This little bugger won't go away spybot search and destroy only disables it doesn't delete and avast only picks up when it tries to access the net.I'm fed up looking for it.
I have searched the net but only annoys me further.Has any one else got rid of it or a method that works.
The other question.
My other computer had a virus called ntdete1t.com virus how do I re-enable windows to view hidden folders and files
registry editing didn't help still stays hidden.
Windowslive.exe virus
-
- Registered User
- Posts: 10962
- Joined: 03 Oct 2003, 02:00
- Processor: Intel 2500K
- Motherboard: Gigabyte B75M D3H
- Graphics card: inno3d Jericho 570GTX
- Memory: 8Gig DDR3 1333mhz
- Location: I'm so Goth, my wrists slit themselves.
- Contact:
Windowslive.exe virus
"In my weird politically incorrect hypothetically incoherent contradicting obscured world definitively maybe"
-
- Forum Moderator
- Posts: 10000
- Joined: 05 Feb 2004, 02:00
- Processor: Intel i5-4690K @ 4.5GHZ
- Motherboard: ASUS Maximus VII Formula
- Graphics card: ASUS GTX970 Strix
- Memory: 4 x 4GB Corsair Dominators
- Location: Messing with your Mind
- Contact:
Re: Windowslive.exe virus
A reinstall of the OS is probably the best method.
Art Williams wrote:I'm not telling you it is going to be easy, I'm telling you it's going to be worth it.
-
- Registered User
- Posts: 14338
- Joined: 04 Sep 2004, 02:00
- Processor: i386DX Sooper
- Motherboard: A blue one
- Graphics card: A red one
- Memory: Hard drive
- Location: On a Möbius strip
- Contact:
Re: Windowslive.exe virus
Check your CurrentVersion\Run registry entries. You'll be able to trace it in case it's there.
If I weren't insane: I couldn't be so brilliant! - The Joker
-
- Registered User
- Posts: 10962
- Joined: 03 Oct 2003, 02:00
- Processor: Intel 2500K
- Motherboard: Gigabyte B75M D3H
- Graphics card: inno3d Jericho 570GTX
- Memory: 8Gig DDR3 1333mhz
- Location: I'm so Goth, my wrists slit themselves.
- Contact:
Re: Windowslive.exe virus
I just formatted like a month ago all my settings and every thing is just back to the way I like it....
I also keep getting attacked from an IP address avast blocks it but`it doesn't show up on the log so I don't have the address
I also keep getting attacked from an IP address avast blocks it but`it doesn't show up on the log so I don't have the address
"In my weird politically incorrect hypothetically incoherent contradicting obscured world definitively maybe"
-
- Registered User
- Posts: 14338
- Joined: 04 Sep 2004, 02:00
- Processor: i386DX Sooper
- Motherboard: A blue one
- Graphics card: A red one
- Memory: Hard drive
- Location: On a Möbius strip
- Contact:
Re: Windowslive.exe virus
Start -> Run -> cmd -> netstat -nwizardofid wrote:I just formatted like a month ago all my settings and every thing is just back to the way I like it....
I also keep getting attacked from an IP address avast blocks it but`it doesn't show up on the log so I don't have the address
If I weren't insane: I couldn't be so brilliant! - The Joker
-
- Registered User
- Posts: 10962
- Joined: 03 Oct 2003, 02:00
- Processor: Intel 2500K
- Motherboard: Gigabyte B75M D3H
- Graphics card: inno3d Jericho 570GTX
- Memory: 8Gig DDR3 1333mhz
- Location: I'm so Goth, my wrists slit themselves.
- Contact:
Re: Windowslive.exe virus
Thanks got the IP it's a local address on MTN's network same as mine only the last 3 numbers differ.
Some perhaps scanning for an open port what gives?
Some perhaps scanning for an open port what gives?
"In my weird politically incorrect hypothetically incoherent contradicting obscured world definitively maybe"
Re: Windowslive.exe virus
Just do a quick test. Run, command + enter. Type: CD\ + enter, dir /ah + enter. See if you can see an autorun.inf file.
