Solved

Remove Virus PWS:Win32/Fareit.gen!C

Posted on 2013-06-20
4
980 Views
Last Modified: 2016-11-23
I'm running Vista on Dell OptiPlex.  Microsoft Security Essentials keeps reporting: "Detected threats are being cleaned."

I tried removing all of the Detected Items in the History tab in MSE but they keep coming back.

How do I get rid of this virus?

Any help would be greatly appreciated.

Thanks,
Darin
0
Comment
Question by:DarinOBrien
  • 2
4 Comments
 
LVL 23

Expert Comment

by:tailoreddigital
ID: 39264905
0
 

Author Comment

by:DarinOBrien
ID: 39266967
Step One: I booted into safe mode.  

Step Two: I find no files in \system32\ that match [random].exe.  All files in system32 look legitimate to me and I find none dated within the last 30 days that would fit the description.

Step Two: Similarly, I find no files as described in the instructions as follows: C:\Users\name\AppData\Local\Temp\[random names].exe.

Step Three: I'm hesitant to delete any of the files I see in the Registry Editor.  Many of the entries fit the description [set of random numbers]  or [random characters].  At least they look random to me.  

Any other suggestions?

thanks,
darin
0
 
LVL 19

Accepted Solution

by:
*** Hopeleonie *** earned 500 total points
ID: 39267586
Did you run a full-system scan with Microsoft Security Essentials?
If no update Microsoft Security Essentials run a full scan and follow a full scan with Malwarebytes.
0
 

Author Closing Comment

by:DarinOBrien
ID: 39270060
I ran a full scan with MSE and found nothing and no MSE updates were available.

I ran full scan with Malwarebytes and it found 23 files.  I removed them all and the problem apparenty went away.

It's worth noting that none of the malware detected by Malwarebytes specifically referenced Fareit.gen!C.

Thanks much!
darin
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you got the Conficker. You could go to each machine and run the eye chart test (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html), but in a bigger environment, or if you prefer to work smarter and not harder, you need some …
As more computers now shipped with 64-bit version of Windows, more users are now using this Operating System.  So it's important to be aware how some 32-bit diagnostic tool works on these systems, so we know what to expect when analyzing the logs an…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now