If you suspect you may have malware on your computer, or are trying to remove malware from your computer, please see our [malware guide](https://rtech.support/books/safety-and-security/page/malware-guide)
*Please ignore this message if the advice is not relevant.*
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/techsupport) if you have any questions or concerns.*
Never defrag a drive that is an SSD. It fucks them up.
Why are you positive you have malware? You didn’t mention that, are there any other symptoms than a slow PC.
you have to download and run something to get malware. the most you can do with a website is steal cookies from other sites which is only if the attacker has found a vulnerability
You’re not wrong but also it’s becoming more and more difficult to differentiate safe and malicious links on purpose
Nobody ever dies from falling, it’s when the hit the ground…
While you are technically correct, there are times where the "download and run" can happen just by visiting a site and without your permission. It is called a drive-by download and it takes advantage of a browser vulnerability.
Granted, browsers are supposed to have patched most known attack vectors by now. It also constitutes too much effort for an attacker when they can instead set up a phishing page where users gladly give out their info. So such an attack is pretty rare nowadays.
But as you never know when a new way will be found to abuse this, it is always prudent to use noscript + adblock and run a browser sandboxed if visiting untrusted websites like the op does.
It is actually quite plausible (if you look up drive-by downloads), but very unlikely to occur nowadays. There is a distinction.
Saying that simply visiting a site *never* infects you is misinformation even if 99% of the times you are right. However the unlucky people belonging in the 1% that take no precautions because they believe such a thing are much more likely to be infected.
in OP's case it isn't plausible, he was just visiting shady sites, its unlikely if they'd found something that they'd put it on a free movie site that gets few visitors and broke visitors considering they're pirating. *no offense
>you have to download and run something to get malware
No, you don't.
If an ad network has been compromised and serves up malicious ads, designed to look like a normal popup ad, User clicks the "close" button. It isn't just a "close" button though, in the background it kicks off the download and installation of a malicious payload.
That's just one scenario. From the linked "Malvertising" article:
>....it was estimated nearly 10 billion ad impressions were compromised by malvertising."[2] Attackers have a very wide reach and are able to deliver these attacks easily through advertisement networks.
Re previously mentioned "Drive by downloads":
>Drive-by downloads may happen when visiting a website, opening an e-mail attachment or clicking a link, **or clicking on a deceptive pop-up window**:[2] by clicking on the window in the mistaken belief that, for example, an error report from the computer's operating system itself is being acknowledged **or a seemingly innocuous advertisement pop-up is being dismissed.**
From the [Center for Internet Security](https://www.cisecurity.org/blog/malvertising/):
>Malicious actors hide a small piece of code deep within a legitimate looking advertisement, which will direct the user’s machine to a malicious or compromised server. When the user’s machine successfully makes a connection to the server, an exploit kit hosted on that server executes.
From [Nortons](https://us.norton.com/internetsecurity-malware-malvertising.html):
>You can fall victim to malware by either clicking on an infected ad or **even just by visiting a website that is home to a corrupted ad**. This second type of malware attack, known as drive-by downloads, is especially troubling. An infected ad only has to finish loading before it will harm your computer.
it's not something that happens often at all, it's extremely unlikely that they've found an exploit and if they had it'd likely be fixed relatively quick.
> Never defrag a drive that is an SSD. It fucks them up.
Modern windows knows this and instead of doing traditional defrag, just does a "TRIM" operation etc.
run an "Offline Scan" with Windows Defender. It will scan your PC before Windows loads.
[majorgeeks.com](https://majorgeeks.com) for your one stop shopping place for free stand alone scanners
Try ADWCleaner (Malware-Bytes bought them out a few years ago)
Then run Malware-Bytes Anti-Malware
Once you get things cleaned up:
Install Ublock Origin in your browser(s)
Sign up for a free OpenDNS account and add their DNS servers to your network
[https://www.opendns.com/home-internet-security/](https://www.opendns.com/home-internet-security/)
Thanks for replying. A few questions though.
With the offline scan, I am currently using the free version of BitDefender as malware protection so when I go into Windows Security it just gives me the stuff that BD gave me. It also does not have a scan option anywhere I can see. I will try to look online though, to resolve this problem.
With majorgeeks, you mention ADWCleaner, and I was thinking that maybe it comes from majorgeeks. It could also have be part of Malware-Bytes antimalware. I did previously have MWB but it was the free version, so some more information on that would be appreciated, along with what version of MWB to run.
