I'm not sure how I got myself into this problem. I watched this movie called "Snowden" and it led me to become more anxious about these virus stuff. I don't want anyone creeping me, watching what i'm doing (through my webcam) and accessing my files. I'm really helpless, I need you guys.
Persistent virus: infected svchost & MSASCuiL?
- Thread starter Hi Van
- Start date
- Status
Update: a folder appeared again in drive "C:" named "Reimward". There's a single file inside named "Cuwolenuosy.jjj". Moreover, the folder "Waperyrerqsp" is, again, in my Program files folder. This one has a lot in it. Namely, "MIO.exe", "Snarer.msi", "SSS.dll", "UAC.dll", "WinSAP.dll", and "XOBr.dll" -- the MIO, and XOB files were detected by Zemana. However, even how many times I keep deleting it, it keeps reappearing.
2nd Update: It seems like my SSD is running out of space for no reason. Could this be caused by the virus as well?
I have the same problems: Windows 10 64, with Kaspersky and malwarebytes unable to get rid of these
Attachments
I do hope that we get a solution on this. I am clueless how this virus got into my system.
I have the same problem for weeks now. I have been infected when surfing on free streaming websites.
I use avast which first detected a rootkit and several malware and adware which infected my browser. Avast failed to clean things, so I did it manually.
I have several infections localized in windows\temp, Program Files, User\AppData\Local or Roaming, etc. Infected copies of firefox or chrome where installed in my programs.
I also had SSD filing, which was due to an inactivation of system restoration, and this allocated memory was filled up with I don't know what.
Now, I can cleanup everything in a few minutes, but almost every day, the virus (which one ?) reactivate itself, reinstall everything (BIT, reozerph, firefox, Wsnare...), and crash avast.
I am getting tired of it, and consider formating my computer. But if someone have the solution...
I use avast which first detected a rootkit and several malware and adware which infected my browser. Avast failed to clean things, so I did it manually.
I have several infections localized in windows\temp, Program Files, User\AppData\Local or Roaming, etc. Infected copies of firefox or chrome where installed in my programs.
I also had SSD filing, which was due to an inactivation of system restoration, and this allocated memory was filled up with I don't know what.
Now, I can cleanup everything in a few minutes, but almost every day, the virus (which one ?) reactivate itself, reinstall everything (BIT, reozerph, firefox, Wsnare...), and crash avast.
I am getting tired of it, and consider formating my computer. But if someone have the solution...
Hello, Nicolas. This is a pretty much severe case for us. I'm not sure what this virus is trying to achieve. Perhaps it's a virus that gets personal data from us? Or does it aim to slow down our computers for fun. I'm not sure if my computer is slowing down, but heck is this virus annoying.
Would a format ensure that the virus is gone?
Well, I cannot imagine a virus surviving a complete format, with reinstall from CD/DVDs...
I imagine that a remote hacker is using the computer to store some data...
About your filling SSD, check the restoration/recovery in Parameter\System\Storage\System\...
I imagine that a remote hacker is using the computer to store some data...
About your filling SSD, check the restoration/recovery in Parameter\System\Storage\System\...
Unfortunately for me, I haven't setup any restoration/recovery point ever since. Going back to reformatting, I have two drives (C
and (D. Now, it seems that only drive C: is the only drive showing symptoms of infection, but would you think that drive D: is also infected? Put differently, do I have to reformat both drives or only the one with the OS/infected (Drive C?
- Jun 5, 2014
- 276
malwares that infect svchost are really hard to remove, this problem is the same problem that happens with one of my virtual machines, after installing eset it detected a malware on svchost that could not remove. and you said Kaspersky was installed so Kaspersky could not prevent it too.
Would a clean format be the only hope? And do I have to reformat my secondary drive as well? Although it doesn't show symptoms of any infection...
- Jun 5, 2014
- 276
it's out of rules to respond to you about this, we have special people who are responsible for malware assist even I think my post here is out of rules I did not see the section above. if you can wait our malware removal guys will help you here. just wait for them to see the post.
Hi Van,
One of my reply has been deleted because it is out of rule to help if you are not an authorized member. But I got rid of all these stuff, with no re-infection for 24 hours now. If you want me to inform you on what I've done, you can email me on boulloche@gmail.com
Nicolas.
One of my reply has been deleted because it is out of rule to help if you are not an authorized member. But I got rid of all these stuff, with no re-infection for 24 hours now. If you want me to inform you on what I've done, you can email me on boulloche@gmail.com
Nicolas.
- Mar 8, 2013
- 22,627
Hello,
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Make sure that Addition.txt option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Hello,
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
Please attach report into your next reply.
- Right-click on
icon and selectRun as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).- Make sure that Addition.txt option is checked.
- Press Scan button and wait.
- The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
- Mar 8, 2013
- 22,627
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on
icon and select
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File). - Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finishes FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.
Fix with Farbar Recovery Scan Tool
This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable.
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
- Right-click on
icon and selectRun as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).- Press the Fix button just once and wait.
- If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
- When finishes FRST will generate a log on the Desktop, called Fixlog.txt.
Please attach it to your reply.
Hello kind sir, here's the log.
- Mar 8, 2013
- 22,627
- Status
Similar threads
-
- Locked
- Locked
