Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I believe im infected, need to delete this and NOT reformat
New Posts  All Forums:Forum Nav:

I believe im infected, need to delete this and NOT reformat - Page 2

post #11 of 66
Thread Starter 


if its deactivated my windows im bloody screwed.
    
CPUMotherboardGraphicsRAM
Intel ATOM N450 @ 1.66Ghz <unknown> Intel GMA3150 256mb 2GB DDR2-800 
Hard DriveOSMonitorKeyboard
160GB 5,400RPM 2.5" Windows XP Professional SP3 LED (Non-gloss) 1024x600 intergrated 
PowerCaseMouseMouse Pad
6 cell battery Samsung Wireless mouse 3000 / touchpad anything 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel ATOM N450 @ 1.66Ghz <unknown> Intel GMA3150 256mb 2GB DDR2-800 
Hard DriveOSMonitorKeyboard
160GB 5,400RPM 2.5" Windows XP Professional SP3 LED (Non-gloss) 1024x600 intergrated 
PowerCaseMouseMouse Pad
6 cell battery Samsung Wireless mouse 3000 / touchpad anything 
  hide details  
Reply
post #12 of 66
I don't see anything suspicious there. Although one of the SVChosts could be spyware, but if MBAM isn't flagging it I'd say you don't have anything going on there.
MBAM is great but also add Spybot Seach and Destroy to that, Spybot will find stuff MBAM doesn't find and vice versa, they're great to keep both on your system.
Get CCLEANER and run a system cleanup, no need to sit and manually delete the crap out of your Temp folder.
post #13 of 66
Quote:
Originally Posted by jdcrispe95 View Post
Trying this as we speak. if it works Thanks in advance.

It will give you a list of choices when it finds some thing and it will also tell you the directory its in,

I normally press 2 to delete all its better than moving to chest (Vault)

http://help.artaro.eu/index.php/gene...time-scan.html
RIG 1
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8350 ASUS CH-V 990FX EVGA GTX 980 G-SKILL F3-14900 SNIPER 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 Pro WD Black² PIONEER BDR-205 XSPC Raystorm 
OSMonitorKeyboardPower
WIN 8.1 MCE Nec 463 MX5500 DARK POWER PRO 1200 - P10 
CaseMouseMouse PadAudio
CoolerMaster Cosmos II REVO DIRTY ASUS HDAV 1.3 Deluxe 
  hide details  
Reply
RIG 1
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8350 ASUS CH-V 990FX EVGA GTX 980 G-SKILL F3-14900 SNIPER 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 Pro WD Black² PIONEER BDR-205 XSPC Raystorm 
OSMonitorKeyboardPower
WIN 8.1 MCE Nec 463 MX5500 DARK POWER PRO 1200 - P10 
CaseMouseMouse PadAudio
CoolerMaster Cosmos II REVO DIRTY ASUS HDAV 1.3 Deluxe 
  hide details  
Reply
post #14 of 66
Do you have access to another computer? Maybe you can run something like a ERDCommander disc on it (if you have another computer to burn the .iso to) and go manually delete the file if it seems to be giving you problems.
post #15 of 66
Quote:
Originally Posted by jdcrispe95 View Post


if its deactivated my windows im bloody screwed.

What were you doing to get this ?

Edit just had a read of this
http://comprolive.com/remove/trojan/...systemroot-exe

Was yours an EXE file but in the format as a jpg picture that wont show a picture ?
Edited by macca_dj - 4/24/11 at 7:00am
RIG 1
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8350 ASUS CH-V 990FX EVGA GTX 980 G-SKILL F3-14900 SNIPER 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 Pro WD Black² PIONEER BDR-205 XSPC Raystorm 
OSMonitorKeyboardPower
WIN 8.1 MCE Nec 463 MX5500 DARK POWER PRO 1200 - P10 
CaseMouseMouse PadAudio
CoolerMaster Cosmos II REVO DIRTY ASUS HDAV 1.3 Deluxe 
  hide details  
Reply
RIG 1
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8350 ASUS CH-V 990FX EVGA GTX 980 G-SKILL F3-14900 SNIPER 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 Pro WD Black² PIONEER BDR-205 XSPC Raystorm 
OSMonitorKeyboardPower
WIN 8.1 MCE Nec 463 MX5500 DARK POWER PRO 1200 - P10 
CaseMouseMouse PadAudio
CoolerMaster Cosmos II REVO DIRTY ASUS HDAV 1.3 Deluxe 
  hide details  
Reply
post #16 of 66
Try running this combofix program.
Edit: Caution on using this.. It doesn't prompt on file deletions, but it work on me with no problems.

You can also try looking at your registry on the 'run' part. Or invoke msconfig and check the programs running upon windows boot at 'startup' tab
Edited by ConradTP - 4/24/11 at 7:04am
post #17 of 66
Thread Starter 
Quote:
Originally Posted by macca_dj View Post
What were you doing to get this ?

