Hi [@Gaby],
WAG Wild Asp Guess, perhaps all your problems cascade from [ Windowsdeal. com ], a site you mention.
I have none of the problems you seem to have.
[ Windowsdeal. com ] is now a full-fledged phishing site, and probably has been a front for infecting computers for years, waiting months while their programmers collect and sell lists of infected computers to the highest bidder, then the bidder gets to you in their queue, and yes, it may take months where you do not realize you have been infected, and have been watched by bots.
A thorough clean is in order.
– – – – – – – – – –
Peter Blaise’s PC software repair routines, some of, anyway:
Backup our personal data and program serial numbers and installation media copies to somewhere off the computer so we have our stuff if we need to reinstall Windows, back them up to a large thumb drive to external hard drive, then disconnect them, I also send stuff to myself via webmail so I have copies in the cloud.
Reboot in between tasks here, make restore points between tasks here, boot into safe mode between tasks here ( safe mode actually clears stuff, even when returning to virtual mode ), turn off any extra programs using free [ MSConfig ], toggling off items in [ Startup ] and [ Services ], essentially any non-Microsoft stuff.
Remember to make restore points first, reboot to safe mode, reboot to virtual mode between tasks.
Free [ Windows Repair All In One ] from [ Tweaking. com ] has a great reset-to-defaults for most program permissions, registry, and services, including other system repairs, including a guided [ sfc /scannow ] and [ chkdsk /f ] on reboot.
To clean, I’d also start with free [ JRT Junk Removal Tool ] from [ BleepingComputer. com ].
Remember to make restore points first, reboot to safe mode, reboot to virtual mode between tasks.
Then run free [ AdwCleaner ], now from [ Malwarebytes. com ], but if we share our computer over a network at home or at work, then turn off the selections in [ Basic Repair Actions ] unless we are ready to reset the following manually by removing and reinstalling network devices and drivers, and reconfiguring all network and Internet settings, these [ AdwCleaner ] settings are killers, we may need to run them, but prepared to replace what gets killed with fresh clean resets:
– Delete all IFEO subkeys, Microsoft Windows supports a method for loading DLLs into running processes that use the Image File Execution Options (IFEO) registry key, this key is often used by legitimate software and troubleshooting or diagnostic tools, but it can also be used maliciously.
– Delete all Tracing keys.
– Delete all Prefetch files.
– Remove and reset all proxies.
– Delete and reset all Google Chrome policies to restore the default policies.
– Reset TCP/IP settings to default values.
– Reset the Windows firewall rules to default values.
– Reset IPSec settings, Internet Protocol Security is a secure network protocol suite that authenticates and encrypts the packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks.
– Reset BITS, Empty the Background Intelligent Transfer Service queue.
– Delete and reset all Internet Explorer policies and restore default the default policies.
– Reset Winsock settings to default values, the Windows Sockets API, later shortened to Winsock, is a technical specification that defines how Windows network software should access network services, especially TCP/IP, it defines a standard interface between a Windows TCP/IP client application and the underlying TCP/IP protocol stack.
– Restore the Hosts file to its default values.
Yeah, those are infection access points, if we do not understand them and how to control them now, we will after we manually have to rebuild them after accidentally killing them.
So, download all the tools here first, or we may not get back on the Internet to get them later.
Remember to make restore points first, reboot to safe mode, reboot to virtual mode between tasks.
I’d run [ chkdsk /f ] or [ chkdsk /r ] until they came back clean – take our time, do we have another computer we can actually use while we do all this?
Used Windows 7-64 Pro laptops are cheap.
Then run the master: [ ComboFix ] from [ BleepingComputer. com ], run it in safe mode, twice to be sure.
Remember to make restore points first, reboot to safe mode, reboot to virtual mode between tasks.
Then run free anti-malware scans from [ SuperAntiSpyware. com ] and [ SaferNetworking. com ] and so on.
Remember to make restore points first, reboot to safe mode, reboot to virtual mode between tasks.
Alternatively, we can try free [ LikeNewPC. net ] which takes forever, and hides what it is doing, but does many of the above tasks, yet it’s never made a non-booting-computer boot for me, but it may clean a bootable computer, let us know if anyone goes that route, and what are the results.
– – – – – – – – – –
By the way, Nektra Spy Studio downloaded fine and ran fine for me, though it’s arcane and abstruse enough to deny me quick and intuitive access to seeing what I want to see ( “… <-this program is doing this-> …” ), so I’ll continue to use other tools like free [ Process Explorer ] from Microsoft SysInternals, and free [ Process Lasso ] from Bitsum, and scan anything at free [ VirusTotal. com ] to see if I can explain to myself what the heck is going on in my computer.
.