Really tough virus with admin security

[cmathis99]

I was stupid and downloaded some sketchy stuff and have a really bad virus. I have made this mistake before but nothing has been so unforgiving as what I am experiencing. I have tried everything I can think of to get rid of it: I tried to just plain delete it, delete using command prompt, take ownership, rename, move, change properties, I even tried regular old paid antivirus (total av). Nothing has worked and the virus is preventing me from using my pc almost at all. I’m at a loss for what to do. The virus consists of three folders sbskeam wmcagent and iahvrwu, which are somehow connected to the adware gotomaxdealz and the applications infantrymen and obgocut. Basically I can’t use a browser because of the redirects and the two applications crash my system. Not to mention I have no piece of mind in doing anything. Has anyone experienced anything like this? Please help.

 

[Tolis_GR]

Try to boot into safe mode, download Malwarebytes and give it a shot

 

[smorizio]

you have a dropper program that loading at power up. boot into safe mode use msconfig see what in start up. turn everything off but anti virus. in add/remove programs go by date and remove the newest added and then look for fake programes. if you have too try a virus rescue disk from any of the big anti virus comps. if you cant clean it your going to need to make a new windows bottable usb stick and nuke and pave the drives and start over.

 

[bignastyid]

Nuke and pave then restore data from your backup.

 

[mdd1963]

How long does it take to delete partitions, and reinstall Win10 from USB to SSD these days? (Mine was at the desktop in less than 5 minutes, so one must truly weigh how much time is invested in trying to ferret out deeply entrenched malware before just 'nuking it from orbit'........)

 

[USAFRet]

This is when you recover from a full system backup you made before this happened.
Failing that, this is when you go nuclear and do a full wipe and reinstall.

Trying to "fix this" will take far longer, and you'll never really be sure you got all of it.

 

[cmathis99]

you have a dropper program that loading at power up. boot into safe mode use msconfig see what in start up. turn everything off but anti virus. in add/remove programs go by date and remove the newest added and then look for fake programes. if you have too try a virus rescue disk from any of the big anti virus comps. if you cant clean it your going to need to make a new windows bottable usb stick and nuke and pave the drives and start over.

Once I leave safe mode, the programs somehow find a way to start back up again. Even in safe mode, I can't delete them. The main problem is that I do not have "authority" to do so.

 

[cmathis99]

This is when you recover from a full system backup you made before this happened.
Failing that, this is when you go nuclear and do a full wipe and reinstall.

Trying to "fix this" will take far longer, and you'll never really be sure you got all of it.

The programs have somehow blocked system recovers- I can't access a recover, even though I have done this before.

 

[USAFRet]

This is when you recover from a full system backup you made before this happened.
Failing that, this is when you go nuclear and do a full wipe and reinstall.

Trying to "fix this" will take far longer, and you'll never really be sure you got all of it.

The programs have somehow blocked system recovers- I can't access a recover, even though I have done this before.

Then your backup procedure is not robust enough.

Time for a full wipe and a clean install of everything.

 

[cmathis99]

Nuke and pave then restore data from your backup.

I'm not sure how to do this because the malware is preventing me from accessing my backups... if I created one now, wouldn't the malware be on it anyway?

 

[cmathis99]

MERGED QUESTION
Question from cmathis99 : "virus has disabled system restore/reset"

I have a really bad virus I can't root out and have been resolved to do a restore or reset. The problem is I cannot access either; I tried the normal way, nothing happens when I click, tried in safe mode, tried from command prompt. Is there a way to make my computer restore or reset?

 

[cmathis99]

MERGED QUESTION
Question from cmathis99 : "virus has disabled system restore/reset"

I have a really bad virus I can't root out and have been resolved to do a restore or reset. The problem is I cannot access either; I tried the normal way, nothing happens when I click, tried in safe mode, tried from command prompt. Is there a way to make my computer restore or reset?

 

[USAFRet]

As said several times above, it is time for a clean install.

Boot from whatever OS install media you have.
Wipe the drive and install a clean OS.
Of course, this means a reinstall of everything else.

And don't create another thread on this.

 

[CaptainCretin]

When faced with a really nasty infection, I go to "bleepingcomputer.com and ask for help; they have experts who can talk you through what programs to download and will ask you to run them and post the results; you may have to do this several times before they are happy they have removed everything unsafe.

I was faced with a friends PC, where her teenage daughters had opened some "game" files sent to them by a "friend"; Malwarebytes was reporting over 14,000 suspicious files by the time she called me, and even in Safe Mode, it couldnt stop all of them.

Once I got someone to help, it took about 5 -6 hours to clean the system; yes, it would take less time to nuke and start afresh, but we are talking girls here, no back ups of family photos or important documents at all.

 

[USAFRet]

When faced with a really nasty infection, I go to "bleepingcomputer.com and ask for help; they have experts who can talk you through what programs to download and will ask you to run them and post the results; you may have to do this several times before they are happy they have removed everything unsafe.

I was faced with a friends PC, where her teenage daughters had opened some "game" files sent to them by a "friend"; Malwarebytes was reporting over 14,000 suspicious files by the time she called me, and even in Safe Mode, it couldnt stop all of them.

Once I got someone to help, it took about 5 -6 hours to clean the system; yes, it would take less time to nuke and start afresh, but we are talking girls here, no back ups of family photos or important documents at all.

Personally, I still wouldn't trust a system in that state.
No matter how many malware scans were done, with whatever tools.

Clean slate.

Pictures and docs gone? This is a teaching moment.

 

[cmathis99]

As said several times above, it is time for a clean install.

Boot from whatever OS install media you have.
Wipe the drive and install a clean OS.
Of course, this means a reinstall of everything else.

And don't create another thread on this.

I don't care if I lose everything, I would love to do this if I could, but I don't know what you mean. I don't have my old disc (from 5 years ago...) am I SOL?

 

[USAFRet]

I don't care if I lose everything, I would love to do this if I could, but I don't know what you mean. I don't have my old disc (from 5 years ago...) am I SOL?

One bit of information that has not been imparted to us out here...

What OS is this and where did it come from?

 

[cmathis99]

I don't care if I lose everything, I would love to do this if I could, but I don't know what you mean. I don't have my old disc (from 5 years ago...) am I SOL?

One bit of information that has not been imparted to us out here...

What OS is this and where did it come from?

Understand that I built this pc 5 years ago... the OS is windows 8.1 it came from a disk originally. My friend helped me build the computer; he was a computer nerd always hanging out in the lab at school and the teacher gave him a leftover disk from a big upgrade they had done on all the school computers. I only have a product code

 

[USAFRet]

Understand that I built this pc 5 years ago... the OS is windows 8.1 it came from a disk originally. My friend helped me build the computer; he was a computer nerd always hanging out in the lab at school and the teacher gave him a leftover disk from a big upgrade they had done on all the school computers.

Do you know the license key?
If not, Belarc Advisor (if you can install and run it) can help discover the license key.

Then...
https/www.microsoft.com/en-us/software-download/windows8ISO

 

[mdd1963]

If the product was legally and successfully activated, you won't even need the product code reinstall if using an MS account...

And you should still be able to make/download OS media from MS,...
https/www.microsoft.com/en-us/software-download/windows8ISO