Computer is Hacked

[Gary Burkman]

I ran the immunet virus scan and it did not detect anything.  However I have background processes that have no property selection available. Most of my processes are disabled or do not have permission. Chrome and Microsoft Edge have been corrupted.  Any suggestions?  Thank you

[ritchie58]

Hi Gary, sorry to hear about your current predicament! 

I would assume you already tried a previous System Restore point with no luck.

Have you tried to run Immunet in Safe Mode yet? If not, enter "Safe Mode with Networking" and run a Full Scan of all your drives on your machine.

If running Immunet in Safe Mode produces no positive results may I suggest you try Emsisoft Emergency Kit. These free series of tools are great at cleaning an already infected machine. https://www.emsisoft.com/en/home/emergencykit/

Some types of malware won't let you successfully download or install any new anti-malware software. So you may need to use a friend or relative's computer to download Emsisoft Emergency Kit. Then make sure you update the software and then upload it to a USB flash drive. After entering "Safe Mode without Networking" on your machine plug in the USB device and run the scanning tools.

There are some great tutorial videos on YouTube you can view prior to using the software too! Just type in Emsisoft Emergency Kit in YouTube's search bar.

I always keep a current copy of EEK on a USB device myself just in case.

If none of these things are successful there a few other things to try but, worst case scenario, you may have to format your Operating System again. I hope your machine came with the original OS install disk, you may eventually need it.

If you need any further assistance or instructions feel free to add an additional thread to this topic.

Best wishes, Ritchie...

[Gary Burkman]

Thank You Ritchie!

[zombunny2]

Hope you got it sorted. +1 for Emsisoft Emergency Kit. I wouldn't be without it. It's my go-to cleanup tool and normally one pass with that leaves nothing left for any other tools to clean up.

I believe you can also make a bootable CD/DVD/USB clean-up tool from within any Kaspersky product (including home free). They might even provide an ISO on their web site, I don't remember.

Once the machine boots up, F-Secure online scanner is also pretty good and very fast.

Finally, honourable mention to MalwareBytes - both MBAM and AdwCleaner. These days, I find their detection rate is no where near what it used to be, but it's still worth giving it a go.

---

If you're still having trouble, Zemana is very fast but I've never ever seen it detect anything - even when I once tested it on a malware collection I've accumulated. I scanned the entire folder and... precisely zero detections. That said, it probably looks for the indicators of compromise on the actual system, rather than the droppers in a folder. Another issue with it, is that after uninstall, it leaves lots of traces on your system that are extremely difficult to remove - dlls to unregister, files to take ownership of, and the like.

If you're getting really desperate, and are familiar with *nix, get any Linux live CD and install clamav into the live session. Then, take your pick of the unofficial databases. I'd suggest any of the low-risk Sane-Security databases, and all the SecuriteInfo databases, and copy those into /var/lib/clamav. Then scan your system with that. Be warned, there will be a few false-positives... If you don't already know how to do this and what to do with clamav's output, I'd say it'd be easier to just wipe your machine and start over by this point, but it's worth a shot if you've used Clamav from within GNU/Linux before, and you've exhausted every other option.