Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do I still have a Vawtrak virus?


  • Please log in to reply
2 replies to this topic

#1 EasterInTheBatcave

EasterInTheBatcave

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:50 PM

Posted 31 March 2016 - 07:42 AM

Last night, I was downloading two files simultaneously. They finished at about the same time, and when they finished, Microsoft Security Essentials detected a Vawtrak Trojan virus and quarantined it. I immediately deleted the virus, and both files, and ran an antivirus scan on Malwarebytes. The scan didn't detect anything. However, the 'Windows Activation Technologies' pop-up (the same one in the attached image) kept appearing every two minutes or so, so I knew there was something fishy.

 

IMG_0428.JPG
VIEW IMAGE: http://www.mediafire.com/view/h2fbssgnj0u2p9k/IMG_0428.JPG

 

I shut down the computer, then restarted it in Safe Mode. I ran a full scan in Microsoft Security Essentials while in Safe Mode. It didn't detect anything. I restarted the computer in normal mode, and now the pop-up isn't appearing anymore, and everything appears normal.

 

However, how do I know the virus isn't running in the background undetected? Does anyone have experience with this?  Thanks!



BC AdBot (Login to Remove)

 


#2 EasterInTheBatcave

EasterInTheBatcave
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:50 PM

Posted 31 March 2016 - 09:48 AM

UPDATE: I just restored my system to March 28th. I'm hoping that that will eradicate the virus, if it was still lingering.



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:50 PM

Posted 31 March 2016 - 02:50 PM

YOu can run RKill... Utility to terminate malicious processes that may interfere with running anti-malware tools.

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista/Windows7, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Run scans again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users