0

I downloaded Internet Download Manager from a piracy website and after downloading I tried to install it. I read the instruction manual given with the file and followed it but later I couldn't install it.

But later that day my Chrome browser sensed some malware in my PC and I was signed out from there. Even my Facebook account alerted forced entry from different locations and that means somehow this corrupted file sent my personal data to their admin. I tried to delete that downloaded package and I almost deleted all of it but a .dll file. I scanned it but Windows Defender says it's alright. I tried to delete the file but it says The action cannot be completed because the file is open in Windows Explorer. Finding no other way I searched on google and found various solutions but none of them worked. Here is a CMD screenshot of my "force deleting" endeavor that says Access is denied. What should I do now to delete this supposed malware?

Nazmul Hasan Shipon
  • 3
  • 2
  • Start Windows in safe mode or startup repair and try to remove the file. – Bodo Dec 11 '22 at 17:33
  • Use File Locksmith or IOBit Unlocker to unlock the file and then delete it – Vinayak Dec 11 '22 at 17:34
  • @Vinayak where can I get Locksmith or IOBit Unlocker? – Nazmul Hasan Shipon Dec 11 '22 at 17:36
  • 1
    You were socially engineered into installing something that had nothing to do with the software you ***thought*** you were installing. Once you'd been infected, there was no longer any need to pretend. Now you have given the hackers everything, including your Facebook credentials & who knows… maybe your bank details too. It's pointless trying to pick this out of your comuter, the damage is already done. You need to nuke & pave the machine, but also change passwords in **everything** you do online that the computer had details for. – Tetsujin Dec 11 '22 at 17:49
  • @Tetsujin, thank you. I will change the passwords. After an offline scan as suggested in one answer, I was able to delete the supposed corrupted file. Now do I really need to nuke and pave the machine or should I do something else? – Nazmul Hasan Shipon Dec 11 '22 at 17:54
  • Who knows what other data you sent to the hackers. Your prime concern is your identity everywhere online. Forget what's on the computer - blow that away & restore from a backup dated before the attack. Anything after that is compromised. – Tetsujin Dec 11 '22 at 17:57
  • @Tetsujin, My computer says my last restore point is [9th December](https://i.stack.imgur.com/v4TaA.png) but that malware attack occurred on 8th December. What should I do now? – Nazmul Hasan Shipon Dec 11 '22 at 19:06
  • Restore points are no good, you need a real, actual backup, not connected to the computer's current state & certainly not on the same machine. – Tetsujin Dec 11 '22 at 19:08
  • @Tetsujin Then what should help me right now? I am a student and was using my desktop at the cheaper expense possible. – Nazmul Hasan Shipon Dec 11 '22 at 19:10
  • See the linked duplicate QA. Basically, there's nothing on that computer you can ever trust again. If you have no independent backup, you may still be compromised even after you think it's clean. Backups are those things that are a complete waste of time & money… until the day you need them; then they suddenly become ***vital.*** – Tetsujin Dec 11 '22 at 19:14

1 Answers1

0

These are generally simple to deal with.

(1) Do a full scan and a full Offline Scan with Windows Defender. If malware, this will quarantine and delete it.

(2) If still there, get Unlocker 1.9.2 (Major Geeks) or Lock Hunter. Either one - I have both. Run it, point to the file and delete it. Both work.

Unlocker

Unlocker

Lock Hunter.

enter image description here

John
  • 46,167
  • 4
  • 33
  • 54
  • You can look for Lock Hunter (.com) or go to Major Geeks for Unlocker. Offline scan is for Windows Defender built into Windows. Answer edited. Both are very easy to use and will help you delete troublesome files. – John Dec 11 '22 at 17:43