Help With A Virus

enigma_st · Dec 17, 2017

So, I've got virus that I've been battling with for a few days and it's been driving me crazy. It slows my computer down by an insane amount and at any given time, almost all of my 4GB of RAM is being used even if I have nothing else open. It's also redirecting all of my Google searches through "extensions.citypage.today" and just shows a Bing search if whatever it is I looked up. And yet, I don't see any installed extensions like that. Also, when I check the Processes tab in Task Manager, there are 5 instances of Windows Process Manager but it's called "cshzamn.exe" Those 5 instances alone, are somehow utilizing more than half of my available memory. If I try to open it's location, Windows tells me "Access is denied." It's located in "C

users/name/AppData/Local/serniwo" I've tried changing permissions in that "serniwo" folder only to get the same "Access is denied" message. I've tried multiple Antivirus programs but, none of them detect the folder as anything dangerous. I've also tried going through safe mode to see if I can do anything from there but, I encountered the same Access issue. Any help with this would be absolutely great.

Dark Lord of Tech · Dec 17, 2017

If it's that bad and you still think there's an infection after multiple scans , best to perform backup and clean install.

Major_Trouble · Dec 17, 2017

You could try Unlocker to delete stubborn files.
https

/unlocker.en.softonic.com/

What happens in Task Manager when you End Task on the instances of cshzamn.exe that are running? I can't find anything about that .exe so it's rather suspicious.

dudio · Dec 17, 2017

May be an obvious suggestion, but you only mentioned running AV software.
Have you tried MalwarewBytes?

enigma_st · Dec 17, 2017

Major_Trouble :

When I try to end any instance of it, I simply get the same "Access is Denied" notifications that I get whenever I try to enter the folder that it's inside of. Also, I seem to have issues installing Unlocker. It doesn't even want to launch. I'll try to find a similar program.

Update: I got Unlocker to work and i still wasn't able to delete the previously mentioned folder. I tried a similar program called UnLock IT and I still had no luck with that one either.

enigma_st · Dec 17, 2017

dudio :

I have tried running MalwareBytes as well. I have also tried running the MalwareBytes Tool-Kit and unfortunately, neither of those had any results either.

Major_Trouble · Dec 18, 2017

enigma_st :

Major_Trouble :

When I try to end any instance of it, I simply get the same "Access is Denied" notifications that I get whenever I try to enter the folder that it's inside of. Also, I seem to have issues installing Unlocker. It doesn't even want to launch. I'll try to find a similar program.

Update: I got Unlocker to work and i still wasn't able to delete the previously mentioned folder. I tried a similar program called UnLock IT and I still had no luck with that one either.

Try again in Safe mode.

Avast-Team · Dec 19, 2017

Based on what you describe, it sounds like this infection may have multiple processes -- and in fact you may have multiple infections.

Your best bet in this case, since the machine is already infected, would be to restore to a known good restore point, or wipe and re-image from backup, and make sure you have protection in place to help prevent future attacks.

If you don't have a backup, you should definitely try a boot-time scan. Malware like this that gets its fingers into everything can often re-propagate itself even if you quarantine a part of it. Isolating the computer from the net and running one or more boot-time scans may help clean things up. https

/support.avast.com/en-us/article/132/

Search

Help With A Virus

enigma_st

Prominent

Avast-Team

Dark Lord of Tech

Retired Moderator

Major_Trouble

Distinguished

dudio

Admirable

enigma_st

Prominent

enigma_st

Prominent

Major_Trouble

Distinguished

Avast-Team

Estimable

Similar threads

TRENDING THREADS

Moderators online

Share this page