Solved I Think That My Computer Has a Virus

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, please see the two attachments to see if one of these is what you requested regarding Windows Defender. I also have Macrium Reflect as a back-up program on my computer. Do you know if I can back-my computer to the Cloud musing Macrium Reflect? Also, I recently read that SSD drives can also fail but not due to mechanical failure. This is why I would like to have a fairly current back-up of my computer in case the drive in my computer fails. Thanks again for your help and please let me know if I need to send anything else to assist you in helping me get my computer in top-notch shape.
 

Attachments

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,751
Defender looks good.

But please change the Malwarebytes option as I asked you before.
  • Open Malwarebytes.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
Code:
Under the title Scan Options, all the options are checked.
Under the title Windows Security Center (Premium only) the option is unchecked.
Under the title Potentially unwanted items all options are set to Always.
Your computer is clean. Is there any other issue? If not, let me know to give you instructions for removing the tools we used and creating a restore point.

===================================

Do you know if I can back-my computer to the Cloud musing Macrium Reflect?
I'm not sure. Here you can see some useful tutorials about Macrium and its usage.
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, thanks again for your reply. Something has happened to my computer. I followed your advice above. I unchecked the "Windows Security Center" in Malwarebytes, but then a pop-up appeared indicating that I didn't have any virus protection and asked me if I wanted to start Windows Defender, to click on the pop-up. I clicked on the pop-up and tried to start Windows Defender, but it wouldn't start. I then restarted "Windows Security Center" in Malwarebytes because I didn't want to be without virus protection. I don't know if that caused the troubles, but then my VPN would not start, I received a lot of "not responding" when I tried to open programs, I could not open my browser (Edge), etc. What do you think happened?
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,751
Please change the Malwarebytes setting as I told you repeatedly. If there is a problem with Defender, we can't solve it if you don't follow my instructions. Also please, if it's possible, be here more often, especially if you are concerned about your security. Doing something simple I ask you every 2 days, means that this issue will take forever.

I clicked on the pop-up and tried to start Windows Defender, but it wouldn't start.
What exactly is happening? Any error you get? Can you attach a screenshot?
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, thanks again for your help. Please see the attachments. Windows Defender was working tonight and it is turned on; Malwarebytes Windows Security Center is turned-off. I sincerely appreciate your help and I try to reply as soon as possible but I am working some long hours, and it may take me a day or two to reply with the information that you requested. And, yes, I am very concerned with my computer's security knowing that there are people who would like to hack my computer for whatever purposes that they might have. Thanks again for your help.
 

Attachments

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, today I was cleaning the Temp files in my computer and under %temp%, there were two files that would not delete. These two files required the Administrator's permission to delete and after giving the permission, they still would not delete. I Googled one of the file names and discovered something that I would like you to take a look at. (Please see the attachment for a screenshot of what I discovered when I Googled one of the file names.) Could this be malware? Thanks. And, did you have a chance to look at my previous post with the information that you requested?
 

Attachments

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,751
Hi, referee007.

Apologies for the late reply.

Windows Defender was working tonight and it is turned on; Malwarebytes Windows Security Center is turned-off.
You posted again the Firewall setting instead of the Windows Security screenshot. Can I see the Windows Security screenshot, please, so to confirm that everything works fine?

Dr.M, today I was cleaning the Temp files in my computer and under %temp%, there were two files that would not delete.
How did you try to clean the Temp files? Did you use the Wise Cleaner or the Disk Cleanup utility?

These files are being used by any software on the computer as temporary files for the software to work properly when launched or being used. It is sometimes created invincibly on the computer and is usually removed or deleted once the program is closed.

In any case, there is nothing to worry about them.
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, thanks again for your help. Please see the attachments for screenshots of the Windows Security page and the Firewall & Network Protection Page. I deleted the temp files by holding-down the Windows logo key and they typing "temp," "%temp%" and "prefetch" and then deleting all of the entries in these three (3) areas. Since you indicated that some software needs the temp files to work properly, I don't be deleting these files in the future. Also, I still use the Wise Disc Cleaner but I deleted the Wise Cleaner 365 because I believe that it messes around with the Registry and I don't want anything messing around with the Registry. Thanks again for your help, and if you need anything further, please let me know.
 

Attachments

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,751
No need to do the above to clean your disk from temporary files or any other file. Disk cleanup can do the job for you. Just to have in mind in the future:

Disc cleanup
  • Press the Windows icon on your keyboard, together with the letter R.
  • Type in the blank area cleanmgr and then press OK.
  • Select Drive C and press OK.
  • Select everything you don't need in the list that will appear. Actually, you can select everything there, but be careful if you need some files in the Downloads folder.
  • Press the button Clean up system files and wait a bit.
  • Again, select everything you don't need, including old Windows installations, if any.
  • Select the tab More options.
  • Under the title System Restore and Shadow Copies, press Clean up.
  • Press Delete and OK if you are asked to.
  • Wait some time (depending of the items that are deleted).
  • Make a restart when the process is finished.

As for using Wise cleaner or any cleaner, yes, we do not recommend in any way their use in cleaning the registry.

Since the computer is now clean, and Windows Defender works fine, let's finish the job.

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.
  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, thanks again for your much appreciated assistance for letting me know about "cleanmgr." And, I do not intend to tamper with the Registry in any shape or form. Please see below for the results of running KpRm.
__________________________________________________________________________________________________________________

# Run at 12/5/2021 8:48:50 PM
# KpRm (Kernel-panik) version 2.9.2
# Website https://kernel-panik.me/tool/kprm/
# Run by User from C:\Users\User\Desktop
# Computer Name: DESKTOP-7RCNB9G
# OS: Windows 10 X64 (19043)
# Number of passes: 1

- Checked options -

~ Registry Backup
~ Delete Tools
~ Restore System Settings
~ UAC Restore
~ Delete Restore Points
~ Create Restore Point
~ Delete Quarantines

- Create Registry Backup -

~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
~ [OK] Hive C:\Users\User\NTUSER.dat backed up

[OK] Registry Backup: C:\KPRM\backup\2021-12-05-20-48-49

- Delete Tools -


## AdwCleaner
[OK] C:\Users\User\Downloads\adwcleaner_8.3.0 (1).exe deleted
[OK] C:\Users\User\Downloads\adwcleaner_8.3.0 (2).exe deleted
[OK] C:\Users\User\Downloads\adwcleaner_8.3.0.exe deleted
[OK] C:\AdwCleaner deleted

## FRST
[OK] C:\Users\User\Desktop\Tech Support Guy - Communication\Addition.txt deleted
[OK] C:\Users\User\Desktop\Tech Support Guy - Communication\Fixlog.txt deleted
[OK] C:\Users\User\Desktop\Tech Support Guy - Communication\FRST-OlderVersion deleted
[OK] C:\Users\User\Desktop\Tech Support Guy - Communication\FRST.txt deleted
[OK] C:\Users\User\Desktop\Tech Support Guy - Communication\FRST64 (1).exe deleted
[OK] C:\FRST deleted

- Restore System Settings -

[OK] Reset WinSock
[OK] FLUSHDNS
[OK] Hide Hidden file.
[OK] Show Extensions for known file types
[OK] Hide protected operating system files

- Restore UAC -

[OK] Set EnableLUA with default (1) value
[OK] Set ConsentPromptBehaviorAdmin with default (5) value
[OK] Set ConsentPromptBehaviorUser with default (3) value
[OK] Set EnableInstallerDetection with default (0) value
[OK] Set EnableSecureUIAPaths with default (1) value
[OK] Set EnableUIADesktopToggle with default (0) value
[OK] Set EnableVirtualization with default (1) value
[OK] Set FilterAdministratorToken with default (0) value
[OK] Set PromptOnSecureDesktop with default (1) value
[OK] Set ValidateAdminCodeSignatures with default (0) value

- Clear Restore Points -

~ [OK] RP named Scheduled Checkpoint created at 11/25/2021 13:51:02 deleted
~ [OK] RP named Restore Operation created at 12/01/2021 12:22:09 deleted
~ [OK] RP named Revo Uninstaller Pro's restore point - x264vfw - H.264/MPEG-4 AVC codec (remove only) created at 12/04/2021 02:05:48 deleted
[OK] All system restore points have been successfully deleted

- Create Restore Point -

[OK] System Restore Point created

- Display System Restore Point -

~ RP named KpRm created at 12/05/2021 11:50:01

-- KPRM finished in 153.70s --

Dr.M, thanks again for your help. It is greatly appreciated. And, if you can make any further suggestions, they will be greated appreciated also.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,751
Excellent, referee07!

We reached the end of this road, finally!

Now your computer is clean, here are some final tips about your computer's security from now on:

Some of the following, are from Klein's (2005) article, So how did I get infected in the first place. Since then, the article has been reproduced or linked to in dozens of locations. As a result, many malware experts have continued updating it, to include current operating systems and software program information. My source is Security Garden, and I marked for you the following:

1. Keep your Windows updated!
It is important always to keep current with the latest security fixes from Microsoft. This can patch many of the security holes through which attackers can infect your computer.

2. Update 3rd Party Software Programs
Third Party software programs have long been targets for malware creators. It has been stated that "Adobe’s Reader and Flash and all versions of Java are together responsible for a total of 66 percent of the vulnerabilities in Windows systems exploited by malware.'' It's important to keep everything updated.

