asking about ahadmin.exe


  1. Posts : 5
    win 7 ulimate 32 bit
       #1

    asking about ahadmin.exe


    ahadmin.exe has detected a virus on my windows 7 .. What Was it really a virus? and how to kill this?
      My Computer


  2. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #2

    Hi,

    Are you asking if ahadmin is a virus? I found one occurence of a similar name which has been flagged as suspicious:
    ahadmin.gicp.net.exe - VirSCAN.org

    I recommend uploading the file here, for a scan:
    https://www.virustotal.com/

    Regards,
    Golden
      My Computer


  3. Posts : 10,994
    Win 7 Pro 64-bit
       #3

    Hello aguswgs and welcome to Seven Forums.

    I found a reference to ahadmin.exe at the Webroot/Prevx site. It's one of several aliases for the basesrv.exe malware.

    BASESRV.EXE, Prevx

    If your installed antivirus caught this, it should have given you the opportunity to quarantine or delete it. Run a full scan with your antivirus/antispyware. It would also be a good idea to run a couple more free on-demand scanners to double check your computer. Some recommended products are Malwarebytes, Hitman Pro, Superantispyware, Trend Micro HouseCall, Comodo Cleaning Essentials, Eset, etc.
      My Computer


  4. Posts : 5
    win 7 ulimate 32 bit
    Thread Starter
       #4

    Thanks marsmimar..
    I've been using Malwarebyte for remove ahdmin.exe. for a moment my computer can run back to the normal, but then they come again, and this makes me really frustrated.
    Btw, do i have to remove it from the system regedit?
      My Computer


  5. Posts : 10,994
    Win 7 Pro 64-bit
       #5

    aguswgs said:
    Thanks marsmimar..
    I've been using Malwarebyte for remove ahdmin.exe. for a moment my computer can run back to the normal, but then they come again, and this makes me really frustrated.
    Btw, do i have to remove it from the system regedit?
    I'm not a malware expert but I've passed your question along to one of our members who is an expert. Hopefully she will give you some advice on what to do. From my very limited knowledge this sounds like a self-replicating virus or trojan. That means it has probably hooked itself into more than just one system file. Eliminate the virus from one file and it will reproduce itself from another file. And because it apparently goes by so many different names, searching the registry may not get rid of it because you wouldn't know what other names it goes by.

    Until you hear back from our expert, I would recommend you try a free product from Microsoft called Windows Defender Offline (originally called Microsoft Standalone System Sweeper.) You need to download the software from a computer that is NOT infected and burn it to a flash drive or CD. You would then boot the infected computer from the flash drive or CD bypassing the usual startup procedure. This tutorial gives more information.

    Windows Defender Offline

    There are several more things you may be asked to try. But please remember that once a computer has been infected, you can never be 100% sure that all traces of the malware have been removed. No anti-malware product is 100% effective 100% of the time
      My Computer


  6. Posts : 5
    win 7 ulimate 32 bit
    Thread Starter
       #6

    Thanks for your advices and information. I hope this can fix my problem

    Best regard

    Agus H
      My Computer


  7. Posts : 644
    Windows 7 home premium x64
       #7

    In my experience when Malwarebytes has apparently removed the current infection it can leave the file causing the damage in the Temp folder. Have a look for any likely named suspects, if you find one, right click to delete, if it says it cannot because it's open, you got the bad boy.
    Open task manager, kill that process, go back to temp and now you can delete it.
    Follow up by removing any reference in msconfig also I would start up regedit. Probably you only need check the run and runonce items.
      My Computer


  8. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #8

    Let's see what this is ....

    Download DDS from one of these links:
    Mirror 1 Mirror 2 Mirror 3
    • Disable any script blocking protection
    • Double click the dds icon to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt <--- will be minimized in the task tray
    • Save both reports to your desktop.

    Include the contents of both logs in your next post.
    The scan will instruct you to post Attach.txt as an attachment.
      My Computer


 

Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 21:01.
Find Us