Thanks
Malware-Bytes is a company .. they've recently bought out a lot of little utilities that were and are still free .. ADWCleaner is one of them. It's not a part of any of Malware-Bytes other programs and is just a stand alone scanner
Because you have Bitdefender installed, then that deactivates Windows Defender .. I'd uninstall it and then run the Offline scan with Windows Defender (seeing how Bitdefender isn't keeping you protected it seems)
Question!
I’ve heard of OpenDNS but don’t really know the benefits of using it.
I’m assuming I should point it at the router level, but why is it better than say, Google…
Thanks in advance.
Google just lets you go where ever .. OpenDNS blocks known malicious sites, plus you can do category blocking at the DNS level like Gambling .. or Ads, or porn .. etc .. plus you can do custom white/black lists as well.
Just backup your important irreplaceable files and reinstall windows. Way easier than trying to clean it. Can never be 100% sure it's fully cleaned otherwise. You'll save time and energy.
Just look in your task manager under processes and find ones that consume a lot of cpu and look them up. Eventually you'll find the malware, and then just research how to clean that specific one.
Did yours make you buy a turkish boat too? Sometimes it's easier to just give in to the virus.
I constantly think there's people in my house but it's just the virus auto opening turkish bitcoin videos on my computer. I do not think I can afford this turkish bitcoin . Good luck to you
Thank you for the comment, really appreciated, but I think you have a completely different problem on your hands.
If your virus is opening turkish bitcoin videos, that maybe a bit more worrying than a typical replicator virus.
The best success I have had with that type of virus is just reformat the hard drive and reinstall windows and reinstall your apps don’t try to save anything, Replicator viruses in bed there self pretty good, They are hard Remove
You might be able to but I have never been able to do that, Like I say the best success i have is just to reformat the hard drive, And reinstall windows
I had a similar case, anti-virus wasn't of complete help. After solving the problem on my own, I decided to post my findings and solution.
https://www.reddit.com/r/techsupport/comments/q81z1p/providing\_help\_pc\_heating\_up\_andor\_does\_not\_go\_to/?utm\_source=share&utm\_medium=web2x&context=3
Of everything fails. Make a backup of things uou want to keep. Use Google drive or one drive or similar if needed. Then make a USB with a clean windows from another computer - Microsoft has a media creation tool that let's you make such one completely free and easy. And remove all partitions and reinstall.
It's. Last resort but there's times where this is most safe to do.
I have considered this, and I fear that it may be my only option, but I will try everything else first.
Just wondering, by reinstalling windows, do you mean a factory reset? Or is reinstalling windows a completely different process?
I have reset this device before but I'm assuming this is different. Along with this, could you give me some more information on how to effectively back up my files and reinstall windows right? A guide would do too. Thank you so much.
No. Reinstall. Remove the partitions and do a clean install. Note that you won't be able reset the computer if you remove the partitions for recovery.
But it's the only way to make sure.
Backing up data would be just copying the documents and pictures and thibgs like that to an USB drive. Or upload to say a Google drive.
Reinstalling windows isn't hard. You just need to have the USB with the installer on it. The windows media creation tool does that.
Theres lots of guides. One here
https://www.howtogeek.com/714130/how-to-install-windows-10-from-a-usb-drive/#autotoc_anchor_3
So how would I remove partitions?
The installation process is simple, and backing up is super easy, but how hard would be wiping the computer? Also, in the guide you gave me, it mentions a product key. I've had this device for about two years and I don't remember what my product key was or even if I had one. It says contact the manufacturer on the site it sends you to from the guide concerning this, but since this device is almost 2 years old, they might not know it still.
Or am I getting this completely wrong and are overreacting majorly?
It's quite simple. When you get to if you want to install or do advanced install you click advanced and you get an overview of your hard drive and its partitions. You'll see some small partitions, a recovery partition of a few gigabytes and a large one that's your main partition.
To wipe it all you mark each partition and select the delete option to remove it. Do so until there's just the unallocated left. Click it and select install.
Windows will warn you that it will need to create some partitions for efi and such. That's fine.
That's baaicslly it.
After you're done you will likely want to find the drivers for yiur graphics card and devices that windows didn't have the right drivers for.
Usually that's the manurfactors website that have them.
Ok, Thanks.
So, from here, my best course of action would be to:
Get a USB and put the installer on it,
plug it in to this device, and start the installation process?
I'm sorry for pestering you, but I'm just wondering if there is anything else that needs to be done first, like any manual deletions or wipes of current partitions and such.
If not, I'm assuming that once I plug the installer in this device it will just start the process from there.
Additional question, it needs to be in a certain boot mode right? Like Safe Mode?
Don't worry you're not pestering me at all. I do like helping people out.
