I forgot to add, it deleted my recovery file.
Visual Studio is installing unauthorized package which takes over my computer
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
My computers have been destroyed by the installation of packages used by Visual Studio and NuGet. I discovered Nuget when using windows powershell. First I ran find-rolecapability which returned restricted, then I ran get-executionpolicy, which returned NuGet provider is required to continue. I found the NuGet website and it uses Visual Studio, I tried to download and install Visual Studio but am blocked by another installation.
I have lost admin rights and a current package in a file SxS is pending installation. I tried to stop it but can't. This was the only clean computer I had left.
Can you please help?
Windows for home | Windows 10 | Security and privacy
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
3 answers
Sort by: Most helpful
-
Anonymous
2018-05-20T03:56:09+00:00 -
Anonymous
2018-05-20T03:51:44+00:00 Thanks for your response.
My system is not locking up, something different is going on. I figured out a package file made in NuGet, which uses Microsofts Visual Studio to install takes a number of steps before it installs. It first uses impersonation to downgrade my administration authority, I get replaced by a different administration user who has full rights on my system. Next it takes over my bios and adds partitions to my hard drive.
It has shown up on a desktop which has never been on the internet and has infected it by a usb I used to move data around. I had created a user, which loads safe mode when Iog in as the user. Since safe mode was running, the package is in the pending file I found in an WinSxS folder along with a lot of replacement windows files. I tried to delete these files but did not have the authority.
I used PowerShell to run get-ExecutionPolicy which returned "Restricted", next I ran find-rolecapability which returned "NuGet provider is required to continue". I researched NuGet and its a package loader and runs under Visual Studio, it's not an update, so it must be a virus aimed at taking over systems using a usb port. I need help is stopping the pending file from loading and preventing this from happening again.
-
Anonymous
2018-05-20T02:28:03+00:00 Hi. I am a fellow community member who likes to help my peers when able. When your PC locks up and you can't access any of the normal menus or troubleshooting options from within Windows it may be helpful to access the recovery menu using another method. Please try the following.
Power on and off your computer three times
as follows.Power on and when you see the Windows Logo power off
Power on again and when you see the Windows Logo power off
Power on again and your computer will boot into the Advanced Recovery environmentYou might be asked to sign in with your Microsoft Account or Local Account password.
Click on Advanced Options
Then Click on Troubleshoot
Then Click on Advanced Optionsboot into the recovery environment, then try to use system restore to return to an earlier point before this issue ocurred
This answer was adapted from - AndreJA