Jump to content

Infected with Malware.


Recommended Posts

Hi i have been infected with malware and ran tronscript, dism, sfc and malwarebytes. However, there seems to be no more detections.

But my Autoruns show that a lot of microsoft published files are all unsigned and my computer prompts me to restart in one minute halfway during malwarebytes full scans when i am connected to the internet. My hosts files seem to be always filling up as well, but routed to be blocked at 0.0.0.0 ip. Here are some pictures. I resetted my edge settings in case there were weird redirects and now microsoft edge says it is managed by my organisation and i cannot reset my settings to my initial ones.

Please help! Appreciate it.

20210816_114504.jpg

20210816_114509.jpg

20210816_114457.jpg

20210816_114501.jpg

20210816_114452.jpg

20210816_114449.jpg

20210816_114447.jpg

20210816_114442.jpg

20210816_114438.jpg

20210816_114353.jpg

Link to post
Share on other sites

  • Root Admin

Hello @ehdahm and :welcome:

If you got to the point where you had to run that Tron script and you're still having issues it would probably best best to backup your personal data, format the drive and reinstall Windows. Tron is a shotgun approach to what normally should only involve a minor approach to a targeted infection.

At this point, (in my opinion) you've already modified and altered so many entries in the file structure and the Registry that you'll always be hunting down issues. A good, clean, fresh install of Windows will put you back on the right track.

 

Greg Carmack - MVP 2010-2020 -Clean Install Windows 10
https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/clean-install-windows-10/1c426bdf-79b1-4d42-be93-17378d93e587

How to Create a Local Account While Setting Up Windows 10
https://www.howtogeek.com/442792/how-to-create-a-local-account-while-setting-up-windows-10/

 

If you'd rather try to piece meal fight the computer let me know and we can attempt some bandied clean up.

Cheers

 

Edited by AdvancedSetup
updated information
Link to post
Share on other sites

Hi Greg! Thanks for the prompt response. But is it unusual for the 1 minute reset? Backdoor.Farfli was detected before and other win32 red line password stealers etc. Now that i've run tron script and my antimalwares seem to show nothing, will a fresh install clean up the rest of the registry issues? How about the hosts files? Because ive opened notepad and cleared the hosts files multiple times and they get LOADED with new entries later on not sure from where. 

Link to post
Share on other sites

  • Root Admin

Yes, if you follow the advice from the article by Greg to do a clean install of Windows 10 and remove ALL partitions,  it will remove all and be safe.

 

Greg Carmack - MVP 2010-2020 -Clean Install Windows 10
https://answers.microsoft.com/en-us/windows/forum/windows_10-windows_install/clean-install-windows-10/1c426bdf-79b1-4d42-be93-17378d93e587

How to Create a Local Account While Setting Up Windows 10
https://www.howtogeek.com/442792/how-to-create-a-local-account-while-setting-up-windows-10/

 

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.