Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: i think i have got virus

30 Dec 2013   #71
Mysterious

Windows 7 Ultimate x86
 
 

Quote   Quote: Originally Posted by Slartybart View Post
Hmmm, ESET caught it but didn't do anything. Ok, maybe something wasn't ticked for the scan... in anycase, the file has been renamed and is out of the way.

Have you rebooted? No? Please do before the next steps

A few more (I know I said the guide would be enough, but....)

Finish with Post# 62 (Old timer) and Post# 64 (SuperAntiSpyware)
hmm done with TFC(old timer).but after reboot a new problem arises,taskbar hiding itself & when i'm on desktop taskbar colour is in aero & when in google chrome,taskbar colour is basic.how to fix it ?
TFC was safe or not or it messed up with windows ?
and 1 more question RogueKiller created a folder on my desktop RK_Quarantite & it have some registration entries.should i double click on them each ?

Edit-downloading Super antispyware.file size is big 27.87 mb,will take some time !!




Attached Images
i think i have got virus-rk_quarantite.jpg 
My System SpecsSystem Spec
.
30 Dec 2013   #72
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Old Timer TFC is safe, but it does clean out any and all temporary files. It's not clear that OT caused the symptoms you reported, most likely one of the other scanner 'fixed' a potential issue. The scanners can't tell the difference between a malware modification and a user modication, so they punt and fix what might be a malware modification.

You'll have to personalize your desktop - some things were marked as PUPs or PUMs
Potentially Unwanted | Programs or Modifications
A clean system is worth the small effort required to personalize a system.

Leave the RogueKiller folders/files on your desktop alone for now.



scan results recap
  • JRT-> nothing reported
  • AdwCleaner
    File Deleted : C:\Program Files\Uninstall.exe
    Registry Key Deleted :
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASUS_Screensaver
    HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
    HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
    HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

    [ File : C:\Users\Love\AppData\Local\Google\Chrome\User Data\Default\preferences ]
  • RogueKiller
    --Scan log
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
    [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    --Remove log
    [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
    [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
  • Malwarebytes - quick scan only... should have been full scan
    --> Nothing found
  • Rkill
    Checking for processes to terminate:
    * C:\Windows\System32\ACEngSvr.exe (PID: 3504) [WD-HEUR]
    1 proccess terminated!
    Performing miscellaneous checks:
    * Windows Firewall Disabled
    [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = dword:00000000
    Searching for Missing Digital Signatures:
    * C:\Windows\System32\UxTheme.dll : 2,49,856 : 12/29/2013 10:18 PM : 5ae8fd64fc69a242c572968e1d4e6eb2 [NoSig]
    +-> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_a5baf0f767e33083\uxtheme.dll : 2,49,856 : 07/14/2009 06:46 AM : 63bfdf555da2075a77d677829c3cccd0 [Pos Repl]
  • TDSSkiller -> nothing reported
My System SpecsSystem Spec
30 Dec 2013   #73
Mysterious

Windows 7 Ultimate x86
 
 

ok i'll scan with super antispyware tommorow.because late night here.super antispyware was going to finish & it stopped in internet download manager.it says cannot download file because of timeout.do u want to know possible reason of data corruption ?
wasted 2 hours of downloading
My System SpecsSystem Spec
.

30 Dec 2013   #74
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

The download timed out - what do you mean "possible data corruption"? - is that a message from the download?

I always get a kick when people say they "wasted" time doing something on the computer. It's not funny when you've spent a few hours writing a document and a crash occurs - but people aren't actually doing anything with a download. Other regions might have contraints on usage though - so wasted might apply here.

Have a good nights sleep - we'll skip SuperAntiSpyware.

Instead - have you personalized your system or are there still desktop issues per post# 71 - now would be a good point to make sure your machine is close to how you had it personalized before.

I say close, because there were two items cleaned up by the scans that won't be exact.
Asus screensaver-> can be reclaimed on Asus
uxTheme -> Not really necessary, but you might want it (if so it too can be downloaded, but not recommended)

Then I'd rather you spend time bringing your system up to date using manual Windows Update (WU)
IE 11 is available (your on IE 8) - at a minimum get up to IE 9 (10 has some issues)
There are some other items I noticed, but let WU offer what it thinks is needed.

