Trying to clean my PC up from a recent virus infection

renanxusa

Estimable
Mar 18, 2014
5
0
4,510
Ok. I'm generally a very cautious PC user, so this here might also serve as a cautionary tale for you: Never attempt to download possibly dangerous things while using your phone.

That's exactly what happened to me: Downloaded a .wmv torrent that asked me to install a codec. Since I've never seen anything like it, thought to myself "what harm can it be? It's all through wmp!" Then the fake codec installed tons of junkwares / adwares / not-goodwares etc.
What I've already done: Ran Combofix, Junkware removal tool, malware bytes and adwcleaner.
Those are softwares I know and trust, but it still seems to me I didn't do enough.

What I've seen so far:
• Junkware trying to install something in my PC (stopped a while, but I don't know if I destryoed it, or if it'll just come back later the window was called "Install Your Software");
• Rework on my browser initial pages, strange booting behavior;
• A invisible (turned visible) desktop.ini icon on my desktop
• Plenty of softwares installed, most (or all) have been uninstalled already.
• Received this window on start up twice (though stopped last two start ups I did): "setting up personalized settings for windows desktop update" (not my PC's native language, may not be the exact wording)

NO BAIDU, THANK LORD.
 

Aspiring techie

Estimable
Mar 24, 2015
37
0
4,610
Go to Control Panel. Click on Programs and Features and then click on Programs. A list of all the programs on your PC will appear, with the ones that were installed or updated recently appearing at the top. Delete ones that you are sure are junkware. Warning: if you don't know what the program is, then don't delete it. It might just be something that's critical to your computer. Just google the programs you don't know to see whether they're good or bad.
 

Aspiring techie

Estimable
Mar 24, 2015
37
0
4,610
Install Qihoo 360 TS. It runs its own engine, and the Bitdefender and Avira engines too, you just have to download them. Run the full system scan.

I was in a similar situation that you are in right now. I installed the Qihoo antivirus, and it went crazy. Popups were everywhere. However, it got the job done. Scrubbed the computer squeaky clean.
 

gangrel

Honorable
Jun 4, 2012
61
0
10,610
I'd also just flat-out say, downloading ANYTHING executable via torrent, including a codec, is like sleeping in an infectious disease ward without any precautions. You may well bypass most of the protections that normally are in place.

These SOBs include registry entries, DLLs, and some other nasty tricks. They're HARD to remove. This may not be the exact virus, but should be a guide to what you'll have to do:
http://www.ehow.com/how_7290211_remove-codec-virus.html

Best of luck.
 

Aspiring techie

Estimable
Mar 24, 2015
37
0
4,610

Yeah, it's not perfect. I recommended it because it uses 3 different antivirus engines, so there's a better chance to clean the OP's computer. Plus, it's free, so it can be used in 1 scan, then uninstalled. I would prefer something like Kasperky or Bitdefender (they are AMAZING), but they cost lots of $$$.
 

renanxusa

Estimable
Mar 18, 2014
5
0
4,510
The strange thing is: This codec virus installed this Qihoo here... I deleted it, though. Is it actually good? Gotta try this link, gangrel said (also, I've already ran a program cleaning through control panel)
 

gangrel

Honorable
Jun 4, 2012
61
0
10,610
I wasn't gonna say this, but...Qihoo is Chinese. I will avoid it like a vampire avoids garlic. There was actually a comment about Baidu anti-virus...that it actually, in some ways, acted LIKE a virus. Qihoo and Baidu are competitors in China, so that *could* explain the NO BAIDU thing. NO WAY I'd bring it in willingly...and when I hear it was brought in by the codec, that's IT for me...makes it a Typhoid Mary in my book. Maybe unfair? Sure. Eek. I don't care. This is my judgment based on the admittedly anecdotal evidence, and not a court of law. renanx can tell us just how much Not Fun he's having.

The PC Mag review was mediocre, at best. BTW, I just renewed my Bitdefender internet security package for 3 machines. They're having a sale now; I think for 1 box, you can get it for $20. And, what's your time worth? How many hours does it take to get this all cleaned up?

Finally: look on the boards here. You can install Win 10 as an upgrade. Then, there is a way to get the new Win 10 license key...which you can use to do a *clean* install of Win 10. (Get the ISO for Win 10, then burn it to a flash drive. Obviously, this can't work if you go through WIndows Update.) I know there's a more complete explanation on here...somewhere. I would do one thing as well, if you consider this route: uninstall all your browsers. These suckers sometimes take residence as browser extensions. That would live through an update to 10, but not a clean install. That reminds me...check any extensions you're using in Firefox or Chrome. Check search engines...who the heck knows? Takes a moment at most, and I damn sure don't want to give this thing ANY hiding place.
 

renanxusa

Estimable
Mar 18, 2014
5
0
4,510
for some reason I'm not being able to use the search feature in Windows to perform that wikihow tutorial.

Anyways, I know doing a clean install will solve my problems, but the thing here is that I need to make a backup and if this has the slightest chance to live through the backup and pass to the new win 10 installation, I'll be damned. Everything seems ok now, but I'm a little paranoid with it so I just wanted something to triple check.

Also, there IS a way to get a win 10 lincense from clean install? (or is it THAT other way ppl did with win 7?)
 

gangrel

Honorable
Jun 4, 2012
61
0
10,610
You do an upgrade install from 7 to 10. After that, you can find the product key *for Windows 10* that was used during the upgrade install. This is a legit Win 10 key that you can record, then use during the clean install.

And I do hear ya on the backup and wanting to make sure this doesn't afflict your 10 system. I didn't have that much I was all that worried about...in part because I had a NAS, and a WD external drive, and a whole lot of stuff got moved over to that a while ago. I did make sure to save the data for one game, and checked areas like Documents and Downloads. Big stuff like music had been moved quite a while ago. I DON'T worry about browser bookmarks, or most programs that I can just reinstall. Oh, and boy, it helps considerably that I started using Google Sheets for some very simple (but important) files, and Gmail for mail. Puts the storage onto the cloud.

So I'd start by backing everything up manually and individually, and making DARN sure that you're backing up what you need, but that no virus fragments get through.
 

gangrel

Honorable
Jun 4, 2012
61
0
10,610
I don't back up AppData generally; I will back up specific parts. Email is in there, for example, if you use a local program (as opposed to going through your browser.) Saving stuff from there should be fine....just not doing a blanket copy.