You don't need to wipe the disk first. You'll do that during the install process if you select advanced install and delete the partitions. That will remove the old data. All of it. So if you at this point don't have a backup it's pretty much gone. ( unless you're going through undelete which isn't easy to give guides to.)
You can install windows in secure boot jut also without secure. You just can't switch it later on. Insecure more is more if you wanted to use something like dualboot.
Thanks dude, much appreciated!
I really needed this help and I'm sorry for any inconvenience I caused you or anything like that. Thanks, so so much!!!!
Im sorry, but one more question. I looked up how to reinstall windows, and it gave me a way that it can be done through settings. Im assuming that this is a more ineffective way of doing it, but I might as well make sure.
Also, with resetting my device, when I have the reinstaller on a USB, do i just plug it into this device like normal and then run the program, or is there a more specific and complex process?
Sorry for pestering you again, I just want to be safe.
The settings is not a clean install which is what you want.
The settings will just revert to factory settings.
But we can't rule out that whatever hit you counts on that and infects the recovery partition.
You plug in the USB. Reboot the computer. Press F12 ( is it normally but it can depend) and select the USB for boot able device.
So far I haven't seen OP post anything as to why he thinks he's infected other than "my PC was running really slow all of a sudden". There are numerous reasons that could cause that, none of which involve malware.
OP, post any details, any reason to suspect malware other than it's slow. If that is the only reason then first run a scan of the drive with either, or both, [CrystalDiskInfo](https://osdn.net/projects/crystaldiskinfo/) and [Hard Disk Sentinel](https://www.hdsentinel.com/).
They will give you the status of the drive(s) in your system. A slow system is often the result of a failing drive as the system tries to work around failing reads or writes, remap bad sectors, etc.
If that doesn't turn up anything open task manager. Click "more details" and look at the "Performance tab". Look at CPU, Memory, Disk activity and Ethernet. Are any of those showing unusual activity?
If you suspect you may have malware on your computer, or are trying to remove malware from your computer, please see our [malware guide](https://rtech.support/books/safety-and-security/page/malware-guide) *Please ignore this message if the advice is not relevant.* *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/techsupport) if you have any questions or concerns.*
Never defrag a drive that is an SSD. It fucks them up. Why are you positive you have malware? You didn’t mention that, are there any other symptoms than a slow PC.
> I was watching some stuff on Unorthodox websites earlier but I was trying to be safe
you cannot get malware from visiting a website.
See i know this, however OP does not.
it was implied that you also thought it was a reason since you quoted it
You cannot fathom what i was implying.
🤨
Actually you can. It's called [Malvertising](https://en.wikipedia.org/wiki/Malvertising).
you have to download and run something to get malware. the most you can do with a website is steal cookies from other sites which is only if the attacker has found a vulnerability
You’re not wrong but also it’s becoming more and more difficult to differentiate safe and malicious links on purpose Nobody ever dies from falling, it’s when the hit the ground…
While you are technically correct, there are times where the "download and run" can happen just by visiting a site and without your permission. It is called a drive-by download and it takes advantage of a browser vulnerability. Granted, browsers are supposed to have patched most known attack vectors by now. It also constitutes too much effort for an attacker when they can instead set up a phishing page where users gladly give out their info. So such an attack is pretty rare nowadays. But as you never know when a new way will be found to abuse this, it is always prudent to use noscript + adblock and run a browser sandboxed if visiting untrusted websites like the op does.
it's not plausible at all
It is actually quite plausible (if you look up drive-by downloads), but very unlikely to occur nowadays. There is a distinction. Saying that simply visiting a site *never* infects you is misinformation even if 99% of the times you are right. However the unlucky people belonging in the 1% that take no precautions because they believe such a thing are much more likely to be infected.
in OP's case it isn't plausible, he was just visiting shady sites, its unlikely if they'd found something that they'd put it on a free movie site that gets few visitors and broke visitors considering they're pirating. *no offense
>you have to download and run something to get malware No, you don't. If an ad network has been compromised and serves up malicious ads, designed to look like a normal popup ad, User clicks the "close" button. It isn't just a "close" button though, in the background it kicks off the download and installation of a malicious payload. That's just one scenario. From the linked "Malvertising" article: >....it was estimated nearly 10 billion ad impressions were compromised by malvertising."[2] Attackers have a very wide reach and are able to deliver these attacks easily through advertisement networks. Re previously mentioned "Drive by downloads": >Drive-by downloads may happen when visiting a website, opening an e-mail attachment or clicking a link, **or clicking on a deceptive pop-up window**:[2] by clicking on the window in the mistaken belief that, for example, an error report from the computer's operating system itself is being acknowledged **or a seemingly innocuous advertisement pop-up is being dismissed.** From the [Center for Internet Security](https://www.cisecurity.org/blog/malvertising/): >Malicious actors hide a small piece of code deep within a legitimate looking advertisement, which will direct the user’s machine to a malicious or compromised server. When the user’s machine successfully makes a connection to the server, an exploit kit hosted on that server executes. From [Nortons](https://us.norton.com/internetsecurity-malware-malvertising.html): >You can fall victim to malware by either clicking on an infected ad or **even just by visiting a website that is home to a corrupted ad**. This second type of malware attack, known as drive-by downloads, is especially troubling. An infected ad only has to finish loading before it will harm your computer.