Post a screenshot of what WU offers,
untick any Silverlight or Bing updates (unless you want them)
- I suggest that you hide those if you don't use them (right click on update - hide)


Then, see how your machine runs for a few days.
My System SpecsSystem Spec
31 Dec 2013   #75
Mysterious

Windows 7 Ultimate x86
 
 

Yes my download was stopped when it going to finish.in internet download manager it says do you want to know possible reason of data corruption ?
I think that was my net problem,because it was too slow
it was in bytes that time,not in kilobytes
see i have a internet plan on my vodafone sim & i use my Nokia X2-01 mobile as modem
they give 50-60 kbps speed untill 2gb usgae.but after 2Gb usage it become really slow 5-6 kbps,sometimes even slow if something more running in baackground.That's why maybe it was in bytes,maybe something was updating in the background
btw i pay really reasonable price for my net 198rs. For 1 month unlimited plan.
here in india net prices are really hight than foreign countries.u're all lucky u born in foreign countries.be proud of u'rself.india is still low in development.in foreign countries u can get speed upto 1Gbps,but here maxium 21 mbps,for that really really high price we have to pay

Edit-yes i personalized my desktop,no issues now.but i'm curious is something messed up with windows,should i restore my system to an earlier time ?
& plz tell me how to uninstall all these programs from my computer that u mentioned in u'r previous posts ?
My System SpecsSystem Spec
31 Dec 2013   #76
Mysterious

Windows 7 Ultimate x86
 
 

i'm going to format my whole hard drive.because i think it's messed up badly & these programs also messed up with windows.which software i should choose for wiping all my hard drive.should i wipe it within windows or with a bootable cd/dvd ? btw i have Mini Tool Partition wizard home edition also...
1 thing i want to show these,they are in order Ist,2nd,third.task manager opened in straight performance tab >>

Edit-my ram showing high usage also :><<


Attached Images
i think i have got virus-tak-manager-first-time.jpg i think i have got virus-task-manager-after-5-seconds.jpg i think i have got virus-task-manager-after-15-seconds.jpg 
My System SpecsSystem Spec
31 Dec 2013   #77
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

A clean reinstall is always a guarantee of the best operating environment.

If your machine is 64bit, then I recommend installing Win7 Ult x64. The COA on your machine will allow either 32 or 64 bit install.... it just depends if your machine is 32 or 64 bit.

A few things some people miss
Have your network device drivers on seperate media (CD or Flash drive) - Asus should have them, but you need them BEFORE the clean install

Have your paid program discs available or make sure you can download and instlal them with a license key.

Create your Asus recovery discs

People don't miss this, but it needs to be amplified - Backup your user data!!!!

See: Clean Reinstall - Factory OEM Windows 7
My System SpecsSystem Spec
16 Jan 2014   #78
Mysterious

Windows 7 Ultimate x86
 
 

Hi guys...still not re-installed because i want to wipe data from my whole drive.so i'll be sure no data & viruses left anywhere.plz tell any good & faster software !!

Edit-btw i have mini tool partition wizard home edition also.but that is very very slow when it wipe data more securely & i should wipe data within windows or a bootable disc of some software would be better ?
My System SpecsSystem Spec
29 Jan 2014   #79
Mysterious

Windows 7 Ultimate x86
 
 

I installed windows 8 pro x64.wiped all partitions with mini tool partition wizard home edition with slow method (Fill sectors with zero & one) by saving my data on other drive while wiping other. Before my cpu usage become normal 0-1 % then again now it stay on 3-4% after i install some important programs on my laptop.is it okay ?
My System SpecsSystem Spec
07 Feb 2014   #80
Britton30
Microsoft MVP

Windows 7 Ultimate X64 SP1
 
 

Yes, that seems quite normal.
My System SpecsSystem Spec
Reply

 i think i have got virus




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Possible Memory Leak Virus - Anti-virus detects nothing?
Hello, I am needing some support on what is exactly taking up all the RAM on my brother's PC as after about 8 hours of uptime, 65% of my Physical Memory is being used up with nothing really open. I did some research and found out it was a possible memory leak or virus, so I first tried to run...
Performance & Maintenance
how to fix / clean windows from ramnit virus and virut virus?
my windows infected ramnit virus and virut virus,how to clean them?
System Security
I have a virus and unable to run/download anti-virus software
Hi, This is my first time posting to the forum. I am not that knowledgeable with computers, but can follow basic instructions. My laptop is acting funny--I think I have a virus. However, I am unable to run any anti-malware or anti-virus software. I try to run McAfee and I get an error...
System Security
Want ideas for Virus removal if virus shows up in safemode CMD
Hi, Looking for general ideas on how everyone else handles a strong virus. If the virus is showing up in Windows regular mode, it opens in safemode and opens in safmode with command prompt. Besides the usual such as boot to repair mode and use system restore, dock hard drive to another pc and...
System Security
RPC Virus message in Action Center, though the virus seems to be gone?
So I was managing my Laptop (Compaq Presario CQ57 with Windows Home Premium SP1) after a long time away from it, I left it in the care of a friend of mine, I noticed a few strange things. 1) I couldn't update Windows. 2) I couldn't turn ON my firewall 3) Windows Security Center was missing....
System Security
Want are the best afforable anti-virus for a trojan virus
what anti-virus would be great at getting rid of a trojan virus some of the anti virus i have used told me i had one but could not delete it.
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:51.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App