 |
Windows 7: install.exe found on external drive - how do I find out what it is?
|
31 Jan 2013
|
#11 | |
Windows 7 Ultimate SP1 (x64) South Australia |
Only from a DVD/USB - its specifically designed this way to outsmart malware that requires booting into Windows to become 'aware' and then avoid detection, or hamper the malware detection process.
| My System Specs |
| Computer type PC/Desktop
System Manufacturer/Model Number Golden Mk. I.3
OS Windows 7 Ultimate SP1 (x64)
CPU Intel i7 860 @ 2.80 GHz
Motherboard Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory 16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card EVGA NVidia GTX 560 1024MB
Sound Card Realtek Integrated
Monitor(s) Displays Dual Samsung SyncMaster 2494HS
Screen Resolution 1920*1080 and 1920*1080
Keyboard Logitech G110
Mouse Logitech MX518
PSU Thermaltake ToughPower QFan 750W
Case Thermaltake Element S VK60001W2Z
Cooling Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Hard Drives 1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
3*Samsung F1 SpinPoint 1TB in RAID5;
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
Internet Speed Not fast enough!!!
Antivirus MSE and Malwarebytes Pro
Browser Chrome Version 25
Other Info Laptop: ASUS X54C, Intel Core i3-2330M @ 2.0Ghz, 4GB RAM, Intel HD on-board graphics, Windows 7 Professional SP1 (x64), LinuxMint 14 (x64), PepperMint 3 (x86)
|
31 Jan 2013
|
#12 | |
|
Okay... have run Quick Scan.... (full scan to follow ) Trojan found Win32/Sirefef
BUT... is not able to be removed with this message: Windows defender offline encountered an error: Error code Ox800704ec "This program is blocked by group policy. For more information contact your system administrator.
So.. how do I remove this file and what is it? | | My System Specs | | |
31 Jan 2013
|
#13 | |
Win 7 Pro x64 SP1, Win 7 Ult x86 SP1 NC, USA |
You can upload the install.exe file to VirusTotal https://www.virustotal.com/
It will scan it and you may find more info on what malware is found in the file. | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number home built
OS Win 7 Pro x64 SP1, Win 7 Ult x86 SP1
CPU AMD Athlon II x4 620
Motherboard Gigabyte GA-MA785G-UD3H
Memory 6GB GSkill DDR2 800
Graphics Card AMD 4670 GPU + AMD 4200 IGP
Sound Card on board Realtek ALC889A
Monitor(s) Displays RCA 40" LCD TV, Insignia 32" LCD TV, HP 15" LCD monitor
Screen Resolution 1680 x 1050...
Keyboard Gyration wireless, Logitech wireless, Dell USB wired
Mouse Gyration wireless, Logitech wireless, V7 USB wired
PSU Corsair 500 W
Case Rosewill mid tower
Cooling CM 90mm Tower
Hard Drives OCZ Vertex 3 120GB,
Samsung F3 1TB (3),
Several others - WD, Seagate, Hitachi, ...
Internet Speed Uverse - 12Mbps D / 1.5Mbps U
Antivirus Avast free OR MSE. (+ MBAM Pro).
Browser 1-Firefox, 2-IE. (Chrome and Opera for testing)
Other Info 2 PCs: Primary: dual-boot, Test: triple-boot.
Mainly HTPC/Gen purpose (no gaming).
Trendnet USB KVM.
LG DVD burner/Blue Ray Player.
Tray system for removable SATA backup drives.
Not currently OCd, under-volted.
I use Hybrid sleep, rarely re-boot or shutdown.
Hauppauge HD-PVR, Avermedia PCIe TV Tuner, Hauppauge PCI TV Tuner.
|
31 Jan 2013
|
#14 | |
|
unable to upload the file there...
Hi.. we have tried that but when we try to upload it it says we don't have (administrator) permission to do so.... | | My System Specs | | |
31 Jan 2013
|
#15 | |
Windows 7 Ultimate SP1 (x64) South Australia |
| | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Golden Mk. I.3
OS Windows 7 Ultimate SP1 (x64)
CPU Intel i7 860 @ 2.80 GHz
Motherboard Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory 16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card EVGA NVidia GTX 560 1024MB
Sound Card Realtek Integrated
Monitor(s) Displays Dual Samsung SyncMaster 2494HS
Screen Resolution 1920*1080 and 1920*1080
Keyboard Logitech G110
Mouse Logitech MX518
PSU Thermaltake ToughPower QFan 750W
Case Thermaltake Element S VK60001W2Z
Cooling Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Hard Drives 1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
3*Samsung F1 SpinPoint 1TB in RAID5;
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
Internet Speed Not fast enough!!!
Antivirus MSE and Malwarebytes Pro
Browser Chrome Version 25
Other Info Laptop: ASUS X54C, Intel Core i3-2330M @ 2.0Ghz, 4GB RAM, Intel HD on-board graphics, Windows 7 Professional SP1 (x64), LinuxMint 14 (x64), PepperMint 3 (x86)
|
31 Jan 2013
|
#16 | |
|
Home computer
It is a home computer on a 'home network' with two computers in total... connected by cable... they were bought form new and have always been used as home computers....
