Page 1 of 2 12 LastLast
Results 1 to 15 of 16

Thread: Need help removing a virus!!!

  1. #1

    Join Date
    Jan 2010
    Location
    St.Helens
    Posts
    606
    Thanks
    115
    Thanked 25 Times in 22 Posts
    Rep Power
    1

    Default Need help removing a virus!!!

    dfg.exe to be exact.

    MSSE removes it then asks to restart. After restart it comes back.

    It claims to be a "data recovery" thing. It isnt, MSSE says its a Trojan.

    How do i get rid?

    Its my Dad's PC and my sister has been on it and royally ****ed it up.

    Oh and its only on one user account. Which is strange. Il try deleting the account.

    Thanks
    to the moon
    AMD FX 4100 3.6GHz | some sh***y Gigabyte mobo| HyperX Blu 8GB 1600MHz| WD Green 2TB | Gigabyte R9 270X Windforce 2GB | Aerocool DS Cube

  2. #2
    Moderator Snakedoc's Avatar
    Join Date
    Jan 2010
    Location
    etc etc etc
    Posts
    16,354
    Thanks
    1,819
    Thanked 2,922 Times in 1,865 Posts
    Rep Power
    9

    Default

    Try Ccleaner, Mbam and Superantispyware. Then delete all restore points and reboot.

  3. The Following 2 Users Say Thank You to Snakedoc For This Useful Post:


  4. #3
    Moderator Spaceboy's Avatar
    Join Date
    Aug 2010
    Location
    Leicester
    Posts
    18,802
    Thanks
    4,238
    Thanked 3,951 Times in 2,950 Posts
    Rep Power
    11

    Default

    What snake said
    malwarebytes is where I'd start
    Quote Originally Posted by omega View Post
    as soon as I get home it's #kleenexcentral
    ---------------------------------------------------------------
    Silversone RV02 3570k, z77x-d3h, 8gb exceleram, GTX480, 240gb M500, 2x2tb mirror w/ 60gb cache drive

  5. #4
    The Original Bammster Bammy's Avatar
    Join Date
    Nov 2007
    Location
    192.168.0.4
    Posts
    2,239
    Thanks
    597
    Thanked 718 Times in 457 Posts
    Rep Power
    5
    Last edited by Bammy; 4 years ago at around teatime.

  6. #5

    Join Date
    Jan 2010
    Location
    St.Helens
    Posts
    606
    Thanks
    115
    Thanked 25 Times in 22 Posts
    Rep Power
    1

    Default

    Deleted the user account.

    Just ran CCleaner,

    Running Malwarebytes now.

    Then il run superantispyware


    Thanks alot guys!
    to the moon
    AMD FX 4100 3.6GHz | some sh***y Gigabyte mobo| HyperX Blu 8GB 1600MHz| WD Green 2TB | Gigabyte R9 270X Windforce 2GB | Aerocool DS Cube

  7. #6
    Moderator Spaceboy's Avatar
    Join Date
    Aug 2010
    Location
    Leicester
    Posts
    18,802
    Thanks
    4,238
    Thanked 3,951 Times in 2,950 Posts
    Rep Power
    11

    Default

    As snake said, don't forget to delete the restore points, viruses hide there sometimes.
    Quote Originally Posted by omega View Post
    as soon as I get home it's #kleenexcentral
    ---------------------------------------------------------------
    Silversone RV02 3570k, z77x-d3h, 8gb exceleram, GTX480, 240gb M500, 2x2tb mirror w/ 60gb cache drive

  8. #7
    Fish Fingers
    Join Date
    Mar 2011
    Location
    London
    Posts
    335
    Thanks
    103
    Thanked 57 Times in 39 Posts
    Rep Power
    1

    Default

    Malwarebytes!

  9. #8

    Join Date
    Jan 2010
    Location
    St.Helens
    Posts
    606
    Thanks
    115
    Thanked 25 Times in 22 Posts
    Rep Power
    1

    Default

    Ye ive just deleted the restore points.

    EDIT: Malwarebytes has just found something 10 minutes in!

    Thanks
    to the moon
    AMD FX 4100 3.6GHz | some sh***y Gigabyte mobo| HyperX Blu 8GB 1600MHz| WD Green 2TB | Gigabyte R9 270X Windforce 2GB | Aerocool DS Cube

  10. #9
    Moderator Snakedoc's Avatar
    Join Date
    Jan 2010
    Location
    etc etc etc
    Posts
    16,354
    Thanks
    1,819
    Thanked 2,922 Times in 1,865 Posts
    Rep Power
    9

    Default

    When MBAM scan completes (It can take a couple of hours) make sure when removing infections, that all items are selected. MBAM tends not to select tracking cookies and such so right click on a infection and click "Select all".

  11. #10

    Join Date
    Jan 2010
    Location
    St.Helens
    Posts
    606
    Thanks
    115
    Thanked 25 Times in 22 Posts
    Rep Power
    1

    Default

    Haha!

    The one result with Malwarebytes was RemoveWAT!

    All clean otherwise. Which is good i suppose...
    to the moon
    AMD FX 4100 3.6GHz | some sh***y Gigabyte mobo| HyperX Blu 8GB 1600MHz| WD Green 2TB | Gigabyte R9 270X Windforce 2GB | Aerocool DS Cube

  12. #11
    Moderator Snakedoc's Avatar
    Join Date
    Jan 2010
    Location
    etc etc etc
    Posts
    16,354
    Thanks
    1,819
    Thanked 2,922 Times in 1,865 Posts
    Rep Power
    9

    Default

    Oh dear, I hope your Windows is genuine.

  13. #12

    Join Date
    Oct 2011
    Location
    Manchester
    Posts
    32
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    1

    Default

    I would format the Drive...

  14. #13
    I Oc'd my beard in 2012 Tainted's Avatar
    Join Date
    Dec 2009
    Location
    Belfast
    Posts
    2,829
    Thanks
    623
    Thanked 571 Times in 327 Posts
    Rep Power
    2

    Default

    Quote Originally Posted by flyboyovyick View Post
    Haha!

    The one result with Malwarebytes was RemoveWAT!

    All clean otherwise. Which is good i suppose...
    Naughty, naughty!

    Those who believe in telekinetics, raise my hand.

  15. #14

    Join Date
    Oct 2010
    Posts
    361
    Thanks
    6
    Thanked 42 Times in 34 Posts
    Rep Power
    1

    Default

    normally i would just use Spybot , but most antiviruses cant check you RESTORE folder so first thing i do is make sure system restore is disabled or any viruses you get rid of can be reinstalled (i think)

  16. #15
    MICHELIN -gate Aaron's Avatar
    Join Date
    May 2006
    Posts
    24,754
    Thanks
    649
    Thanked 2,273 Times in 1,562 Posts
    Rep Power
    15

    Default

    I think its more that it appears the user is potentially stealing the software and using a pirated/non registered version.

    Not a good idea to post that you have that file on your computer. And definitely not on the forum of a Microsoft Partner who may be obliged to report the IP to MS. But it is a great way of ringing the forum alarm bells and making sure you're watched very closely!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •