F5F Stay Refreshed Software Operating Systems Got Rootkited

Got Rootkited

Got Rootkited

T
taconiebre
Senior Member
Find
506
10-11-2016, 07:16 AM
#1
Hey everyone. I believe I managed to root around myself. It began when I downloaded something suspicious (I’m sure it was reckless, but I needed it that moment, so yeah). Soon, my computer slowed down a lot. There were frequent crashes and BSODs. I attempted several fixes to bring my laptop back to normal performance. 1.) Ran a complete scan using Windows Defender. (To be honest, this is my only antivirus, but it keeps stopping and triggering BSODs.) 2.) Tried a system restore within the desktop environment. But I couldn’t open it after clicking. After an hour, it still wouldn’t launch. a.) It didn’t work even in safe mode, and I couldn’t access the restore point. b.) Before starting, I ran troubleshooting steps, but the system claimed I lacked a restore point. I remember having five backups, so maybe that’s the issue. Also, I used the Refresh option—it asked for a boot-up media. Does that mean it doesn’t need one? Correct me if I’m mistaken. 3.) I also have a dual-boot setup with Linux. When I changed the boot order so GRUB would start first, it didn’t show up at all. I’m not sure why. Side notes: I’m planning to try a live USB scan from Doctor Web, but I can’t install it on my PC. Could be another virus cause. Also, some processes in Task Manager that weren’t there before.
Reply
Reply
T
taconiebre
10-11-2016, 07:16 AM #1

Hey everyone. I believe I managed to root around myself. It began when I downloaded something suspicious (I’m sure it was reckless, but I needed it that moment, so yeah). Soon, my computer slowed down a lot. There were frequent crashes and BSODs. I attempted several fixes to bring my laptop back to normal performance. 1.) Ran a complete scan using Windows Defender. (To be honest, this is my only antivirus, but it keeps stopping and triggering BSODs.) 2.) Tried a system restore within the desktop environment. But I couldn’t open it after clicking. After an hour, it still wouldn’t launch. a.) It didn’t work even in safe mode, and I couldn’t access the restore point. b.) Before starting, I ran troubleshooting steps, but the system claimed I lacked a restore point. I remember having five backups, so maybe that’s the issue. Also, I used the Refresh option—it asked for a boot-up media. Does that mean it doesn’t need one? Correct me if I’m mistaken. 3.) I also have a dual-boot setup with Linux. When I changed the boot order so GRUB would start first, it didn’t show up at all. I’m not sure why. Side notes: I’m planning to try a live USB scan from Doctor Web, but I can’t install it on my PC. Could be another virus cause. Also, some processes in Task Manager that weren’t there before.

Reply
Reply
A
aloyark
Member
Find
161
10-11-2016, 01:31 PM
#2
Consider right-clicking the processes and navigating to File Location. Attempt to terminate the process and immediately delete the folder. If this fails, keep ending processes until it stops working. If problems persist, download and run Malwarebytes to scan for known threats, then reboot. For stubborn issues, explore a professional virus removal service or perform a factory reset. Rootkits are tough to eliminate, so it’s best to assume you have a basic virus.
Reply
Reply
A
aloyark
10-11-2016, 01:31 PM #2

Consider right-clicking the processes and navigating to File Location. Attempt to terminate the process and immediately delete the folder. If this fails, keep ending processes until it stops working. If problems persist, download and run Malwarebytes to scan for known threats, then reboot. For stubborn issues, explore a professional virus removal service or perform a factory reset. Rootkits are tough to eliminate, so it’s best to assume you have a basic virus.

Reply
Reply
A
ArtQ_Q
Member
Find
164
10-17-2016, 07:17 PM
#3
Execute an AV Rescue Disk. Most AV firms offer downloadable files that you can install on a bootable USB or DVD. The system starts from the rescue disk to ensure no malware is active.
Reply
Reply
A
ArtQ_Q
10-17-2016, 07:17 PM #3

Execute an AV Rescue Disk. Most AV firms offer downloadable files that you can install on a bootable USB or DVD. The system starts from the rescue disk to ensure no malware is active.

Reply
Reply
J
JHClark
Junior Member
Find
2
10-18-2016, 03:48 AM
#4
Choose Malwarebytes Chameleon edition—likely doesn’t need installation and offers built-in protection.
Reply
Reply
J
JHClark
10-18-2016, 03:48 AM #4

Choose Malwarebytes Chameleon edition—likely doesn’t need installation and offers built-in protection.

Reply
Reply
B
Bloody_TearS
Member
Find
180
10-18-2016, 05:26 AM
#5
I recommend trying a tool such as tronscript—it may take some time, but it will make the process cleaner.
Reply
Reply
B
Bloody_TearS
10-18-2016, 05:26 AM #5

I recommend trying a tool such as tronscript—it may take some time, but it will make the process cleaner.

Reply
Reply
X
xAuDesignsx
Member
Find
214
10-18-2016, 11:09 AM
#6
Use multiple on-demand scanners like Emsisoft Emergency Kit, Malwarebytes free, HitmanPro, Zemana, etc. If it's confirmed as a rootkit, format the drive and reinstall Windows.
Reply
Reply
X
xAuDesignsx
10-18-2016, 11:09 AM #6

Use multiple on-demand scanners like Emsisoft Emergency Kit, Malwarebytes free, HitmanPro, Zemana, etc. If it's confirmed as a rootkit, format the drive and reinstall Windows.

Reply
Reply
K
kingdaan1
Junior Member
Find
2
10-25-2016, 01:35 AM
#7
Update notice: Installed and executed Malwarebytes. Attached are the threat report details. Files identified were quarantined and removed. System performance improved after cleanup. Restore point remains inaccessible. Laptop operates more smoothly now. update.txt
Reply
Reply
K
kingdaan1
10-25-2016, 01:35 AM #7

Update notice: Installed and executed Malwarebytes. Attached are the threat report details. Files identified were quarantined and removed. System performance improved after cleanup. Restore point remains inaccessible. Laptop operates more smoothly now. update.txt

Reply
Reply
C
Crazy_Heaven
Posting Freak
Find
811
10-25-2016, 07:51 AM
#8
I understand, I can help with that.
Reply
Reply
C
Crazy_Heaven
10-25-2016, 07:51 AM #8

I understand, I can help with that.

Reply
Reply
E
evil_creeper86
Member
Find
53
10-25-2016, 02:18 PM
#9
I just turned on my laptop again, but it still won't run Malwarebytes.
Reply
Reply
E
evil_creeper86
10-25-2016, 02:18 PM #9

I just turned on my laptop again, but it still won't run Malwarebytes.

Reply
Reply