Jump to content

Computer Infected with IPNinja Trojan; Internet Messed Up; Can't Run EXEs


Recommended Posts

Hello,

 

I'm very computer proficient and a virus that was attached to a fake EXE file I downloaded has severely messed up my computer. I ran the standard soiree of programs to get rid of malware:

  1. MBAM - it detects multiple viruses and i would quarantine then delete each one, only for it to reappear again during a new scan (usually found in the System32/drivers folder)
  2. Adwcleaner - it runs and detected 50 or so threats the first time, now each time I run it it will detect one threat in the Local app data folder (%appdata%\IPNinja\exitnode\exitnode.vbs)
  3. Hitman Pro - I can't install this! says access denied
  4. JRT - cannot run, access denied
  5. Malwarebytes Anti-Rootkit BETA - it again says the disk is encrypted or otherwise access denied

 

It is clear to me I have a rootkit installed that is preventing any sort of anti-malware programs from running. It is disabling the ability to install EXE files or otherwise run EXE files from multiple types of software. Furthermore, I have tried running system restore (it does not start), creating a system image of this disk (does not run, says error accessing the C: drive; fyi I'm trying to run a system image so that I can restore a 3 month old system image but still be able to look into what I currently have in terms of all my application settings / new apps etc.) and windows defender scan shows up nothing. I've noticed I had 90GB of free space before this virus behavior (from installing that rogue EXE file that contained it), and now my free space is down to 45GB all of a sudden.

 

Before I ran the initial run of Adwcleaner and MBAM, Microsoft Edge and Chrome were completely crapped out. I noticed the ipv4 settings in both my ethernet and wifi adapters (i have them both connected all the time) were set to rogue addresses. I changed the ipv4 back to Google DNS defaults (8.8.8.8 and 8.8.4.4) and after using MBAM/Adwcleaner the first time and reinstalling CHrome, now internet works on chrome but Edge seems completely messed up. Nothing loads on edge no matter what.

 

I'm a bit confused right now on what I can possibly do to fix my computer. I see three alternatives:

  1. Wipe my hard drive, resinstall windows 10, then restore from a system image a Win10 image I created 3 months ago that is missing a lot of my data and settings. This is not ideal but I'm hoping I can make this work as long as windows 10 doesn't crap out on me
    1. I'd like to make a system image of my current config (with virus) before I wipe this drive, since I have so much sensitive data and I can't really collect what I will miss if I wipe it with my 3 month old system image.
  2. Find a way to get rid of the rootkits so i can install Hitman Pro, JRT, Malwarebytes Anti-rootkit and eventually figure out a way to get all the trojan backdoors, rootkits and other PUPs off my computer.
  3. If system image fails me and I can't get rid of this malicious virus, I may need to start from scratch :((

 

Any help here is much greatly appreciated. I am truly stuck - and I'm afraid I have exposed my machine to logging into chrome with certain passwords that I wouldn't want any backdoor virus capturing. Any advice on how to proceed (turn off all internet connections? leave computer off until ready to troubleshoot?) is much appreciated.

Link to post
Share on other sites

  • Root Admin

Hello @user2930502 and :welcome:

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

I'm heading out but will check your logs and reply tomorrow.

Thank you

Ron

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.