Solved Windows Process Manager (64-bits) Virus -- Another Victim here

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#1
Hi there
Basically, i mis-downloaded something and it leads to a searcher download. Then i got this search-awesome virus and i used paid-reimage to clean it eventually. Next my chrome search started to redirect to bing and yahoo then i used various methods from the internet and finally got it fixed by changing the chrome policy or something.
However, there's always this windows process manager in the task manager for like 5 days. The windows process manager contain clients from 1 -- 3 or 4 (not sure because i can't check the task manager all the time)
I either can't open file location(access denied) and end the task. FYI, I've tried reimage; malewarebytes and mbar(from the thread i read), none of them could really make this thing disappear.
This thing has made my game to reach extremely low ping and chrome to freeze often times.
Pls help me out ^^
 

Attachments

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#2
1.png 2.png 3.png 4.png 5.png 6.png
Here's the fresh one after i scanned again with reimage pc repair (found some suspicious crashed files)
With some snapshots of the task manager detail
 

Attachments

Last edited:

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#3
By the way, i tried to restart into advanced menu and recovery but every time i do that, it just gives me black screen with a mouse that i could move around; then after two mins it automatically restarts my pc normally.
 

TwinHeadedEagle

Removal Expert
MalwareTips Staff
Verified
Joined
Mar 8, 2013
Messages
22,360
OS
Windows 10
Antivirus
ESET
#4
Hello,


Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
  • Now you should get a window like this where you need to click Troubleshoot.

  • In the next window, click Advanced options and select Command Prompt.
  • Now you should log in into your account and after that Command Promptwindow.
Access the notepad and identify your USB drive

In the Command Prompt please type in:
Code:
notepad
and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.


Scan with Farbar Recovery Scan Tool

Once back in the command prompt window, please do the following:
  • Type in e:\frst64.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

Transfer it to your clean machine and include it in your next reply.
 
Likes: Syafiq

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#5
Hey man
I can't boot to recovery, every time i tried to get to the advanced option menu
1st it shows a blue screen with please wait, then the screen turns black but with a visible mousing that i could move around.
Then after like 2mins the pc just automatically restarts.
 

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#6
Well, i tried various methods trying to get to the advanced option menu. it always gives me the black screen
So what i've done now is that i open the system configuration and restart my pc with the safe boot (alternative shell) --- it gives me the command prompt and i did the method you told me and get these 2 files
Btw, pls help me out here, i feel like it's getting worse, my game reaches unbelievable low ping and my pc just crashed today into blue screen.
 

Attachments

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#7
I tried 1 more time and it finally worked
here's the frst file
btw, i can delete the virus folder now but just not sure if it's gonna pop up again
 

Attachments

TwinHeadedEagle

Removal Expert
MalwareTips Staff
Verified
Joined
Mar 8, 2013
Messages
22,360
OS
Windows 10
Antivirus
ESET
#8
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt

>> Boot into Recovery Environment


Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your USB flashdrive.


>> Exit out of Recovery Environment and post me the log please.



Try to boot Windows normally...
 

Attachments

Likes: Syafiq

ShawnCHL

New Member
Joined
Jan 2, 2018
Messages
9
#9
Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt

>> Boot into Recovery Environment


Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your USB flashdrive.


>> Exit out of Recovery Environment and post me the log please.



Try to boot Windows normally...


There you go
BTW, i can boot to recovery through settings today and once i restart normally again after the fixing, my reimage pc repair disappear from the desktop (where i installed it)
 

Attachments

TwinHeadedEagle

Removal Expert
MalwareTips Staff
Verified
Joined
Mar 8, 2013
Messages
22,360
OS
Windows 10
Antivirus
ESET
#10
Reimage isn't a reputable software, so I would avoid it. How is your computer behaving now? You can now scan with FRST from Normal mode and upload the reports for my review.
 
Likes: Syafiq