"It is the mark of an educated mind to be able to entertain a thought without accepting it." - Aristotle
Intel i5 2500; AsRock Z77 Extreme 4; Asus GTX580; 4x 2GB DDR3 1333; Intel 520 240GB SSD + 2x WD 3TB + 2TB Samsung; Samsung 22X DVD/RW; 23" LG W2343T-PF; Huntkey 700W
Intel i5 2500; AsRock Z77 Extreme 4; Asus GTX580; 4x 2GB DDR3 1333; Intel 520 240GB SSD + 2x WD 3TB + 2TB Samsung; Samsung 22X DVD/RW; 23" LG W2343T-PF; Huntkey 700W
-
- Registered User
- Posts: 10962
- Joined: 03 Oct 2003, 02:00
- Processor: Intel 2500K
- Motherboard: Gigabyte B75M D3H
- Graphics card: inno3d Jericho 570GTX
- Memory: 8Gig DDR3 1333mhz
- Location: I'm so Goth, my wrists slit themselves.
- Contact:
Re: Windowslive.exe virus
Thanks checked no autorun.inf files
avast is telling me this
DCOM EXPLOIT-attack from 41.112.142.133:135/tcp
WTF!?
The information doesn't help much.But it is a local IP.Scanning perhaps.?
Is there any way one of tracing the address to the city or tower at least?
avast is telling me this
DCOM EXPLOIT-attack from 41.112.142.133:135/tcp
WTF!?
The information doesn't help much.But it is a local IP.Scanning perhaps.?
Is there any way one of tracing the address to the city or tower at least?
Code: Select all
% This is the AfriNIC Whois server.
% Note: this output has been filtered.
% Information related to '41.112.0.0 - 41.127.255.255'
inetnum: 41.112.0.0 - 41.127.255.255
netname: MTNNS-NET6
descr: MTN Network Solutions
country: ZA
admin-c: ZC164-AFRINIC
tech-c: ZC164-AFRINIC
org: ORG-MNSL1-AFRINIC
status: ALLOCATED PA
mnt-by: AFRINIC-HM-MNT
mnt-lower: TF-209-212-96-0-209-212-127-255-MNT
mnt-domains: TF-209-212-96-0-209-212-127-255-MNT
source: AFRINIC # Filtered
parent: 41.0.0.0 - 41.255.255.255
organisation: ORG-MNSL1-AFRINIC
org-name: MTN Network Solutions (Pty) Ltd.
org-type: LIR
country: ZA
address: 2 Falcon View, Constantia Business Park, Cnr 14th Ave & Hendrik Potgieter Drive.
address: Weltevreden Park, Ext 18 2196
e-mail: [Email Removed]
e-mail: [Email Removed]
e-mail: [Email Removed]
e-mail: [Email Removed]
phone: +2711 912 3000
fax-no: +2711 911 5443
admin-c: ZC164-AFRINIC
tech-c: ZC164-AFRINIC
mnt-ref: AFRINIC-HM-MNT
mnt-ref: TF-196-41-160-0-196-41-191-255-MNT
mnt-by: AFRINIC-HM-MNT
remarks: This organization uses RWhois. For reassignment information,
remarks: Please see their RWhois server at:
remarks: rwhois://rwhois.mtnns.net:4321.
remarks: noc e-mail: <[Email Removed]>, phone: +27 11 860110860
remarks: abuse e-mail: <[Email Removed]>, phone: +27 11 860110860
source: AFRINIC # Filtered
person: MTN Network Solutions Pty Ltd
address: 7 Sturdee Ave
address: Rosebank, Gauteng 2196
address: ZA
phone: +27 0 11 280 0860
e-mail: [Email Removed]
nic-hdl: ZC164-AFRINIC
source: AFRINIC # Filtered
"In my weird politically incorrect hypothetically incoherent contradicting obscured world definitively maybe"