Virus:Win32/Grenma.VA!MSR help
So yesterday I was playing Valorant on my laptop and suddenly my laptop rebooted. Once that happened, I noticed a "I am Sorry !!!!!" On the bottom left of laptop's (default) wallpaper. I thought it was a virus and started researching about it. Then installed MalwareBytes and ran a scan. That detected over a 100 files with trojan and other malware. Quarantined them and decided to check with windows defender (quick scan). Then for the first time, it showed me the virus name(as stated in the title). Followed a tutorial on youtube which told me to delete the contents of scan and some other folder I don't remember the name of. Did all of that in safe mode (minimal) as well. Ran a quick scan (in normal boot mode now) on defender and was able to pinpoint the files that were infected. Went into safe mode again and deleted them. Now I have not yet deleted the registry keys yet. All of this happened yesterday and I was up till 4 a.m. trying to fix it. Tried to run a full scan before I went to sleep but due to other unrelated reasons, had to shut it down. Woke up today and realized a lot more files were infected. Saw that this virus only affected .exe files (source: the internet), so made a folder (in safe mode) that contains all my important documents. I am very concerned as I do all my college work on this machine and am really not in a state where I can neither afford a new computer nor lose important files. I genuinely have no idea what I can do to fix this.
Here's the imgur link for the images
First image shows the "I am sorry !!!!!" on my default wallpaper. Second image shows the list of viruses from windows defender. Note: There are many more instances of this virus than the ones shown in the second image
Any help is appreciated.
Just decided to wipe my laptop. I have two drives: an 100 gb SSD, on which I have my os installed. A 1tb hdd which has all my other stuff.
I'm thinking I'll reset my windows 10, which would wipe my ssd. Then I would format my hdd. This should get rid of all the malware in my entire system.
Note: I'm backing up all my important documents at the moment. This should be safe as the malware only affects .exe (right?)
You should run all these scanners and remove what they find. Switch from Microsoft Defender to Bitdefender Free. (don't opt in for the trial, just use the free version). Make sure to also run the windows repair tool. Run a full scan, remove/quarantine whatever it finds and reboot if it prompts you to.
HitmanPro- will remove all malware in Kaspersky's, Bitdefender's, and Sophos' signature database.
ESET Online Scanner- will also remove malware.
Trend Micro HouseCall- also will remove malware.
Sophos Scan and Clean - also will remove malware.
Adware Cleaner - will remove browser hijackers.
F-Secure Online Scanner - also will remove malware.
Other Tools:
Tweaking Windows Repair - will repair your PC, undo any modifications to your system coming from malware or corruption. Best to do its complete repair option. You can do this by hitting "Preset: all repairs" under "Repairs - Main".
Reset your browsers to default configuration, remove all extensions you do not recognize and use.
Revo Uninstaller - go into its "tools" option then "autorun" and disable anything you do not need, don't recognize, or seems malicious.
Run these commands in command prompt as admin:
sfc /scannow
DISM /Online /Cleanup-Image /RestoreHealth
Download a free AV solution that is known to be effective, Bitdefender or Kaspersky
Set the DNS on your network adapters to Quad9's DNS servers.
Primary: 9.9.9.9
Secondary: 149.112.112.112
Do I need to switch to safe mode, because I do not feel safe browsing and downloading with the virus.
Man you really save me from this virus
BitDefender Solves all of this Man, big ups.
Create a Account , Run Full Scan Then boom works like a charm
This virus replaces existing .exe files, renaming, for instance
filename.exetovfilename.exeand making a copy of itself asfilename.exe. source (correct name was Win32/Grenam, not Win32/Grenma). Because every time it runs, more EXEs will be replaced, you will have to do the disinfection all at once without running additional EXEs before the system is fully clean.You might run into issues after cleaning, if an important system file was renamed by the virus. If your antivirus blocked or quarantined the virus body in
filename.exe, it might appear that your antivirus is causing the files to not work, but the virus caused the original issue. After the system is cleaned, going through the antivirus logs and renaming the correspondingvfilename.exetofilename.exewould fix this.So basically, after the cleanup, I should make sure I go through all the quarantined files before deleting them and rename them?
Hi any updates? I got the same problem and im panicking like crazy. Please help