Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

two viruses in win 8 system32


  • Please log in to reply
3 replies to this topic

#1 paulos123

paulos123

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:06:01 PM

Posted 11 August 2014 - 06:45 AM

i hava installed webroot secure anywhere and it found these two files as viruses.

 

roboot.exe(windows/system32)

secoh-qad.exe(windows)

 

well till know im not deleting them cause i dont want to harm the os,maybe they are false positives.

can someone help cause in google cant find anything helpful.......



BC AdBot (Login to Remove)

 


m

#2 Alex&Vanko

Alex&Vanko

  • Banned
  • 1,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:01 AM

Posted 11 August 2014 - 02:45 PM

Hi paulos123 and :welcome:

So OS is Windows!

See in Programs and Features for something you don`t know.

roboot.exe is may be this - PUP.Optional.PCPerformer.A

secoh-qad.exe - Win64/HackKMS.C

 

So if you have PCPerformer and KMS Spico there.

 

Please download AdwCleaner by Xplode HERE onto your desktop.

    Close all open programs and internet browsers.
    Double click on AdwCleaner.exe to run the tool.
    Click on Scan.
    After the scan is complete click on "Clean"
    Confirm each time with Ok.
    Your computer will be rebooted automatically. A text file will open after the restart.
    Please post the content of that logfile with your next answer.
    You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool HERE to your desktop.

    Shut down your protection software now to avoid potential conflicts.
    Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    Post the contents of JRT.txt into your next message.

 

Start AdwCleaner and click uninstall and it will disappear.

Download Delfix HERE to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

    Activate UAC (optional; some users prefer to keep it off)
    Remove disinfection tools
    Create registry backup
    Purge System Restore
    Reset system settings

 

Download Malwarebytes' Anti-Malware Free 2.0.2 HERE,to your desktop.
    - Do not accept the Free Trial Version at this time -
    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform quick scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad.
    * Post the log back here.
How to open the log:
Open MalwareBytes Anti-Malware and then click on History
On the left column, select Application Logs. Select the most recent log among the list, it is usually the one on the top (or sort by date) and open it.
Go to the bottom left corner to Export and select Text File (*.txt)
Save it to the desktop

 

Please download the ESET Online Scanner HERE and save it to your Desktop.
Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
    Start esetsmartinstaller_enu.exe with administartor privileges.
    Select the option Yes, I accept the Terms of Use and click on Start.
    Make sure that the option Remove found threats is checked, and the option Scan archives is checked.
    Now click on Advanced Settings and select the following:
        Scan for potentially unwanted applications
        Scan for potentially unsafe applications
        Enable Anti-Stealth Technology
    Click on Start. The virus signature database will begin to download. This may take some time.
    When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
    When completed select Uninstall application on close if you so wish
    Now click on Finish

Note: Do not forget to re-enable your antivirus application after running the above scan!

 

Thank you!


Edited by Alex&Vanko, 11 August 2014 - 02:58 PM.


#3 paulos123

paulos123
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:06:01 PM

Posted 11 August 2014 - 07:32 PM

thank man im gonna do the things and upload results



#4 paulos123

paulos123
  • Topic Starter

  • Members
  • 307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:greece
  • Local time:06:01 PM

Posted 25 August 2014 - 09:33 AM

close the topic its cooll im clean






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users