Edit just had a read of this
http://comprolive.com/remove/trojan/...systemroot-exe

Was yours an EXE file but in the format as a jpg picture that wont show a picture ?
i see no iexplorer.exe but anywho i dont use IE so i should be safe right?
    
CPUMotherboardGraphicsRAM
Intel ATOM N450 @ 1.66Ghz <unknown> Intel GMA3150 256mb 2GB DDR2-800 
Hard DriveOSMonitorKeyboard
160GB 5,400RPM 2.5" Windows XP Professional SP3 LED (Non-gloss) 1024x600 intergrated 
PowerCaseMouseMouse Pad
6 cell battery Samsung Wireless mouse 3000 / touchpad anything 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel ATOM N450 @ 1.66Ghz <unknown> Intel GMA3150 256mb 2GB DDR2-800 
Hard DriveOSMonitorKeyboard
160GB 5,400RPM 2.5" Windows XP Professional SP3 LED (Non-gloss) 1024x600 intergrated 
PowerCaseMouseMouse Pad
6 cell battery Samsung Wireless mouse 3000 / touchpad anything 
  hide details  
Reply
post #18 of 66
Quote:
Originally Posted by jdcrispe95 View Post
i see no iexplorer.exe but anywho i dont use IE so i should be safe right?
Yes should be good,

Have you run Avast yet ?

You will not need to run anything else apart from avast once its done a boot scan you will be cleared,
Programs that run in windows inviroment wont do much to delete the problem,
if its the same as I have dealt with before the only way I got rid of it was Via Avasts boot scan
RIG 1
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8350 ASUS CH-V 990FX EVGA GTX 980 G-SKILL F3-14900 SNIPER 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 Pro WD Black² PIONEER BDR-205 XSPC Raystorm 
OSMonitorKeyboardPower
WIN 8.1 MCE Nec 463 MX5500 DARK POWER PRO 1200 - P10 
CaseMouseMouse PadAudio
CoolerMaster Cosmos II REVO DIRTY ASUS HDAV 1.3 Deluxe 
  hide details  
Reply
RIG 1
(16 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX 8350 ASUS CH-V 990FX EVGA GTX 980 G-SKILL F3-14900 SNIPER 
Hard DriveHard DriveOptical DriveCooling
Samsung 840 Pro WD Black² PIONEER BDR-205 XSPC Raystorm 
OSMonitorKeyboardPower
WIN 8.1 MCE Nec 463 MX5500 DARK POWER PRO 1200 - P10 
CaseMouseMouse PadAudio
CoolerMaster Cosmos II REVO DIRTY ASUS HDAV 1.3 Deluxe 
  hide details  
Reply
post #19 of 66
you better be in safe mode. lol
    
CPUMotherboardGraphicsRAM
2600k @ 4.5 1.25v Maximus Iv Extreme Unlocked 6950 @ 976gpu Ridgeback 6-8-6-20-1T @1600Mhz 
Hard DriveOSMonitorPower
C300 64GB + 320GB WD +1TB Blacks Windows 7 64bit Samsung 2343BWX (2048x1152) OCZ ElitexStream 800w 
CaseMouse
Lian Li V2000 G9 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
2600k @ 4.5 1.25v Maximus Iv Extreme Unlocked 6950 @ 976gpu Ridgeback 6-8-6-20-1T @1600Mhz 
Hard DriveOSMonitorPower
C300 64GB + 320GB WD +1TB Blacks Windows 7 64bit Samsung 2343BWX (2048x1152) OCZ ElitexStream 800w 
CaseMouse
Lian Li V2000 G9 
  hide details  
Reply
post #20 of 66
Thread Starter 
Quote:
Originally Posted by macca_dj View Post
Yes should be good,

Have you run Avast yet ?

You will not need to run anything else apart from avast once its done a boot scan you will be cleared,
Programs that run in windows inviroment wont do much to delete the problem,
if its the same as I have dealt with before the only way I got rid of it was Via Avasts boot scan
Avast is running and scanning.

Quote:
Originally Posted by Kick View Post
you better be in safe mode. lol
I have been into safe mode and disabled EVERYTHING from startup.
    
CPUMotherboardGraphicsRAM
Intel ATOM N450 @ 1.66Ghz <unknown> Intel GMA3150 256mb 2GB DDR2-800 
Hard DriveOSMonitorKeyboard
160GB 5,400RPM 2.5" Windows XP Professional SP3 LED (Non-gloss) 1024x600 intergrated 
PowerCaseMouseMouse Pad
6 cell battery Samsung Wireless mouse 3000 / touchpad anything 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Intel ATOM N450 @ 1.66Ghz <unknown> Intel GMA3150 256mb 2GB DDR2-800 
Hard DriveOSMonitorKeyboard
160GB 5,400RPM 2.5" Windows XP Professional SP3 LED (Non-gloss) 1024x600 intergrated 
PowerCaseMouseMouse Pad
6 cell battery Samsung Wireless mouse 3000 / touchpad anything 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › I believe im infected, need to delete this and NOT reformat