Overclock.net › Forums › Software, Programming and Coding › Networking & Security › [SOLVED?] - virus on my dads PC?
New Posts  All Forums:Forum Nav:

[SOLVED?] - virus on my dads PC?

post #1 of 7
Thread Starter 
so im home for the weekend, and my dad has told me that hes been having some problems with what he thinks is a virus - which it probably is.

avast brings up nothing, so i ran adaware which found 68 infected files, so i quarenteened/removed them.

there still seems to be one thing popping up though, on a regular basis and i have no idea what to do.




any ideas? recommended programs/apps?
NOTE: this isnt a box popping up from any AV program or anything he has.
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
post #2 of 7
Its a trojan, but I think its dug in and will reinstall itself. Try removing it in safe mode or find its registry location/just clean the registry.

edit: Maybe this guide will help.
Dark Helmet
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3.4ghz, 1.39v DFI LP UT P35-T2R XFX 6970 4gb G.Skill PC8000, 2gb G.Skill PC8500 
Hard DriveOSMonitorKeyboard
OCZ Vertex 2 60gb, WD Black 1tb, Samsung F1 1tb Windows 7 x64 Samsung 206bw Razer Tarantula 
PowerCaseMouse
Seasonic X650 Antec P182 Razer DeathAdder 
  hide details  
Reply
Dark Helmet
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3.4ghz, 1.39v DFI LP UT P35-T2R XFX 6970 4gb G.Skill PC8000, 2gb G.Skill PC8500 
Hard DriveOSMonitorKeyboard
OCZ Vertex 2 60gb, WD Black 1tb, Samsung F1 1tb Windows 7 x64 Samsung 206bw Razer Tarantula 
PowerCaseMouse
Seasonic X650 Antec P182 Razer DeathAdder 
  hide details  
Reply
post #3 of 7
Thread Starter 
well i used ccleaner to clean out the registry, and spybot s&d - all without the internet plugged in.

- spybot was saying that it was a program that was accessing the net and would always change itsname.dll - so to solve it, unplug the internet after scanning, restart, etc.

so i did that, rescanned, no problems, hasnt popped up since.
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
post #4 of 7
Quote:
Originally Posted by Flatliner View Post
well i used ccleaner to clean out the registry, and spybot s&d - all without the internet plugged in.

- spybot was saying that it was a program that was accessing the net and would always change itsname.dll - so to solve it, unplug the internet after scanning, restart, etc.

so i did that, rescanned, no problems, hasnt popped up since.
Sounds like the Smitfraud/zblob trojan horse. There are a lot of free utilities you can get to get rid of it. It doesn't infect files it just keeps making copies of itself with different names.
i7 on the cheap
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 970 Gigabyte X58A-UD7 evga GTX470 Corsair Vengence 
Hard DriveOptical DriveOSMonitor
Intel X25-M 160GB LG GBW-H20L Windows 7 Ultimate Acer GD235HZ 23.6" 120HZ 
KeyboardPowerCaseMouse
Logitech G15 Rocketfish 900W 80+ Silver Corsair Obsidian 800D Cyborg Rat 7 
  hide details  
Reply
i7 on the cheap
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 970 Gigabyte X58A-UD7 evga GTX470 Corsair Vengence 
Hard DriveOptical DriveOSMonitor
Intel X25-M 160GB LG GBW-H20L Windows 7 Ultimate Acer GD235HZ 23.6" 120HZ 
KeyboardPowerCaseMouse
Logitech G15 Rocketfish 900W 80+ Silver Corsair Obsidian 800D Cyborg Rat 7 
  hide details  
Reply
post #5 of 7
Thread Starter 
ugh, i thought i had fixed it...nothing popped up for a good 20 minutes, but then it just came up again. but this time the picture was blue not red


what are these free programs to remove it that you speak of?
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
post #6 of 7
Quote:
Originally Posted by Flatliner View Post
ugh, i thought i had fixed it...nothing popped up for a good 20 minutes, but then it just came up again. but this time the picture was blue not red


what are these free programs to remove it that you speak of?
Check out that guide I posted. It should walk you through manually removing it from the registry.
Dark Helmet
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3.4ghz, 1.39v DFI LP UT P35-T2R XFX 6970 4gb G.Skill PC8000, 2gb G.Skill PC8500 
Hard DriveOSMonitorKeyboard
OCZ Vertex 2 60gb, WD Black 1tb, Samsung F1 1tb Windows 7 x64 Samsung 206bw Razer Tarantula 
PowerCaseMouse
Seasonic X650 Antec P182 Razer DeathAdder 
  hide details  
Reply
Dark Helmet
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @ 3.4ghz, 1.39v DFI LP UT P35-T2R XFX 6970 4gb G.Skill PC8000, 2gb G.Skill PC8500 
Hard DriveOSMonitorKeyboard
OCZ Vertex 2 60gb, WD Black 1tb, Samsung F1 1tb Windows 7 x64 Samsung 206bw Razer Tarantula 
PowerCaseMouse
Seasonic X650 Antec P182 Razer DeathAdder 
  hide details  
Reply
post #7 of 7
Thread Starter 
Quote:
Originally Posted by tehpwnerofn00bs View Post
Check out that guide I posted. It should walk you through manually removing it from the registry.

yeah i tried, but nothing is named PC-antispyware. no process, no registry values, etc.
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel Core-i5 6500 ASRock H110M-DGS XFX RX480 8GB Corsair Vengeance LPX 2x4GB DDR4 
Hard DriveHard DriveOptical DriveCooling
Sandisk SSD Plus 240GB Seagate Barracuda 3TB HP Blu-ray Corsair H55 
OSMonitorKeyboardPower
Windows 10 Pro x64 Apple 24" LED Cinema Display Razer BlackWidow Ultimate Corsair CX550M 
CaseMouse
Rosewill SRM-01 Corsair M45 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › [SOLVED?] - virus on my dads PC?