Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsDesktop computingVirus Windows 10 64bits
shakedown14

74 posts

Master Geek
+1 received by user: 8

ID Verified

#210506 30-Mar-2017 13:44
Send private message

Hi Geekzone,

 

I had a virus on my work computer this one: https://www.bleepingcomputer.com/news/security/chrome-users-targeted-with-malware-via-new-font-wasnt-found-technique/

 

I used Adaware and Malwarebytes to remove it. Most of it is but I still have a spam message that comes up on Chrome when I start my computer.

 

How do I remove the last bit?

 

Also since that folders open in a new window so keeps opening heaps in new windows, all my PDF/Excel/word files have been corrupted. Also when I save a file I can save it anywhere on my computer some path are missing like if I want to save on disk D: I can only save on the root cause I don't see the folders.

 

I've done a Registry check and found nothing.

 

How can I fix all that?

 

 

 

Cheers,

Create new topic
MadEngineer
4591 posts

Uber Geek
+1 received by user: 2570

Trusted

  #1750700 30-Mar-2017 13:49
Send private message

Format




You're not on Atlantis anymore, Duncan Idaho.



antoniosk
2382 posts

Uber Geek
+1 received by user: 742

ID Verified
Trusted
Lifetime subscriber

  #1750709 30-Mar-2017 14:05
Send private message

sys restore?




________

 

Antoniosk

gehenna
8667 posts

Uber Geek
+1 received by user: 3883

Moderator
Trusted
Lifetime subscriber

  #1750713 30-Mar-2017 14:16
Send private message

If it's your work computer is it your responsibility to do all that?  I'd give it to your IT staff.



shakedown14

74 posts

Master Geek
+1 received by user: 8

ID Verified

  #1750716 30-Mar-2017 14:20
Send private message

gehenna:

 

If it's your work computer is it your responsibility to do all that?  I'd give it to your IT staff.

 

 

 

 

I'd like to do it myself if possible and I'm propably the one with the best IT knowledge in my company (8 people).

MadEngineer
4591 posts

Uber Geek
+1 received by user: 2570

Trusted

  #1750720 30-Mar-2017 14:23
Send private message

Sounds like you need an IT review.




You're not on Atlantis anymore, Duncan Idaho.

old3eyes
9158 posts

Uber Geek
+1 received by user: 1364

Subscriber

  #1750776 30-Mar-2017 16:45
Send private message

I remember a similar problem about two years ago and used Adwcleaner to remove any crap that was left ..




Regards,

Old3eyes

 
 
 
 

Shop now on Samsung phones, tablets, TVs and more (affiliate link).
Batman
Mad Scientist
30012 posts

Uber Geek
+1 received by user: 6217

Trusted
Lifetime subscriber

  #1750799 30-Mar-2017 17:40
Send private message

i'd run Avast boot scan. not sure if that's the right way but that's what I'd do. backup first though.

Andib
1395 posts

Uber Geek
+1 received by user: 974

ID Verified
Trusted

  #1750801 30-Mar-2017 17:42
Send private message

Check for Chrome extensions. 

 

I've recently seen adware load 'legit' extensions to Chrome & Firefox which aren't detected by Malwarebytes and the like.




<# 
       .DISCLAIMER
       Anything I post is my own and not the views of my past/present/future employer.
#>

timmmay
20858 posts

Uber Geek
+1 received by user: 5350

Trusted
Lifetime subscriber

  #1750802 30-Mar-2017 17:43
Send private message

Restore from backup or reinstall. I use Macrium Reflect for OS backups.

ANglEAUT
altered-ego
2436 posts

Uber Geek
+1 received by user: 841

Trusted
Lifetime subscriber

  #1750864 30-Mar-2017 19:50
Send private message

shakedown14:

 

gehenna: If it's your work computer is it your responsibility to do all that?  I'd give it to your IT staff. 

 

 I'd like to do it myself if possible and I'm propably the one with the best IT knowledge in my company (8 people). 

 

 

 

The best way is to wipe the device and re-install the OS. That way is the best to guarantee that nothing malicious was left behind / overlooked.

 

If you really want to try a clean-up, back up your data and start with these

 

  • In Win8 / Win10, run Task Manager and look at the Start Up tab. Disable everything that you don't believe should be there. IF you are unsure, rather disable and see if anything breaks.
  • In Win7 / Win8 / Win10 you can run MSCONFIG.EXE and again from the Start Up tab, disable everything, reboot several times and only enable broken functionality related items. On the Services tab, hide all Microsoft related services and again disable everything, reboot and then only enable broken functionality.
  • More low level, look at the Registry (Beware!!! Take care! Approach with caution!) Right click on a folder / key in the left hand navigation tree and export to a .reg file before making any changes.

     

    • Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
    • Browse to HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
    • Browse to HKEY_LOCAL_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
    • Browse to HKEY_LOCAL_USER\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run and delete non-required entries
  • Disable extensions / add-ons in all installed browsers
  • Failing all of that, try to roll-back to a previous restore point before the infection by running RSTRUI.exe
  • In Win8 / Win10 you can try to "reset" your PC from Start -> Settings -> Update & Security -> Recovery -> Reset PC. This effectively will "re-install" Windows while leaving your files intact.
  • In Win8 / Win10 you can try to "refresh" your PC from Start -> Settings -> Update & Security -> Recovery -> Advanced Start-up. This will "re-install" Windows completely and wipe everything else out.




Please keep this GZ community vibrant by contributing in a constructive & respectful manner.

yitz
2238 posts

Uber Geek
+1 received by user: 594


  #1750867 30-Mar-2017 19:54
Send private message

+1 System restore is surprisingly pretty effective in general at getting rid of malware.

 
 
 
 

Shop now on Samsung phones, tablets, TVs and more (affiliate link).
shakedown14

74 posts

Master Geek
+1 received by user: 8

ID Verified

  #1757606 6-Apr-2017 15:01
Send private message

Thanks guys I think I'll give a try to the "Reset this PC" option that Windows 10 gives you. Apparently restore system to factory without touching documents.

Coil
6614 posts

Uber Geek
+1 received by user: 2153
Inactive user


  #1757625 6-Apr-2017 15:03
Send private message

timmmay:

 

Restore from backup or reinstall. I use Macrium Reflect for OS backups.

 

 

 

 

+1 for Macrium reflect, You can also load the ISO into Hyper V or VMWare and troubleshoot the drive in a "sandbox".
If successful re flash the HDD with the new image and boom!

Batman
Mad Scientist
30012 posts

Uber Geek
+1 received by user: 6217

Trusted
Lifetime subscriber

  #1757635 6-Apr-2017 15:07
Send private message

shakedown14:

 

Thanks guys I think I'll give a try to the "Reset this PC" option that Windows 10 gives you. Apparently restore system to factory without touching documents.

 

 

Depending on how much you value your "documents", I'd back them up, but treat the backup as an infected drive.

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright