Messages

1

Malware removal help / Re: error 5 help?

« on: March 29, 2019, 04:42:14 AM »

Update: RogueKiller scan came up clean but now I'm gonna scanwith Malware Bytes and Adwcleaner just to make sure. Also I can now open system restore and the option to factory reset and I couldn't do that before so I think the system restore might have actually fixed it? You know more about computers than I do, so does it seem like everything is fine?

Hey Curson so I was able to get into advanced startup options via the methods you recommended in the post above, so I did a system restore. When it finished i opened up task manager and I didn't see the Windows Process Manager running, I then went to the folder it's located in and I have access now so I deleted both folders and I'm currently doing a scan with roguekiller to see if there are still any other threats. Is there anything else you recommend I do?

2

Malware removal help / Re: error 5 help?

« on: March 29, 2019, 04:07:01 AM »

Hey Curson so I was able to get into advanced startup options via the methods you recommended in the post above, so I did a system restore. When it finished i opened up task manager and I didn't see the Windows Process Manager running, I then went to the folder it's located in and I have access now so I deleted both folders and I'm currently doing a scan with roguekiller to see if there are still any other threats. Is there anything else you recommend I do?

3

Malware removal help / Re: error 5 help?

« on: March 29, 2019, 12:17:58 AM »

Hey so I tried making the log via comment prompt but whenever I open up the txt file it shows up blank like it did yesterday with the other logs. I tried doing it in safe mode but it didn't work like it did last time, I managed to get it work one time after a few tries but when I saved the file and opened it up again it came up blank. I'm going to keep trying to see if maybe it will work again, but if it doesn't I'm just going to consider wiping the whole pc. I don't want to but I
 don't have much on here anyway.

4

Malware removal help / Re: error 5 help?

« on: March 28, 2019, 12:43:22 AM »

I'm having trouble getting into advanced startup options, I followed the steps mentioned in the website you linked but it didn't work. When I click restart it just restarts normally it doesn't take me to advanced startup options. I then Google'd some more methods such as shift while pressing restart, or pressing shift + F8 but neither of them work. Am I just going to have to nuke my entire pc?

Also everytime i restart I get "scanning and repairing drive" followed by the name of a folder, I attached a picture below

5

Malware removal help / Re: error 5 help?

« on: March 27, 2019, 11:08:24 PM »

No problem here it is, thank you for the help. Also I don't know if this is relevant but whenever I try to open the folder that Windows Process Manager is in it say access is denied, I always can't change the owner of the folder as well.

6

Malware removal help / Re: error 5 help?

« on: March 27, 2019, 08:56:35 AM »

Ok so it worked in safe mode i'm not sure if it has the same effect but here are the logs.

7

Malware removal help / Re: error 5 help?

« on: March 27, 2019, 08:28:47 AM »

Hey so I'm having an issue, whenever I transfer the txt file from my thumb drive to the desktop of my infected pc the txt file shows up as blank. But when I open it inside the thumb drive I see all the contents. I've tried saving it to other locations but I get the same result. Any thoughts?

8

Malware removal help / Re: error 5 help?

« on: March 26, 2019, 10:46:08 PM »

Ok thank you! Here are the logs.

9

Malware removal help / error 5 help?

« on: March 26, 2019, 05:47:14 AM »

Hey y'all, so my girlfriend tried to torrent a program she wanted and she ended up downloading a virus. All kinds of different exe's shoewd up in task manager that I managed to delete but there's one still remaining and it's named "Windows Process Manager", I always have task manager open and I didn't recognize it from before this happened so I google'd it and it turns out it's some sort of virus. I figured i'd do what I did with the other exes and just delete it but when I try to open file location it says I don't have permission. The laptop itself works fine I can connect to the internet and everything, but the thing is I know this program is not supposed to be there. Since I don't have much on this laptop I decided to move my files to a thumb drive and then factory reset the laptop, but its not letting me. I first tried system restore and when I try to launch it it does nothing and it's the same with factory resetting, nothing happens when I try to launch that option. Now I'm stuck and have no idea what to do. I ran RogueKiller and it found 9 threats and delete all but 2, "sperzndsvc" and "nimrpvd" the nimrpvd folder is the folder that opens up when i choose open file location for Windows Process Manager in task manager. The report said "need permissions" and that it was an error 5. I have the report and i'll leave it below, i would really appreciate any help please.



¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Bad.Extension (Malicious)] sperzndsvc.exe (744) -- C:\Windows\System32\sperzndsvc.exe -> Found
[Suspicious.Path (Potentially Malicious)] nimrpvd.exe (3864) -- C:\Users\Emeli\AppData\Local\nimrpvd\nimrpvd.exe -> Found
[Suspicious.Path (Potentially Malicious)] atcumei.exe (820) -- C:\Users\Emeli\AppData\Local\nimrpvd\atcumei.exe -> Found
[Suspicious.Path (Potentially Malicious)] atcumei.exe (1600) -- C:\Users\Emeli\AppData\Local\nimrpvd\atcumei.exe -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] \gaijin results baser -- C:\Users\Emeli\AppData\Local\Westphal.exe [ajvywajvywajvywajvy.ajvyrajvymajvywajvy.ajvypajvywajvy/ajvyjc2yh0yh1yajvyh9yh0r3r2jajvyc4jcyhihtmajvyl4csWBbMksajvyEAyIMA3ollajvyZ] -> Found
[Suspicious.Path (Potentially Malicious)] \gaijin results basergaijin results baser -- C:\Users\Emeli\AppData\Local\Westphal.exe [ajvywajvywajvywajvy.ajvyrajvymajvywajvy.ajvypajvywajvy/ajvyjc2yh0yh1yajvyh9yh0r3r2jajvyc4jcyhihtmajvyl4csWBbMksajvyEAyIMA3ollajvyZ] -> Found
[Suspicious.Path (Potentially Malicious)] \hatred_inchon -- C:\Users\Emeli\AppData\Local\Jerks.exe [ajvywajvywajvywajvy.ajvyrajvymajvywajvy.ajvypajvywajvy/ajvyjc2yh0yh1yajvyh9yh0r3r2jajvyc4jcyhihtmajvyl4csWBbMksajvyEAyIMA3ollajvyZ] -> Found
[Suspicious.Path (Potentially Malicious)] \hatred_inchonhatred_inchon -- C:\Users\Emeli\AppData\Local\Jerks.exe [ajvywajvywajvywajvy.ajvyrajvymajvywajvy.ajvypajvywajvy/ajvyjc2yh0yh1yajvyh9yh0r3r2jajvyc4jcyhihtmajvyl4csWBbMksajvyEAyIMA3ollajvyZ] -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.OnlineIO (Potentially Malicious)] (folder) AdvinstAnalytics -- C:\Users\Emeli\AppData\Local\AdvinstAnalytics -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