Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Win 7 Home Security virus remove problem
New Posts  All Forums:Forum Nav:

Win 7 Home Security virus remove problem - Page 2

post #11 of 16
Thread Starter 
I'm not too sure how I got the virus but people say that it comes threw windows update and different sites which I can think of a site which I might have got it from which was a anime forum which is have ad and redirecting problems at the moment.
<(o_O<)^-^(>O_o)>
(21 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500K @ 4.5GHz Asrock Z68 Extreme 3 Gen 3 Gigabyte GTX 970 Windforce 4GB 16gb G.Skill Ripjaws 1600mhz 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 EVO 250GB WD10EZEX 1TB DVD Multi Ram2 Corsair H100i 
OSMonitorKeyboardPower
Windows 10 Pro LG 29EA73 Microsoft Sidewinder X4 Corsair HX-650 
CaseMouseMouse PadAudio
Corsair A540 Logitech G502 Razer Goliathus Speed Extended Creative X-Fi Titanium 
AudioAudioAudioAudio
Beyerdynamics DT770 Pro 80Ω Kenwood RA-5000 Receiver + LS-V130-B Speakers Yamaha YST-SW030 Subwoofer FiiO E10K 
  hide details  
Reply
<(o_O<)^-^(>O_o)>
(21 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500K @ 4.5GHz Asrock Z68 Extreme 3 Gen 3 Gigabyte GTX 970 Windforce 4GB 16gb G.Skill Ripjaws 1600mhz 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 EVO 250GB WD10EZEX 1TB DVD Multi Ram2 Corsair H100i 
OSMonitorKeyboardPower
Windows 10 Pro LG 29EA73 Microsoft Sidewinder X4 Corsair HX-650 
CaseMouseMouse PadAudio
Corsair A540 Logitech G502 Razer Goliathus Speed Extended Creative X-Fi Titanium 
AudioAudioAudioAudio
Beyerdynamics DT770 Pro 80Ω Kenwood RA-5000 Receiver + LS-V130-B Speakers Yamaha YST-SW030 Subwoofer FiiO E10K 
  hide details  
Reply
post #12 of 16
a lot of these rogue AVs can be removed using a combination of several programs like superantispyware/malwarebytes/smitfraudfix.
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
 
Work Rig
(11 items)
 
 
CPUMotherboardGraphicsRAM
i7-2700k @ 4.5GHz  Asus P8Z68-V/Gen3 Asus GTX 1070 Strix OC G.Skill Ripjaws 16GB 
Hard DriveCoolingOSKeyboard
Crucial M4 128GB + 1TB F3 + Crucial M500 256GB Noctua NH-D15S Windows 10 Pro Cooler Master Novatouch TKL 
PowerCaseMouseMouse Pad
Cooler Master V1000 600T SE Roccat Kone XTD Steel Series 9HD 
CPUMotherboardGraphicsRAM
i7 950 Rampage III Gene 2x EVGA GTX 680 SLI 24gb HyperX 
Hard DriveCoolingOSMonitor
960GB Crucial M500 Intel Stock Windows 7 64bit Enterprise HP ZR2440w + Z24i 
KeyboardPowerCase
Ducky Brown Antec TP-750 Antec Sonata 
  hide details  
Reply
post #13 of 16
Thread Starter 
Yea ironically I turned on the computer this morning and was able to access Malwarebytes so I removed it and then deleted it from the registry so it won't come back.

Thanks for the help anyway guys.
<(o_O<)^-^(>O_o)>
(21 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500K @ 4.5GHz Asrock Z68 Extreme 3 Gen 3 Gigabyte GTX 970 Windforce 4GB 16gb G.Skill Ripjaws 1600mhz 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 EVO 250GB WD10EZEX 1TB DVD Multi Ram2 Corsair H100i 
OSMonitorKeyboardPower
Windows 10 Pro LG 29EA73 Microsoft Sidewinder X4 Corsair HX-650 
CaseMouseMouse PadAudio
Corsair A540 Logitech G502 Razer Goliathus Speed Extended Creative X-Fi Titanium 
AudioAudioAudioAudio
Beyerdynamics DT770 Pro 80Ω Kenwood RA-5000 Receiver + LS-V130-B Speakers Yamaha YST-SW030 Subwoofer FiiO E10K 
  hide details  
Reply
<(o_O<)^-^(>O_o)>
(21 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500K @ 4.5GHz Asrock Z68 Extreme 3 Gen 3 Gigabyte GTX 970 Windforce 4GB 16gb G.Skill Ripjaws 1600mhz 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 EVO 250GB WD10EZEX 1TB DVD Multi Ram2 Corsair H100i 
OSMonitorKeyboardPower
Windows 10 Pro LG 29EA73 Microsoft Sidewinder X4 Corsair HX-650 
CaseMouseMouse PadAudio
Corsair A540 Logitech G502 Razer Goliathus Speed Extended Creative X-Fi Titanium 
AudioAudioAudioAudio
Beyerdynamics DT770 Pro 80Ω Kenwood RA-5000 Receiver + LS-V130-B Speakers Yamaha YST-SW030 Subwoofer FiiO E10K 
  hide details  
Reply
post #14 of 16
Quote:
Originally Posted by Jaxlb View Post
Yea ironically I turned on the computer this morning and was able to access Malwarebytes so I removed it and then deleted it from the registry so it won't come back.

