Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: "Virus" - GET ALL PASSWORDS

27 Dec 2010   #21
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Quote   Quote: Originally Posted by SledgeDG View Post
one more idea in case the culprit can't been found:
Make sure you see extensions of known files

next time when the exe reappears, delete it and then take any Text file, name it "GET ALL PASSWORDS.EXE"
Set it to read only and see if that malware file comes back by getting around this "construct"
I bet it doesn't
-DG
Ahhh...clever. It might also help to find the location of this EXE. For example, does it only occur on your deskttop? If it's in other locations, it can help us narrow down it's source.


My System SpecsSystem Spec
.
27 Dec 2010   #22
bmcdevitt

Windows 7 pro 64 bit
 
 

Quote   Quote: Originally Posted by SledgeDG View Post
one more idea in case the culprit can't been found:
Make sure you see extensions of known files

next time when the exe reappears, delete it and then take any Text file, name it "GET ALL PASSWORDS.EXE"
Set it to read only and see if that malware file comes back by getting around this "construct"
I bet it doesn't
-DG
brilliant
My System SpecsSystem Spec
27 Dec 2010   #23
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

I would offer this piece of advice up. If you have no idea what a program does, where it came from (it pops up on your desktop all of a sudden) and are unsure of it in any way, don't click it without thoroughly researching it first.
My System SpecsSystem Spec
.

27 Dec 2010   #24
EzioAuditore

Winbdows 7 ultimate x64 | Ubuntu 12.04 x64 LTS
 
 

You uploaded the file to virustotal, what was the result negative or positive? Any detections?
Also, if it comes back after every reboot which is surely not a good thing, download Autoruns from Sysinternals and check if there's any startup entry for it. There're many hidden startup locations too.. If you feel uncomfortable at the startup list, save the report and upload that here. There should be an option for it, may be in file menu. I cant recall now. Also, check your windows folder, any suspicious, randomly named file? Well, it could be little tiring but it's in best interest of you.
Also, as others said, have a look at running processes under task manager. If you see any suspicious entry, ask us or google that entry.
My System SpecsSystem Spec
27 Dec 2010   #25
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

To find the location of the program you can R click it, click on properties and it will display the target location, from there you can see where it's located on the system.

You can try deleting the folder and see if they gets rid of it. However, if this is a subborn piece of malware, it may not go quite so easy.

Other options include Revo uninstaller which will take out all the reg keys too, although this can mess up your system if you don't read the tutorial first.
My System SpecsSystem Spec
28 Dec 2010   #26
Kathy

Windows 7 Ultimate 32-bit SP1
 
 

Hey guys,
The problem is Solved..
For more details: "ESET online scanner, Startup Repair" ))
it was something like .. Keylogger,Trojan

Thank you all
My System SpecsSystem Spec
28 Dec 2010   #27
EzioAuditore

Winbdows 7 ultimate x64 | Ubuntu 12.04 x64 LTS
 
 

Quote   Quote: Originally Posted by Kathy View Post
Hey guys,
The problem is Solved..
For more details: "ESET online scanner, Startup Repair" ))
it was something like .. Keylogger,Trojan

Thank you all
Very well. Glad its solved. If you've a 32-bit system, consider using Zemana Antilogger. Its a great defence against loggers. Though its a shareware, comes with a 15 day trial.
My System SpecsSystem Spec
28 Dec 2010   #28
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Nice one. Glad its sorted.
My System SpecsSystem Spec
Reply

 "Virus" - GET ALL PASSWORDS




Thread Tools




Similar help and support threads
Thread Forum
Changing Passwords "Breaks" Win7Pro Workgroup
Just set up a workgroup for my desktop (my pc), laptop (wife's pc), and two external backup drives. Did some additional drive mapping for access ease. Everything is shared in both directions and functioning properly. ISSUE: The passwords were set up the same on both computers, and now I ...
Installation & Setup
"RPC Virus virus" message in action center?
I've had no problem with my computer in the past two days, yet I see an action center message today, supposedly from yesterday, warning me that "This problem was caused by the RPC virus, a known computer virus" and no further information. Since I've gotten no notification from my usual...
System Security
Changing the "minimize" "maximize" and "close" buttons of a theme
Ok so I'm using a custom visual style made by another user however I don't really like the buttons used that I mentioned above. The creator states it is acceptable to change the theme to however you like as long as you don't redistribute it anywhere. Ok so I opened up the .msstyles file (using...
Customization
BSOD every few hours: mostly "STOP: 0x00000F4", "c00021a" & "c0000135"
Hi everyone! Yesterday my HP laptop (Windows 7) started getting BSOD with various types of errors (mostly "STOP: 0x00000F4", "STOP: 0x0000007A", "c00021a" and one "missing %hs, c0000135"). Most of the time it restarts without any issues and works fine right after the BSOD and then an hour or two...
BSOD Help and Support
Need to add "TASKBARS" (MSese for "Launchpads", "Docks" NOT "Toolbars"
My office just upgraded, and I can no longer use Windows XP. On this system, I was able to add a separate taskbar to facilitate quick access to commonly-browsed folder locations on our vast network, and another one expedited the launching of useful programs and lists. Each task on each taskbar...
General Discussion
How can I be sure if I am still infected with "Win32/Small.CA" virus".
Hi I got a "Solve PC Issues" (white flag) saying "Remove the Win32/Small.CA virus". I am running MSE (Microsoft Security Essentials) on Windows 7 Pro (x64). So I did an update followed by a full scan using MSE. I then ran - Malware Anti-Virus - SUPERAntispyware - Microsoft Safety Scanner...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 21:31.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App