Windows explorer hooked

[oopsgeneration88]

Hello,

Recently i came accross a malware which
I removed from scanning via process hacker & deleted it.

But the problem is whenever i restart explorer a command runs to execute the malware.

I dont have any experience in dotnet though. I can only do php & stuff

kindly help me fix this. I am attaching screenshots of it

Kindly help me fix it

 

[0x43rypt0n]

I think this is a userland rootkit backup your important files and go for format better than restore point if the rootkit did not delete it

 

[oopsgeneration88]

I think this is a userland rootkit backup your important files and go for format better than restore point if the rootkit did not delete it

I just want to restore the explorer. Rest everything is fine. How can i do that?

 

[0x43rypt0n]

This is a rootkit its really hard to detect and remove i sayed userland rootkit but what if the rootkit is From Kernel And even the EDR/AV cannot see it its really hard and need professionals so i Suggest you reinstall windows and dont download cracked softwares / games any thing cracked stay away

 

[oopsgeneration88]

This is a rootkit its really hard to detect and remove i sayed userland rootkit but what if the rootkit is From Kernel And even the EDR/AV cannot see it its really hard and need professionals so i Suggest you reinstall windows and dont download cracked softwares / games any thing cracked stay away

ok

 

[oopsgeneration88]

i solved it using autoruns app which is available on Microsoft's official website & removed the entry itself or you can use windows 11 manager from yamicsoft & use startup manager's advanced startup function.

Actually it was an adware called Peer2Pilot.

Cleaned my pc scanned with different antivirus & also via distro's

Everything's perfect now

 

[0x43rypt0n]

i solved it using autoruns app which is available on Microsoft's official website & removed the entry itself or you can use windows 11 manager from yamicsoft & use startup manager's advanced startup function.

Actually it was an adware called Peer2Pilot.

Cleaned my pc scanned with different antivirus & also via distro's

Everything's perfect now

Good then there is no Hooked on explorer.exe maybe the watchguard was checking if process ended and if yes create the process Again , Anyway Nice that you fixe it

 

[oopsgeneration88]

Good then there is no Hooked on explorer.exe maybe the watchguard was checking if process ended and if yes create the process Again , Anyway Nice that you fixe it

Well see i used many tools ultra virus killer which provides realtime virustotal scan. Anyways this was an outdated adware & had no connectivity to CC & somehow managed to unhook it. I know it's hard to be safe anyways on windows

Now no awkward processes running. I actually remove all unwanted apps on windows so i can track what processes are running.

Fingers crossed now. let's hope for best. I don't have anything on work laptop though except for web dev stuff. No accounts & wallets or any logs