WTF is this(Virus)?

Wazz-1

Wazz-1

Wazz-1

Associate
Joined
13 Nov 2011
Posts
1,169
Location
Lost somewhere.......
Wasn't sure were to post this, but here goes.
A colleague (no really) has this on his laptop, after removing 7 trojans and 500 odd instances of malware/spyware it still pops up after desktop loads!
Anyone had this?
hg6b.jpg
 
I haven't had this as I don't view or store banned pornography. I'm sure he'll have fun in prison with Jamal and D'shaun though.
 
I've had to get rid of that one a few times for people at work.

I've removed it temporarily by booting windows from last known good config. but never gets rid of it as such.

The only way I've completely removed it in the past was to format. I found that if I didn't they would come back to me a month later with the exact same thing (and same webcam photograph). I'm assuming it buries itself for a long time and remains dormant for a month before it appears again
 
If it's Windows 7, take a look in C:\Users\<username>\AppData (which is a hidden folder). I've normally found them to be hiding there as small executables. If you see them, restart the machine to Safe Mode and shift-delete all of the random type of files you see there, including any temp stuff.

Then check the Registry at HKLM\Software\Microsoft\Windows\Currentversion\Run and RunOnce. The link to the dodgy .exe might be there too. If so, delete it.

Restart again, back to Safe Mode, and run MalwareBytes a few times until it comes clean.

Otherwise, it's a format, boy!
 
Azza said:
I haven't had this as I don't view or store banned pornography. I'm sure he'll have fun in prison with Jamal and D'shaun though.
Click to expand...
:D I did tell him that I felt it was my duty as a law abiding citizen to take the laptop to the local police station and report it, but he bribed me with bacon sandwiches so...

Indie said:
I've had to get rid of that one a few times for people at work.

I've removed it temporarily by booting windows from last known good config. but never gets rid of it as such.

The only way I've completely removed it in the past was to format. I found that if I didn't they would come back to me a month later with the exact same thing (and same webcam photograph). I'm assuming it buries itself for a long time and remains dormant for a month before it appears again
Click to expand...

Yes did this and yes the bugger came back a day later:(

Pestilence said:
If it's Windows 7, take a look in C:\Users\<username>\AppData (which is a hidden folder). I've normally found them to be hiding there as small executables. If you see them, restart the machine to Safe Mode and shift-delete all of the random type of files you see there, including any temp stuff.

Then check the Registry at HKLM\Software\Microsoft\Windows\Currentversion\Run and RunOnce. The link to the dodgy .exe might be there too. If so, delete it.

Restart again, back to Safe Mode, and run MalwareBytes a few times until it comes clean.

Otherwise, it's a format, boy!
Click to expand...
Thanks I will give it a go if not I will just format:)
 
OMG, seriously, look in the top right of the picture.... wtf is the Queen on there!! What the hell has that got to do with anything. That made me lol. Metropolitan police, Cheshire police. What Tard designed that page.
 
Wazz-1 said:
Some useful info there, ill give it a go. Thanks:)
Click to expand...

Oh, you'll also want to clear any System Restore points on the machine, either through system restore itself, or by manually deleting the contents of C:\System Volume Information\ (hidden, system folder).

In the registry, it could also be kept under the user account, so check HKEY_USERS\<User SID>\Software\Microsoft\Windows\CurrentVersion\Run and RunOnce for each SID available.
 
I've had this a few times before. Cryptolocker is another one of them which you cant even remove. You have to pay them to receive the code then it really goes away..
 
i say hose the windows install.

safest way to get rid of things (including no doubt a raft of crapware) speeds up a machine no end and holp to teach the importance of keeping windows up to date and not opening stupid emails.
 
Metropolitan Police virus
Removed with hitman pro, very good, fast and easy to use.
Happy laptop:D:D
Thanks for all the input Guys:)
 
You must log in or register to reply here.
Back
Top Bottom