Fileless Registry Trojan

  • Thread starter Thread starter Sevyrr
  • Start date Start date
S

Sevyrr

Guest
First thing I noticed was my computer slowing and odd effects like mouse clicks not working. I opened event viewer and saw multiple user admin changes via registry, effectivly locking my admin privileges. I ran Norton and Malwarebytes and nothing found. Tried Superantispyware same. Everythings good. Start up in task manager showed nothing, but multiple windows services are maxing my cpu on a decent gaming computer. I downloaded ccleaner and checked start up, it found powershell registry commands that supposedly run at start up. I was unable to affect these in anyway. I do not have authority for cmd or powershell, I can start them in admin mode but important commands pertaining to this do not work. Windows restore does not work. Windows reinstall does not work. Installing linux from a USB does not work. My windows registry key is gone from my computer info and cannot be retrieved from bios with cmd. Every windows machine on my system is affected, even the ones I thought were powered down. Hundreds of registry changes that are empty, research said these typically have javascript written in a language or font or special chacters my computer can't resolve. The user name I use is changed slightly with the loss of admin rights, I can still see my old one in the registry has full access but cannot get to it. I don't care about the hard drive it's backed up. I do care about the windows key and would like to wipe the drive and reinstall. Also, it affects search results, had to use my phone for research. I used an old laptop I have, also affected, and took the wireless adapter out and installed a old hard drive and it triggered a power up admin lock that I never set, it's there no matter what hard drive I put in. There are also recent changes in reg that tell windows to never overwrite the dlls that the reg changes point to. Is it possible it's in my comcast modem? Any other devices, blue tooth, usb mouse, network cards etc? How did it spread to the powered off devices, I see there was a network kernal debug adapter active, and I saw these computers on my internet after turning them off. Unplugging and removing the batteries helped. Could it be in the bios? Comcast and Geeksquad were no help at all. How do I nuke it all and start over with out ruining the hard drive? Also I am a gamer and hate updates while playing so they were disabled, I know, I know, bad juju. Please help.

More...
 

Similar threads

G
where to get a product for server 2012 r2
Replies
1
Views
269
RSchwarz
RSchwarz
N
Can I update my 10 year old Acer desktop
Replies
0
Views
566
neophyte
N
I
Everything is stuck....
Replies
1
Views
163
RSchwarz
RSchwarz
J
Antimalware occupies High CPU usage with Fan noise
Replies
0
Views
132
Jishrat
J
J
"Unknown" status under "Virus & Threat protection"
Replies
0
Views
278
Jim9982
J
Back
Top