I 'think' I have managed to remove the Sirefef Trojan... from a link elsewhere on this forum... touch wood it has worked... http://malwaretips.com/Thread-How-to...-Removal-Guide
Last edited by Neil2305; 31 Jan 2013 at 05:39 PM..
| | My System Specs | | |
31 Jan 2013
|
#17 | |
Windows 7 Ultimate SP1 (x64) South Australia |
Reboot your computer, and run an online scanning using this: Free Online Virus Scanner | ESET | | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Golden Mk. I.3
OS Windows 7 Ultimate SP1 (x64)
CPU Intel i7 860 @ 2.80 GHz
Motherboard Gigabyte P55A-UD3R Rev.1. Award BIOS F13
Memory 16GB Corsair Vengance DDR3 @ 661 MHz Dual Channel (9-9-9-24)
Graphics Card EVGA NVidia GTX 560 1024MB
Sound Card Realtek Integrated
Monitor(s) Displays Dual Samsung SyncMaster 2494HS
Screen Resolution 1920*1080 and 1920*1080
Keyboard Logitech G110
Mouse Logitech MX518
PSU Thermaltake ToughPower QFan 750W
Case Thermaltake Element S VK60001W2Z
Cooling Corsair H60 Water Cooling, 2*230mm and 2*80mm case fans
Hard Drives 1*OCZ Vertex 2 60GB SSD;
2*Samsung F3 SpinPoint 1TB in RAID0;
3*Samsung F1 SpinPoint 1TB in RAID5;
1*Western Digital 500GB External USB 3.0
1*Seagate 500GB External USB 2.0
Internet Speed Not fast enough!!!
Antivirus MSE and Malwarebytes Pro
Browser Chrome Version 25
Other Info Laptop: ASUS X54C, Intel Core i3-2330M @ 2.0Ghz, 4GB RAM, Intel HD on-board graphics, Windows 7 Professional SP1 (x64), LinuxMint 14 (x64), PepperMint 3 (x86)
|
31 Jan 2013
|
#18 | |
Windows 7 Home Premium 64 bit. SP-1 Northern Ohio |
| | My System Specs | | Computer type PC/Desktop
System Manufacturer/Model Number Home made Desktop
OS Windows 7 Home Premium 64 bit. SP-1
CPU Intel i7-960-3.2 @ 4.25
Motherboard ASUS P6X58D-E
Memory KINGSTON KHX2000C9, Hyper X,12 GIGS
Graphics Card MSI/Nvidia/460GTX-Cyclone 1GD5/OC
Monitor(s) Displays DYNEX 40 IN.
Screen Resolution 1920-1080 or 1280-720 HDMI
Keyboard M/S 3000 v 2.0 wireless
Mouse M/S 5000 wireless
PSU Corsair AX-850 Plus Gold
Case Corsair 600T (Black) + side panel with 2 140 mm Noctua fans
Cooling Corsair H50/2 Noctua NF-P12 (120 mm) Push/Pull-
Hard Drives INTEL SSD 120GB-SER 510
Seagate 1TB SATA 600 7200 rpm Hard Drive
Internet Speed 3.0 mb
Antivirus Microsoft Security Eesentials
Browser I.E. 10 default/Firefox
Other Info LG BluRay-Read/Write
Sound system
KLipsch-THX
Asus Router RTN-12
2 Noctua 140 added on top of 600t case
Malwarebytes Anti Malware Professional
Windows 7 Firewall
|
31 Jan 2013
|
#19 | |
Windows 7 Home Premium On East 4th Street, USA |
Neil3205,
If Sirefef was found on your computer, your interests are well served by running tools that query/diagnose the system prior to Windows starting.
Although some programs may come up clean, malware could still be lurking somewhere, particularly if it is a Rootkit.
So, if you agree, let’s take a look before Windows starts, but, need some info from you:
Do you have the Repair your computer option in the Advanced Boot Options menu?
To find out:
Restart the computer.
As soon as the BIOS is loaded begin tapping the F8 key until the Advanced Boot Options menu appears.
Is the Repair your computer option listed?
If you do not have the option, do you have your Windows installation CD/DVD available?
And last, do you have a USB flash drive available, and access to a clean computer?
| | My System Specs | | OS Windows 7 Home Premium
|
31 Jan 2013
|
#20 | |
|
Installed Windows Offline Defender
I am running this on my own computer on our home 'network'... as earlier advice in the thread... I have downloaded Windows Offline Defender on a CD and changed the BIOS to boot via the CD and did the scan by that... (at least a quick scan).... I will run a full scan while I sleep tonight as I fear that might take a few hours... the last re-boot I did the Sirefef wasn't showing.... now running an ESET scan.... | | My System Specs | | install.exe found on external drive - how do I find out what it is? problems? All times are GMT -5. The time now is 09:14 PM. |  |
My system backup failed, could not find external drive 