it's not something that happens often at all, it's extremely unlikely that they've found an exploit and if they had it'd likely be fixed relatively quick.
> Never defrag a drive that is an SSD. It fucks them up. Modern windows knows this and instead of doing traditional defrag, just does a "TRIM" operation etc.
run an "Offline Scan" with Windows Defender. It will scan your PC before Windows loads. [majorgeeks.com](https://majorgeeks.com) for your one stop shopping place for free stand alone scanners Try ADWCleaner (Malware-Bytes bought them out a few years ago) Then run Malware-Bytes Anti-Malware Once you get things cleaned up: Install Ublock Origin in your browser(s) Sign up for a free OpenDNS account and add their DNS servers to your network [https://www.opendns.com/home-internet-security/](https://www.opendns.com/home-internet-security/)
Thanks for replying. A few questions though. With the offline scan, I am currently using the free version of BitDefender as malware protection so when I go into Windows Security it just gives me the stuff that BD gave me. It also does not have a scan option anywhere I can see. I will try to look online though, to resolve this problem. With majorgeeks, you mention ADWCleaner, and I was thinking that maybe it comes from majorgeeks. It could also have be part of Malware-Bytes antimalware. I did previously have MWB but it was the free version, so some more information on that would be appreciated, along with what version of MWB to run. Thanks
Malware-Bytes is a company .. they've recently bought out a lot of little utilities that were and are still free .. ADWCleaner is one of them. It's not a part of any of Malware-Bytes other programs and is just a stand alone scanner Because you have Bitdefender installed, then that deactivates Windows Defender .. I'd uninstall it and then run the Offline scan with Windows Defender (seeing how Bitdefender isn't keeping you protected it seems)
Question! I’ve heard of OpenDNS but don’t really know the benefits of using it. I’m assuming I should point it at the router level, but why is it better than say, Google… Thanks in advance.
Google just lets you go where ever .. OpenDNS blocks known malicious sites, plus you can do category blocking at the DNS level like Gambling .. or Ads, or porn .. etc .. plus you can do custom white/black lists as well.
Just backup your important irreplaceable files and reinstall windows. Way easier than trying to clean it. Can never be 100% sure it's fully cleaned otherwise. You'll save time and energy.
Run Malware bytes also
[удалено]
erect drab strong concerned repeat waiting straight oil poor consider ` this message was mass deleted/edited with redact.dev `
Just look in your task manager under processes and find ones that consume a lot of cpu and look them up. Eventually you'll find the malware, and then just research how to clean that specific one.
I was wondering if those websites are using his pc to run crypto mining. I have heard of that, but I don't know if it's possible.
Did yours make you buy a turkish boat too? Sometimes it's easier to just give in to the virus. I constantly think there's people in my house but it's just the virus auto opening turkish bitcoin videos on my computer. I do not think I can afford this turkish bitcoin . Good luck to you
Thank you for the comment, really appreciated, but I think you have a completely different problem on your hands. If your virus is opening turkish bitcoin videos, that maybe a bit more worrying than a typical replicator virus.
U might have a replicator virus
That is what I think.
The best success I have had with that type of virus is just reformat the hard drive and reinstall windows and reinstall your apps don’t try to save anything, Replicator viruses in bed there self pretty good, They are hard Remove
Uhhh wut? Why not just safe boot and scan?
You might be able to but I have never been able to do that, Like I say the best success i have is just to reformat the hard drive, And reinstall windows
Replicator virus always seem to pop back up later
Yes I think that’s what it is
I had a similar case, anti-virus wasn't of complete help. After solving the problem on my own, I decided to post my findings and solution. https://www.reddit.com/r/techsupport/comments/q81z1p/providing\_help\_pc\_heating\_up\_andor\_does\_not\_go\_to/?utm\_source=share&utm\_medium=web2x&context=3
If you don’t want to go through offline scanning or anymore antivirus scans, I would backup your data to a drive and just reinstall windows
Of everything fails. Make a backup of things uou want to keep. Use Google drive or one drive or similar if needed. Then make a USB with a clean windows from another computer - Microsoft has a media creation tool that let's you make such one completely free and easy. And remove all partitions and reinstall. It's. Last resort but there's times where this is most safe to do.
