Hi I'm new here. Got a nasty rootkit

[cazimi]

Hi I'm new here. I need some help please with what I'm sure is some sort of nasty rootkit that I can't figure out how to get rid of. It's slowly taking over my computer and I can't stop it. Disabling services that it uses seems to aggravate it to where it will render the computer unusable. No anti virus see it. Rootkit cleaners barely see it, if I have to run a long one like GMER, the rootkit inevitably shuts it off part way through. The short cleaner dont even detect it. I'm finding weird text docs that dont seem to belong at all. It changes all sorts of stuff in registry, user account pw's, migration of all my devices and\or files to who only knows where, changing bootup options, all sorts of craziness.
About 3 or 4 times just today the computer had to shut down with a login blue screen screen saying something about error diagnostic shut down due to XYZ_____file missing, like right in the middle of reading a text file or whatever.
The following doc I found in my downloads. Never seen anything like this and if it by chance a normal windows operation why would it be in my downloads?

Please can anyone help me wiht this? Thankyou

 

[BigFeet]

The quick and dirty way to remove a rootkit is to format and reinstall windows. If it is indeed a rootkit, they are extremely difficult to remove. Even if you do, there's a good possibility that the OS is damaged.

 

[Wolfie]

I'm with @BigFeet on this one but you can also try an "Offline scan" using Windows Security (Defender) as you have nothing more to lose!.

Help protect my PC with Microsoft Defender Offline - Microsoft Support

Learn how to use Microsoft Defender Offline to help remove malicious software and other potential threats.

support.microsoft.com

 

[cazimi]

Thanks for a quick reply! And I was afraid of that..from all the info I've been gathering about rootkits, I was afraid that I have to reformat everything in the end after all.

I tried win defender offline the other day, don't think it helped much as I still had problems afterwards.

Does this mean that my files are corrupt too or can I keep them?

Thanks for your advice fellas

 

[Wolfie]

Hi Cazimi,

you can try the following link but I cannot say as to whether or not you will still have a "rootkit" after going through the process!. That said, it might give you the opportunity to save your files!.

Re-install W10 and keep your files/app data intact

BACK UP ALL YOUR FILES ON TO AN EXTERNAL DRIVE (OR OTHER PARTITION) BEFORE YOU START TO RESET YOUR PC!. Hi all, This is a quick run-down of how to reset W10 and keep your files/data intact, you will have to do a little work but you will find all your files, data and app settings in a folder...

www.windows10forums.com

Another method is to use a Live version of Linux (bootable USB or DVD) and copy your files to a storage device!. I recommend Ubuntu. (It is free btw!). You can also use the Linux partition manager (GParted) to partition the drive after saving/copying your files!.

Once done, re-install Windows and completely wipe the drive (format) but BE AWARE THAT YOU MAY HAVE A SYSTEM RESTORE PARTITION SO MAKE SURE YOU KNOW WHAT YOU ARE DOING BEFORE YOU COMMIT TO FORMATTING!.

Get Ubuntu | Download | Ubuntu

Download Ubuntu desktop, Ubuntu Server, Ubuntu for Raspberry Pi and IoT devices, Ubuntu Core and all the Ubuntu flavours. Ubuntu is an open-source software platform that runs everywhere from the PC to the server and the cloud.

ubuntu.com

DistroWatch.com: Put the fun back into computing. Use Linux, BSD.

News and feature lists of Linux and BSD distributions.

distrowatch.com