Windows 10: Found VirTool:Win32/DefenderTamperingRestore after removing bitcoin miners and backdoor...

Hi everyone one, a few days ago I noticed my windows defender was turned off, I tried turning it back on but I couldn’t and some of the areas of it returned errors like "This setting is managed by your administrator". I found this suspicious since I am the admin of my PC and I had not turned off my AV. I downloaded MalwareBytes and BitDefender and did some scans and detected some bitcoin miners and a back door that I quarantined and removed I did not get the names since I sort of panicked a bit.


After I removed the malware my windows defender still could not be started so I was forced to reset my PC. After which I installed Symantec Endpoint Protection. A day later I saw many of SEP's modules were reporting errors, this raised my suspicious again and I removed SEP and scanned with a few other Malware tools MSERT, MS Malware remover, TDSSKiller, Malware bytes and FRST64. MSERT discovered that I was still infected with VirTool:Win32/DefenderTamperingRestore. This was removed however I still get the "This setting is managed by your admin" messages, so far my bitdefender has not detected anything else though, but I am keeping the PC offline for the time being.

Can you guys help me in confirming that the malware is completely gone from my system?

:)

 

About Bitcoin miners

Hi!

I am gonna buy a bitcoin miner probably the Antminer S1 180GH/s but first want to ask if there are cheap alternatives or suggestions on which to buy.

Lauri

 

How can I delete VirTool:Win32/Obfuscator.XX?

Carefully review and follow the steps in this removal guide from Malwaretips.com:
How to remove VirTool:Win32/Obfuscator.XZ Virus (Removal Guide) The suggested removal tools are free.

Good luck...

 

Bitcoin Virus

You should use your favorite search engine and read some of the many articles out there...

You might want to start by reading some of these suggestions:

• How cryptocurrency mining works: Bitcoin vs. Monero - Malwarebytes Labs
• https://blog.malwarebytes.com/cyber...bitcoin-scams-aim-to-exploit-volatile-market/
• Cryptojackers Found on Starbucks WiFi Network, GitHub, Pirate Streaming Sites

• https://www.howtogeek.com/334018/how-to-block-cryptocurrency-miners-in-your-web-browser/
• Articles tagged with Cryptojacking
• Is cryptocurrency mining malware the new adware? | Emsisoft | Security Blog
• https://blog.malwarebytes.com/cyber...by-cryptomining-coming-to-a-browser-near-you/
• https://blog.malwarebytes.com/cyber...al-drive-by-cryptocurrency-mining-phenomenon/
• Best Practices for Safe Computing - Prevention of Malware Infection