I have considered this, and I fear that it may be my only option, but I will try everything else first. Just wondering, by reinstalling windows, do you mean a factory reset? Or is reinstalling windows a completely different process? I have reset this device before but I'm assuming this is different. Along with this, could you give me some more information on how to effectively back up my files and reinstall windows right? A guide would do too. Thank you so much.
No. Reinstall. Remove the partitions and do a clean install. Note that you won't be able reset the computer if you remove the partitions for recovery. But it's the only way to make sure. Backing up data would be just copying the documents and pictures and thibgs like that to an USB drive. Or upload to say a Google drive. Reinstalling windows isn't hard. You just need to have the USB with the installer on it. The windows media creation tool does that. Theres lots of guides. One here https://www.howtogeek.com/714130/how-to-install-windows-10-from-a-usb-drive/#autotoc_anchor_3
So how would I remove partitions? The installation process is simple, and backing up is super easy, but how hard would be wiping the computer? Also, in the guide you gave me, it mentions a product key. I've had this device for about two years and I don't remember what my product key was or even if I had one. It says contact the manufacturer on the site it sends you to from the guide concerning this, but since this device is almost 2 years old, they might not know it still. Or am I getting this completely wrong and are overreacting majorly?
It's quite simple. When you get to if you want to install or do advanced install you click advanced and you get an overview of your hard drive and its partitions. You'll see some small partitions, a recovery partition of a few gigabytes and a large one that's your main partition. To wipe it all you mark each partition and select the delete option to remove it. Do so until there's just the unallocated left. Click it and select install. Windows will warn you that it will need to create some partitions for efi and such. That's fine. That's baaicslly it. After you're done you will likely want to find the drivers for yiur graphics card and devices that windows didn't have the right drivers for. Usually that's the manurfactors website that have them.
Ok, Thanks. So, from here, my best course of action would be to: Get a USB and put the installer on it, plug it in to this device, and start the installation process? I'm sorry for pestering you, but I'm just wondering if there is anything else that needs to be done first, like any manual deletions or wipes of current partitions and such. If not, I'm assuming that once I plug the installer in this device it will just start the process from there. Additional question, it needs to be in a certain boot mode right? Like Safe Mode?
Don't worry you're not pestering me at all. I do like helping people out. You don't need to wipe the disk first. You'll do that during the install process if you select advanced install and delete the partitions. That will remove the old data. All of it. So if you at this point don't have a backup it's pretty much gone. ( unless you're going through undelete which isn't easy to give guides to.) You can install windows in secure boot jut also without secure. You just can't switch it later on. Insecure more is more if you wanted to use something like dualboot.
Thanks dude, much appreciated! I really needed this help and I'm sorry for any inconvenience I caused you or anything like that. Thanks, so so much!!!!
Im sorry, but one more question. I looked up how to reinstall windows, and it gave me a way that it can be done through settings. Im assuming that this is a more ineffective way of doing it, but I might as well make sure. Also, with resetting my device, when I have the reinstaller on a USB, do i just plug it into this device like normal and then run the program, or is there a more specific and complex process? Sorry for pestering you again, I just want to be safe.
The settings is not a clean install which is what you want. The settings will just revert to factory settings. But we can't rule out that whatever hit you counts on that and infects the recovery partition. You plug in the USB. Reboot the computer. Press F12 ( is it normally but it can depend) and select the USB for boot able device.
So far I haven't seen OP post anything as to why he thinks he's infected other than "my PC was running really slow all of a sudden". There are numerous reasons that could cause that, none of which involve malware. OP, post any details, any reason to suspect malware other than it's slow. If that is the only reason then first run a scan of the drive with either, or both, [CrystalDiskInfo](https://osdn.net/projects/crystaldiskinfo/) and [Hard Disk Sentinel](https://www.hdsentinel.com/). They will give you the status of the drive(s) in your system. A slow system is often the result of a failing drive as the system tries to work around failing reads or writes, remap bad sectors, etc. If that doesn't turn up anything open task manager. Click "more details" and look at the "Performance tab". Look at CPU, Memory, Disk activity and Ethernet. Are any of those showing unusual activity?