V
V
Varvara Kosareva2021-08-13 15:33:05
Malware
Varvara Kosareva, 2021-08-13 15:33:05

Is it possible to get rid of RAT, HEUR, miner without demolishing the system?

Doctor Web is worth it after the kaspersky forum helped remove the miner virus, of Chinese origin. Like to delete...
And now there are oddities. Advise something either ... I would not want to suffer from reinstalling Windows.
Surface 7 pro i7 tablet, win10 home, wifi internet.
Here are screenshots of strange phenomena. Launching services for remote management and remote accounts with different indexes, constant logins of some accounts. The appearance of hieroglyphs in installed programs. Indexes in the names of system applications. Cutting off Wi-Fi at different intervals. Not strong, but heating the device without visible work. 100% CPU usage when moving windows.
Launching applications renamed with an index from a hidden WindowsApps folder.
Indices either with a hexadecimal code, or somewhere pop up in Chinese hieroglyphs.
Who knows what it is, help cut off all these visits, if it does not affect the operation of the system on the Internet.
I am attaching screenshots:

spoiler

61163f877deb4693590131.jpeg
61163fabe3554488370863.jpeg
6116622f92c34702855189.jpeg

Answer the question

In order to leave comments, you need to log in

1 answer(s)
D
Damian Lewis, 2021-08-13
@DamianLewis

Why can't the system be demolished? This is the best option for not the most experienced user. You not with the server and with databases work. Even if you remove the infection with the help of antiviruses, this does not mean that everything will return to normal. Everything will not work as before. Surely something will fail, give errors and fall off. The main problem is not getting rid of viruses, but eliminating the consequences of his actions.And the paranoia itself will not leave you, that everything has not been completely cleaned up. Reinstalling is the best option for you. It won't take much time. But first, we must still get rid of the infection. Even if you reinstall the system, it is not a fact that the virus has crept into your personal data on other partitions (partition D, etc.) or on other disks. It is worth launching some kind of harmless movie or opening a picture, the virus will begin to spread again. Therefore, it is very important to scan EVERYTHING! To get started, scan the ENTIRE DISK , including ALL FILES , using these scanner programs:
1. HitmanPro - free use for 30 days
2. Emsisoft Emergency Kit - free
then transfer your personal data to another partition or drive if it is on partition C. Reinstall the system.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question