Solved

Remove Virus PWS:Win32/Fareit.gen!C

Posted on 2013-06-20
4
992 Views
Last Modified: 2016-11-23
I'm running Vista on Dell OptiPlex.  Microsoft Security Essentials keeps reporting: "Detected threats are being cleaned."

I tried removing all of the Detected Items in the History tab in MSE but they keep coming back.

How do I get rid of this virus?

Any help would be greatly appreciated.

Thanks,
Darin
0
Comment
Question by:DarinOBrien
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:DarinOBrien
ID: 39266967
Step One: I booted into safe mode.  

Step Two: I find no files in \system32\ that match [random].exe.  All files in system32 look legitimate to me and I find none dated within the last 30 days that would fit the description.

Step Two: Similarly, I find no files as described in the instructions as follows: C:\Users\name\AppData\Local\Temp\[random names].exe.

Step Three: I'm hesitant to delete any of the files I see in the Registry Editor.  Many of the entries fit the description [set of random numbers]  or [random characters].  At least they look random to me.  

Any other suggestions?

thanks,
darin
0
 
LVL 19

Accepted Solution

by:
*** Hopeleonie *** earned 500 total points
ID: 39267586
Did you run a full-system scan with Microsoft Security Essentials?
If no update Microsoft Security Essentials run a full scan and follow a full scan with Malwarebytes.
0
 

Author Closing Comment

by:DarinOBrien
ID: 39270060
I ran a full scan with MSE and found nothing and no MSE updates were available.

I ran full scan with Malwarebytes and it found 23 files.  I removed them all and the problem apparenty went away.

It's worth noting that none of the malware detected by Malwarebytes specifically referenced Fareit.gen!C.

Thanks much!
darin
0

Featured Post

[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (http://www.experts-exchange.com/M_3598771.html), the Zone Advisor for the Virus and …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question