up. I am unable to access any webpages or search on the internet through my computer with the issues. Any additional steps or help is much appreciated. Thank you! I will keep track of this forum via phone (which is how I posted this 😓).

The scanning results did not find anything. Please see attached file. Ready for next command. 😉 ESET_20201211_0218.txt

Thank you very much for your support, Maurice! Perg or Pergamentina is fine. 😄 I am currently at this stage. Screenshot in "spoiler" below. I will let you know once I get to those steps!