Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malicious software help

05 Jun 2013   #1

Windows Seven Ultimate x64
 
 
Malicious software help

While its not technically a virus, what is going on here is annoying and I cannot make it stop.

in my Appdata/roaming/microsoft/windows/start menu/programs folder is a folder called startup. no matter what I do including weeding out all the startup services I can that I don't recognize with msconfig a program that is mining bitcoins for someone is added to that folder and run on start up. I cannot figure out what program is creating this, and I thus do not know how to remove it. Virus scans with many different programs all do nothing, including rootkitremover and malwarebytes. even setting these to not run on start up still has them running on start up. Worse yet, it takes around 15 minutes or so (haven't actually timed it) for the contents of that folder to be created and run. Any Ideas?

Edit: I also ran a program called combofix

My System SpecsSystem Spec
.

05 Jun 2013   #2

Windows 7 Pro. 64/SP-1
 
 

It sound like something that has been added to one of your browsers.

I'm no expert on anything but I use this free program for such problems on my computers from Bleeping Computer site.

Downloading AdwCleaner
My System SpecsSystem Spec
05 Jun 2013   #3

Windows Seven Ultimate x64
 
 

I ran that program and it says it removed something that malwarebytes was supposed to have gotten rid of, so hopefully it did the trick. I'll keep you up to date
My System SpecsSystem Spec
.


05 Jun 2013   #4

Windows 7 Pro. 64/SP-1
 
 

No one program does it all or we would all have that program. This bitcoin thing is not considered a malware or a virus officially but you and I think it is. It probably came as a add on form something you downloaded and you didn't notice it at the time.
Do keep us informed.
My System SpecsSystem Spec
05 Jun 2013   #5

Windows Seven Ultimate x64
 
 

oh, I only mentioned malwarebytes because 2 of the things adw removed were things that MWB said it was taking off. So far so good.
My System SpecsSystem Spec
05 Jun 2013   #6

Windows 7 Home Premium (x64) Service Pack 1 (build 7601)
 
 

In the meantime, you can DL FireFox Portable and use it until you get your main browser sorted.
It's a small portable version of Firefox that an be put anywhere on your computer. No installation required.
I like it enough that I've removed Firefox and only run Firefox Portable.
It can be installed on a flash drive and moved from box to box if needed.

Mozilla Firefox, Portable Edition | PortableApps.com - Portable software for USB, portable and cloud drives
My System SpecsSystem Spec
06 Jun 2013   #7

Windows Seven Ultimate x64
 
 

nope. whatever it is that's doing this is still here. really really annoying at this point.

Edit: found some files in my %temp% folder, that contain all the files put into my start folder, and these are all .exe's. Clearly I have a trojan that is downloading this crap, but nothing is able to find+remove it
My System SpecsSystem Spec
06 Jun 2013   #8

Windows Seven Ultimate x64
 
 

well, the scan is going. I looked at the keys in currentversion\run and saw there was an extra instruction to run some files on java, so I went to the %appdata% folder and removed those too. hopefully a combination of these things will knock this out. I guess that will teach me to keep on top of java updates better.
My System SpecsSystem Spec
06 Jun 2013   #9

Windows 7 Pro. 64/SP-1
 
 

Java for a few months has been nothing but trouble in many ways and has more updates than their is blades of grass in a ball park.
If you don't need Java you can remove it completely as I have done.
If you need Java try FileHippo Updater. It works well for me checking programs for updates. I use it once a day.

FileHippo.com Update Checker - FileHippo.com
My System SpecsSystem Spec
06 Jun 2013   #10

Windows Seven Ultimate x64
 
 

well, scan said I was clean (takes forever too!) hopefully it's right. I will double check the registry to make sure whatever does what its doing hasn't re-added those keys.

What really sucks is I can tell that it is back when I notice how hot my laptop is getting while setting idle. it only takes like 53k of memory, but it brings my cpu usage up to around 28-35% while its running. not to mention since it's abusing my graphics chip watching youtube is jittery and choppy.
My System SpecsSystem Spec
Reply

 Malicious software help




Thread Tools



Similar help and support threads for2: Malicious software help
Thread Forum
Malicious Software Removal Tool - Updates Windows Updates & Activation
Solved Malicious software removal tool ? System Security
Solved Windows Malicious Software Removal Tool System Security
Microsoft Malicious Software Removal Program System Security
Question about Malicious Software removal tool System Security
Malicious Software Tool? Windows Updates & Activation
Malicious Software Removal Tool Tutorials

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:08 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33