Computer is Infected HELP

ITkorea

Prominent
May 14, 2017
15
0
570
Hello.

I currently run Windows 10 on HP laptop. I have noticed that there was a background program that is called svcvmx or something like that. I tried to end its process at the Task manager but it kept coming back. I went to its original folder to delete that dump of junk. However it refused to delete itself. It said that I don't have permission. So I went to properties and tried to change the permission. However it won't let me delete its permission list because the folder itself comes from a "parent" therefore I do not have any authority to change it.

So. I tried to run windows defender but it did not catch any threats in that folder. However, there were some 20 ish history logs that said it found a hazardous file that is called Trojan whatever.

After that I tried to load my computer in safe mode, however it won't work. I tried doing shift+restart button and using system configuration to reboot the system.

After booting with system configuration, now my computer is stuck at the sign-in screen. It does not display anything, (such as my name, the time, date, and etc) but only a background image.

I already tried numerous times trying to restart the computer but I could not find anything.



Few symptoms before my computer got stuck;

It was unusually slow. And sometimes when I looked up some antivirus stuff, my internet access was denied. I know for sure that it wasn't my internet because my family members were using it fine during my access denial. My computer was downloaded with a lot of junk files as well.


Thank you so much guys.
 
Solution
If you have a Windows DVD of either Windows 7, 8, 8.1 or 10 you need to boot from that disk and then select Repair your System.

Use the StartUp repair and/or System Restore to take it back to where it was when this started. If you can get that far and it starts normally, go into c:\windows\system32 and right click on the file cmd.exe. Select RunAs Administrator and hit the Enter key. When the black command form pops up, at the prompt, type
net user Administrator /active:yes
and hit Enter.

When you see the message that the command was successfull type exit to close the form, right click your Windows start square and select restart. When it comes back up, select the Administrator sign-in and you will have all the permissions...
If you have a Windows DVD of either Windows 7, 8, 8.1 or 10 you need to boot from that disk and then select Repair your System.

Use the StartUp repair and/or System Restore to take it back to where it was when this started. If you can get that far and it starts normally, go into c:\windows\system32 and right click on the file cmd.exe. Select RunAs Administrator and hit the Enter key. When the black command form pops up, at the prompt, type
net user Administrator /active:yes
and hit Enter.

When you see the message that the command was successfull type exit to close the form, right click your Windows start square and select restart. When it comes back up, select the Administrator sign-in and you will have all the permissions you need to delete the bad stuff.

You will probably also benefit from downloading MalwareBytes from www.malwarebytes.com. Untick the offer to have a thirty day trial and just accept the free version. Run the full scan and let it remove all the threats it finds.
 
Solution

ITkorea

Prominent
May 14, 2017
15
0
570



Thanks for your reply! I have few questions. Unfortunately I do not have the DVD you described. How do I get Windows DVD of either Windows 7, 8, 8.1 or 10? Also does it matter if I use windows DVD for 7, 8, or 8.1 even though my computer uses windows 10? What about bit version (64 or 32)?

I have looked in forums and it talked about rescue CDs. Does that work in my case?

Thank you.
 
The place to go for a genuine download is Microsoft's website. You can download Windows 10 64 bit from there and burn it to a DVD or, using Rufus, to a USB drive.

The earlier versions of Windows post Vista do run the StartUp repair options for Windows 10.

If you were to look behind the GUI (graphic user interface) you would be very surprise how little change there has been in the way Windows software works in those four attempts at getting it right.
 


Just pitch in and give the advice here, onlytecheyes. We don't support advice off the Forum pages in Private Messages or by e-mail. It has to be shown in the public space so it can be added to or challenged. If you were hoping to advertise your skills here to charge money for tech advice, think again. Many of us repair systems for our living but when we come here, it's all publlic and free.

Another thing - one post will suffice - I've deleted your duplicate.


 

ITkorea

Prominent
May 14, 2017
15
0
570



Thanks for your kind reply! Umm so I went to this website

https://www.microsoft.com/en-us/software-download/windows10ISO

and it said download windows 10 disc image. (ISO) Am I on the right track here?

 
Yes you are. Make your choice of 32 bit (x86) or 64 bit nand the ISO you download will come with options:- Windows 10 HomeN, ProN and EnterpriseN so when you run the disk, select the one that matches your version.

Go for the Repair option rather than Install - that would kill off all your files and programmes.
 

ITkorea

Prominent
May 14, 2017
15
0
570
Ok. So I went to the website I mentioned earlier, and I downloaded "windows 10" under the creator's update. I got it through the rufus and downloaded the iso file into the USB.

I booted the computer while the USB is attached to it, but nothing was different.

Perhaps I do not know how to boot from the USB???

Update* I used shift + shutdown to turn off computer, than used F2 + turn on to enter "HP hardware system diagnostics UEFI".

Update* I pressed f12 to turn on different BIOS. it has system configuration so I can change the boot order.

Update* I pressed f11 while turning on. It displayed advanced options for booting appeared without booting with USB!!! I am now doing system restore.

Update* System restore didn't fix it even though it was before the date of something went wrong. Attempted Startup repair. it said it had something wrong so I pressed "Restore" button. There is HP logo and under it says attempting repairs. Nothing much happened. I tried another system restore to older date. Now when I start my computer up, after loading, there is plane, gray screen with language bar, ethernet, ease of access toolbar, and Power options at bottom right corner.

I tried to do an option called "use a device" I selected the one with the USB, but it said "failed to boot with USB" or something like that. I am re-installing my USB with windows 10 ISO with rufus.
 
It's unusual for Rufus to get it wrong but it may have done so. You may need to get into BIOS and make sure USB Legacy Support is enabled to be certain there is power to the ports before an operating system cuts in.

If the system is recognises the presence of a USB device, it wll show a line at the top of the screen "Press any key to boot from USB device".
 

ITkorea

Prominent
May 14, 2017
15
0
570
So I went to the BIOS and set legacy support enabled and secure booting disabled. I couldn't find specific option for legacy support for USB. I prioritized USB related booting first.
I had to put a password shown on the screen to confirm that I changed the boot settings. I am not sure if I see "press any key to boot from USB" because I have a external TV that connects to my laptop (my LCD is not currently working...)

If you want the logs for rufus, I will post about it soon as well.

 
In view of all this, think it's worth going back into the infected system and follow the tip I put in my first post, that is navigate to c:\window\system32 and find the file named cmd.exe.

Right click on it and select RunAs Administrator to invoke the system Administrator account. Using that should give you all the permissions you need to delete those files. If you can't get a new installation or a repair setup to run, fixing the original problem might be the only alternative.
 

ITkorea

Prominent
May 14, 2017
15
0
570
Well, I cannot sign in to my computer at windows because it won't allow me to do anything, as I mentioned, there is plane gray screen after loading process with 4 icons at the bottom right corner. But I was able to get into advanced boot options with F11, so I will try using cmd there. I cannot boot up the system normally, and I do not know how to navigate to the cmd.exe without signing into the windows system. System restore did not help. Even though I used it help several times before this incident;;

Update* I am currently resetting my PC. The only option for running command prompt using windows advanced booter was my account, there was no administrator option. After finishing the reset. I don't see any malware or suspicious folders right now. My computer is working well, I will download malwarebytes and my deleted programs. Thank you.