Pages:
Author

Topic: [Solved] Windows infection: please help a security newbie - page 3. (Read 6528 times)

legendary
Activity: 1246
Merit: 1076
My computer with Bitcoin on it has become infected.

There isn't anything of value to worry about. The wallet is encrypted and backed-up. And, I doubt the malware currently infecting the system is interested in stealing it anyways.

Right now, I'm more interested in salvaging the system (a clean install is likely to be both time-consuming and overwrite many files I didn't consider important enough to backup into my limited 4GB thumb drive).

I suspect the culprit is a rootkit. Neither Kaspersky's TDSSKiller nor Systematec's ZeroAccess rootkit killer found anything though. Malwarebytes is taking a long time to scan, and is at 2 infected objects found. I suspect Microsoft Safety Scanner has found the same two items.

How the malware bypassed UAC is unknown. The websites I visit should mostly come from the "safe sector of the net", and no websites in history are immediately suspicious. However, I do notice that "Adobe installation helper" has recently been run. This is the most likely culprit.

The symptoms of the infection are diverse. I'll try to list some of the most obvious ones below:
  • The system is extremely slow and input is often interupted.
  • Some services are missing (not stopped, but gone): Background Intelligent Transfer, Microsoft Antispyware, Windows Update, and Windows Firewall (probably more).
  • As a consequence, MSE, Windows Firewall, and Windows Update are disabled and cannot be enabled.
  • Google and Bing search results are sometimes randomly redirected to garbage websites.

My system is an genuine Windows 7 Professional install.

Any help would be greatly appreciated.
Pages:
Jump to: