SOLVED Windows Process Manager (64-bits) Virus -- Another Victim here

Discussion in 'Malware Removal Assistance For Windows' started by ShawnCHL, Jan 2, 2018.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    Operating System:
    Windows 10
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    not sure how many days but maybe 3-4 days ago, my game started to reach extremely low ping and google chrome always freeze after like 30mins
    Current issues and symptoms:
    Always 1 windows process manager exist and freeze my computer and make game low ping
    Steps taken in order to remove the infection:
    reimage; malewarebytes and mbar(from the thread i read)
    Logs added to help request:
    • FRST.txt
    • Addition.txt
    Hi there
    Basically, i mis-downloaded something and it leads to a searcher download. Then i got this search-awesome virus and i used paid-reimage to clean it eventually. Next my chrome search started to redirect to bing and yahoo then i used various methods from the internet and finally got it fixed by changing the chrome policy or something.
    However, there's always this windows process manager in the task manager for like 5 days. The windows process manager contain clients from 1 -- 3 or 4 (not sure because i can't check the task manager all the time)
    I either can't open file location(access denied) and end the task. FYI, I've tried reimage; malewarebytes and mbar(from the thread i read), none of them could really make this thing disappear.
    This thing has made my game to reach extremely low ping and chrome to freeze often times.
    Pls help me out ^^
     

    Attached Files:

  2. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    #2 ShawnCHL, Jan 2, 2018
    Last edited: Jan 2, 2018
    1.png 2.png 3.png 4.png 5.png 6.png
    Here's the fresh one after i scanned again with reimage pc repair (found some suspicious crashed files)
    With some snapshots of the task manager detail
     

    Attached Files:

  3. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    By the way, i tried to restart into advanced menu and recovery but every time i do that, it just gives me black screen with a mouse that i could move around; then after two mins it automatically restarts my pc normally.
     
  4. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,729
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,


    Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
    • Now you should get a window like this where you need to click Troubleshoot.
    [​IMG]
    • In the next window, click Advanced options and select Command Prompt.
    • Now you should log in into your account and after that Command Promptwindow.
    [​IMG] Access the notepad and identify your USB drive

    In the Command Prompt please type in:
    Code:
    notepad
    and press Enter.
    • When the notepad opens, go to File menu.
    • Select Open.
    • Go to Computer and search there for your USB drive letter.
    • Note down the letter and close the notepad.


    [​IMG] Scan with Farbar Recovery Scan Tool

    Once back in the command prompt window, please do the following:
    • Type in e:\frst64.exe and press Enter.
      You need to replace e with the letter of your USB drive taken from notepad!
    • FRST will start to run. Give him a minute or so to load itself.
    • Click Yes to Disclaimer.
    • In the main console, please click Scan and wait.
    • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

    Transfer it to your clean machine and include it in your next reply.
     
    Syafiq likes this.
  5. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    Hey man
    I can't boot to recovery, every time i tried to get to the advanced option menu
    1st it shows a blue screen with please wait, then the screen turns black but with a visible mousing that i could move around.
    Then after like 2mins the pc just automatically restarts.
     
  6. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    Well, i tried various methods trying to get to the advanced option menu. it always gives me the black screen
    So what i've done now is that i open the system configuration and restart my pc with the safe boot (alternative shell) --- it gives me the command prompt and i did the method you told me and get these 2 files
    Btw, pls help me out here, i feel like it's getting worse, my game reaches unbelievable low ping and my pc just crashed today into blue screen.
     

    Attached Files:

  7. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    I tried 1 more time and it finally worked
    here's the frst file
    btw, i can delete the virus folder now but just not sure if it's gonna pop up again
     

    Attached Files:

  8. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,729
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    Download attached fixlist.txt and save it to your USB flashdrive as fixlist.txt

    >> Boot into Recovery Environment


    Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt on your USB flashdrive.


    >> Exit out of Recovery Environment and post me the log please.



    Try to boot Windows normally...
     

    Attached Files:

    Syafiq likes this.
  9. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester


    There you go
    BTW, i can boot to recovery through settings today and once i restart normally again after the fixing, my reimage pc repair disappear from the desktop (where i installed it)
     

    Attached Files:

  10. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,729
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    Reimage isn't a reputable software, so I would avoid it. How is your computer behaving now? You can now scan with FRST from Normal mode and upload the reports for my review.
     
    Syafiq likes this.
  11. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    I think it's all good now, thank you so much, god bless you ^^
     
  12. ShawnCHL

    ShawnCHL New Member

    Jan 2, 2018
    9
    0
    Rochester
    Here's the new scan result in normal mode
     

    Attached Files:

  13. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,729
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    That's it, you're good to go :)
     
    Thunderbold and Syafiq like this.
Loading...
Similar Threads Forum Date
Windows Process Manager (32 Bit) Malware Removal Assistance For Windows Yesterday at 6:18 PM
Fake Windows Process Manager Malware Removal Assistance For Windows Monday at 7:58 PM
Windows Process Manager virus. Help. Malware Removal Assistance For Windows Monday at 1:18 PM