Jump to content
skinbin

Help removing a virus or some-sort

Deleting the registry entry may solve that issue, but there may be more than that one entry. Have you tried using AdwCleaner?

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

I suggest you try this first, it's very good at finding adware that antivirus programs overlook. If it fails to solve your problem you could try deleting the registry entry.

Recommended Posts

Posted · Original PosterOP

Whenever I boot my PC the command prompt opens for a second or 2, and then chrome opens and loads 'ooov.net', which then redirects me to 'gamezdoka.org'. I'm at a bit of a loss of what to do now though as I've already tried using Avast, Malwarebytes Anti-Malware and SUPERAntiSpyware, as well as a System Restore, and non of them fixed it, or even found any sort of malware/virus/whatever it is at all.

 

Thanks for any help you can offer

Link to post
Share on other sites

Use HitmanPro and TDSSKiller


(NOW)War Horse:

CPU: AMD FX-6300 | Motherboard: MSI 970A-G43 | RAM: Corsair Vengeance Dual Channel 8GB 1600Mhz | GPU: MSI R7790 | Case: Dazumba D-Vito 903 | HDD 1 & 2: Seagate 1TB and Seagate 500GB | PSU: Corsair CX600
(WAS)Old Coop:
CPU: Intel C2D E7500 | Motherboard: Gigabyte G31M-ES2L | RAM: V-Gen 4GB Dual Channel | GPU: Galaxy GT210 | Case: Power-Up ??? | HDD: Seagate 500GB | PSU: Power-up 500W

MyAnimeList Profile | Heaven Society | HEIL THE MIGHTY AND POWERFUL LINUS | My Blog 'Unfinished Pieces' | Code of Conduct

Link to post
Share on other sites

open start menu in the search box type in msconfig. Launch it, click on boot then slick safe boot apply and restart computer. This will start your computer with only the bare essentials needed to run. Then use malwarebytes to do a scan and hopefully it should clean your pc up for you.


|CPU: Intel Core i7 4790k  | Motherboard: ASUS Z97 Sabertooth Mark 1 | GPU x 2 : EVGA GTX 780ti | RAM: 32GB (4x8GB) Corsair Vengeance 2133mhz  | PSU: Corsair 1000w RM Modular | STORAGE: Samsung 840 Evo 256GB, Samsung 840 Pro 250GB, 15TB Drobo NAS | COOLER: Full custom water cooling, Primochill Obsidian black tubing, Bitspower white fittings, 2 x EK GPU block, EK CPU block, Alphacool 360 Rad and 240 Rad, EK res pump combo | CASE: Corsair 750D |Operating System: Windows 8.1 64 bit | Keyboard & Mouse: Corsair K75 & Corsair M65

Link to post
Share on other sites
Posted · Original PosterOP

I forgot to mention that I'd already tried running Malwarebytes in safe mode, and it simply returned that my system was clean. I'll use  HitmanPro and TDSSKiller though and see if they find anything.

Link to post
Share on other sites
Posted · Original PosterOP

Just finished running them both, TDSSKiller found nothing and HitmanPro found 4 problems, though after a restart the problem still there. I've also tried running CCCleaner to see if it was a lingering registry entry or something but again, that didnt solve it either.

Link to post
Share on other sites

Last Resort: Reformat. THIS IS VERY VERY LAST RESORT, USE IF DESPERATE.


(NOW)War Horse:

CPU: AMD FX-6300 | Motherboard: MSI 970A-G43 | RAM: Corsair Vengeance Dual Channel 8GB 1600Mhz | GPU: MSI R7790 | Case: Dazumba D-Vito 903 | HDD 1 & 2: Seagate 1TB and Seagate 500GB | PSU: Corsair CX600
(WAS)Old Coop:
CPU: Intel C2D E7500 | Motherboard: Gigabyte G31M-ES2L | RAM: V-Gen 4GB Dual Channel | GPU: Galaxy GT210 | Case: Power-Up ??? | HDD: Seagate 500GB | PSU: Power-up 500W

MyAnimeList Profile | Heaven Society | HEIL THE MIGHTY AND POWERFUL LINUS | My Blog 'Unfinished Pieces' | Code of Conduct

Link to post
Share on other sites

I use Spybot, it has found more things than malwarebytes whenever I run it, maybe you can try that

 

maybe you can look in your startup folder what programs launch at boot and see if any weird ones are in there

Link to post
Share on other sites
Posted · Original PosterOP

I'm running a Spybot scan as I'm typing this, so hopefully that will return something. I've taken a look at my startup folder and nothing is in there besides Dropbox so there cab't be a problem there, especially since the command prompt opens before chrome does which makes me think that the problem is a lot deeper than just a rogue programme. 

 

Also, after some more searching I found another LTT thread from yesterday (http://linustechtips.com/main/topic/255026-need-help-to-remove-trojan/) with someone having the same problem, and the last post says that FarCry 4 is causing the problem, and that ' You just need to remove it from startup and from the registry located here: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run' to fix it. I've never messed with the registry before, though I have found a registry with the value data of 'cmd.exe /c start http://ooov.net && exit' so this looks like the root of my problem so shall I just delete it as recommended in the other thread?

 

Edit: Spybot just finished and found a couple of things, but nothing relating to this problem specifically so.

Link to post
Share on other sites

Ahhhh you're pirating FarCry 4, Joys and Troys of Pirating is always the best.


(NOW)War Horse:

CPU: AMD FX-6300 | Motherboard: MSI 970A-G43 | RAM: Corsair Vengeance Dual Channel 8GB 1600Mhz | GPU: MSI R7790 | Case: Dazumba D-Vito 903 | HDD 1 & 2: Seagate 1TB and Seagate 500GB | PSU: Corsair CX600
(WAS)Old Coop:
CPU: Intel C2D E7500 | Motherboard: Gigabyte G31M-ES2L | RAM: V-Gen 4GB Dual Channel | GPU: Galaxy GT210 | Case: Power-Up ??? | HDD: Seagate 500GB | PSU: Power-up 500W

MyAnimeList Profile | Heaven Society | HEIL THE MIGHTY AND POWERFUL LINUS | My Blog 'Unfinished Pieces' | Code of Conduct

Link to post
Share on other sites
Posted · Original PosterOP

I pirated it as a demo, yes, then I bought a legit copy about 20 minutes after testing how well it ran on my system. I pirated it last Sunday and have been playing the legit copy for the whole week, but the problem only occurred yesterday (6 days after the pirated version was uninstalled). I only mentioned Farcry because that post did. Obviously its a likely candidate for the root of my problem, just seems weird that it look almost a week to show itself. Anyway, is just deleting that registry entry a good or bad idea?

Link to post
Share on other sites
Posted · Best Answer

Deleting the registry entry may solve that issue, but there may be more than that one entry. Have you tried using AdwCleaner?

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

I suggest you try this first, it's very good at finding adware that antivirus programs overlook. If it fails to solve your problem you could try deleting the registry entry.


"PSU brands are meaningless, look up the OEM."

Link to post
Share on other sites
Posted · Original PosterOP

Nope, but I'll try it now. If that doesnt work then I'll just delete the registry entry and hope for the best I guess aha

Link to post
Share on other sites
Posted · Original PosterOP

Fantastic! AdwCleaner detected a couple of bad registry entries and deleted them and that seems to have fixed it perfectly. 

 

Thanks for your help everyone :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

Buy VPN

×