3. Update the browsers you use
Many malware infections install themselves by exploiting security holes in the Internet browser that you use. So... Keep them updated.

4. Be careful about what you download and what you open!
  • Many "freeware" programs come with an enormous amount of bundled spyware that will slow down your system, spawn pop-up advertisements, or just plain crash your browser or even Windows itself. Watch for pre-checked options such as toolbars that are not essential to the operation of the installed software.
  • Peer-to-peer (P2P) programs like μTorrent, Kazaa, BearShare, Imesh, Warez P2P, and others, allow the creation of a network enabling people to connect with other users and upload or download material in a fast efficient manner. BUT even if the P2P software you are using is "clean", a large percentage of the files served on the P2P network are likely to be infected.
  • Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Have this in mind.
  • Do not open any files without being certain of what they are!
5. Avoid questionable web sites!
Visit web sites that are trustworthy and reputable. Many disreputable sites will attempt to install malware on your system through "drive-by" exploits just by visiting the site in your browser. Lyrics sites, free software sites (especially ones that target young children), cracked software sites, and pornography sites are some of the worst offenders. Also, never give out personal information of any sort online or click "OK" to a pop-up unless it is signed by a reputable company and you know what it is.

6. Registry cleaners/driver boosters/system optimizers
I do not recommend registry cleaners, system optimizers, driver boosters and the like. It is your computer and certainly your choice. However, please consider that modifying registry keys incorrectly can cause Windows instability, or make Windows unbootable. With registry cleaner and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. Do note, however, that Microsoft does not support the use of registry cleaners. See Microsoft support policy for the use of registry cleaning utilities.

7. PC means personal computer!
Don't give access to your computer to friends or family who appear to be clueless about what they are doing.

8. Back-up your work!
Make back-ups of your personal files frequently. You never know when you'll have to reformat and start from scratch. You can always reformat and reinstall programs, but you cannot replace your data if you haven't made backups.

9. Must-Have Software
An anti-virus and an anti-spyware program is a necessity for the security of your computer. Be sure that you keep them updated, and that real time protection is enabled. You have now the built-in Windows 10 antivirus, Windows Defender. Together with Malwarebytes, if you run it occasionally, depending on how often you use your computer, can keep you safe.

Happy safe computing.


I'm glad I was able to help you.
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, thanks again for all of your help and for sending me these tips on how to keep my computer safe. I do have some qualms about Windows Updates. I realize that I should be updating Windows, but about two months ago, after Windows updated the Windows' System, my computer suffered a major malfunction. I kept seeing "the blue screen of death" and no matter what I did Windows would not boot-up. I took it to a computer repair shop and the gentleman there tried to fix it with software that he had, but he was not able to fix it, and he told me that he needed to reinstall Windows after which I would not have any of the programs that I added after I received the computer. Well, I took the computer home and tried Restore again and a miracle happened and Windows booted-up. I took the computer back to the repair shop and he suspended Windows updates and I have kept the updates at bay ever sense because I don't want to face "the blue screen of death" again. I know that I really need to update Windows but I don't want to go through the same thing. Any ideas or suggestions? Thanks again.
 

DR.M

Malware Specialist
Joined
Sep 4, 2019
Messages
2,751
I took the computer back to the repair shop and he suspended Windows updates and I have kept the updates at bay ever sense because I don't want to face "the blue screen of death" again.
Stopping updates is not a solution to any problem. And for sure is not a professional advice. Putting the computer in great risk just to avoid an issue, doesn't solve anything. The updates are necessary as I explained before and if there is a problem with any of them, it must be checked and get solved.

However, I see that your computer is running with the latest update, so no problem for now.
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr.M, thanks again for your replies. Last night I checked "Updates" and saw that there were two cumulative updates available. I downloaded and installed these updates and when my computer something appeared to happen to the computer secondary to the updates. It took maybe two minutes for the computer to reach the log-in screen at boot-up, and then the wallpaper showed-up but the icons didn't and noting in the lower tray appeared. After about a minute the icons appeared and the lower tray showed the icons there, but when I clicked on a program, nothing happened. I didn't want to do anything last night and when I started the computer this evening the same thing happened. I tried System Restore and Restore completed it's thing and then I saw a message indicating that System Restore did not restore anything which may have been due to a protection program (My computer does not have a virus protection program; it uses Defender and Malwarebytes.). And then, it started working better. I don't know what happened, but it seems that Updates did something to my computer. (After I followed your last instruction about deleting all of the tools that were used clean and diagnose my computer, it ran very fast with no problems.) Do you have any ideas about what happened after the two updates were downloaded and installed? Thanks again.
 

referee07

Thread Starter
Joined
Sep 11, 2003
Messages
1,464
Dr. M, my computer is worse. I don't know what happened, but after the recent updates, my computer is running very slowly and some programs are not opening.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top