Thanks for the help anyway guys.
Cool beans

If you suspect Certain of the sites you visit to be infested. run the browser sandboxed to avoid future disasters like this
Dorianime
(15 items)
 
School Rig
(5 items)
 
 
MotherboardGraphicsRAMHard Drive
Clevo W120HNM/w170HN GT540M Samsung Seagate Momentus 
OS
Windows 7 ultimate 
  hide details  
Reply
Dorianime
(15 items)
 
School Rig
(5 items)
 
 
MotherboardGraphicsRAMHard Drive
Clevo W120HNM/w170HN GT540M Samsung Seagate Momentus 
OS
Windows 7 ultimate 
  hide details  
Reply
post #15 of 16
Could you not also pull the infected drive out and add it (as a storage drive) to a clean working system and scan\\clean it?

I have this prob with one of 5 systems in the house and cannot figure out where it came from either,

Thought I had gotten rid of it, I got into system restore and restored it back ab 3 days and ran Cogeco,(fsecure), malwarebytes, superantispyware, Spybot S&D, checked start up with Win 7 manager, ccleaner and msconfig all clear.....got it again next day!!! User only went on facebook, but Cogeco asked to allow ***.exe to access internet, it happened to be already open when the attack occured, and Cogeco didnt pick up the virus in the scan!!! Now Im back to trying to remove it, again!!
Goint to try some of your suggestions here........
Edited by brewermoe - 4/8/11 at 6:04am
The uPgrader!!
(19 items)
 
  
CPUMotherboardGraphicsGraphics
FX-8150 @4.56G ASUS Crosshair V Formula Gigabyte Radeon HD 6850  Gigabyte Radeon HD 6850  
RAMHard DriveHard DriveHard Drive
RipJaws F312800CL9D 4X4G Samsung 840 Pro 256G ST3500418AS ST2000DL0039Vt 
Optical DriveCoolingOSMonitor
LitOn iHAS424 H60 WIN XP\WIN 7 64BIT Gateway 24 
MonitorKeyboardPowerCase
"NEC 17" Logitech Wave Cordless OCZ FATALITY 550 CM690 II Advanced 
Mouse PadAudio
Logitech Lx8 Logitech 7.1 
  hide details  
Reply
The uPgrader!!
(19 items)
 
  
CPUMotherboardGraphicsGraphics
FX-8150 @4.56G ASUS Crosshair V Formula Gigabyte Radeon HD 6850  Gigabyte Radeon HD 6850  
RAMHard DriveHard DriveHard Drive
RipJaws F312800CL9D 4X4G Samsung 840 Pro 256G ST3500418AS ST2000DL0039Vt 
Optical DriveCoolingOSMonitor
LitOn iHAS424 H60 WIN XP\WIN 7 64BIT Gateway 24 
MonitorKeyboardPowerCase
"NEC 17" Logitech Wave Cordless OCZ FATALITY 550 CM690 II Advanced 
Mouse PadAudio
Logitech Lx8 Logitech 7.1 
  hide details  
Reply
post #16 of 16
Quote:
Originally Posted by mojoopo View Post
Restart the computer in "Safemode With Command Prompt".
When cmd shows up type "regedit'.
navigate to "HKEY_CLASSES_ROOT\\exefile\\shell\\open\\command\ \"
Click on the default key and click "modify" remove everything except for ("%1" %*).
Close regedit
in cmd type "explorer.exe"
Click "start" then "computer" and navigate to "C:\\Users\\[USERNAME]\\AppData\\Local"
Delete all files with 3 character file names. note: You will have have "protected view" off in "folder options" and "show hidden files and folders "on
You can now restart the compter and the virus will be gone.


been removing these left right and center at work
This worked for me! (So Far)
FYI ... the executable running was ***.exe and add.exe was also inside

Many Thanks!!!!!!
Edited by brewermoe - 4/10/11 at 10:39am
The uPgrader!!
(19 items)
 
  
CPUMotherboardGraphicsGraphics
FX-8150 @4.56G ASUS Crosshair V Formula Gigabyte Radeon HD 6850  Gigabyte Radeon HD 6850  
RAMHard DriveHard DriveHard Drive
RipJaws F312800CL9D 4X4G Samsung 840 Pro 256G ST3500418AS ST2000DL0039Vt 
Optical DriveCoolingOSMonitor
LitOn iHAS424 H60 WIN XP\WIN 7 64BIT Gateway 24 
MonitorKeyboardPowerCase
"NEC 17" Logitech Wave Cordless OCZ FATALITY 550 CM690 II Advanced 
Mouse PadAudio
Logitech Lx8 Logitech 7.1 
  hide details  
Reply
The uPgrader!!
(19 items)
 
  
CPUMotherboardGraphicsGraphics
FX-8150 @4.56G ASUS Crosshair V Formula Gigabyte Radeon HD 6850  Gigabyte Radeon HD 6850  
RAMHard DriveHard DriveHard Drive
RipJaws F312800CL9D 4X4G Samsung 840 Pro 256G ST3500418AS ST2000DL0039Vt 
Optical DriveCoolingOSMonitor
LitOn iHAS424 H60 WIN XP\WIN 7 64BIT Gateway 24 
MonitorKeyboardPowerCase
"NEC 17" Logitech Wave Cordless OCZ FATALITY 550 CM690 II Advanced 
Mouse PadAudio
Logitech Lx8 Logitech 7.1 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › Win 7 Home Security virus remove problem