netshaman 0 Posted October 28, 2014 Share Posted October 28, 2014 it is the 3 rd time my pc is infected by an unknown virus/worm. ESET is unable to protect the computer in this case. it dont detect it and the only way to get rid of it is using ESET sysrescue on an usb key. This threat is identifiable only by one way. It occupies 9/10 of the disposal memory. If you have 16G it occupies 13G and so on. It enables partition hibernation mode so you need to type shutdown /s /t 0 to correctly shutdown the computer else sysrescue cannot wipe the threat. Can someone tell me what is the name of this worm had you ever heard of it recently ? it seems that a file named " kmspico" is infected by this but i m not sure at 100 %. this time i was infected after having updated Alien isolation on steam . Is Steam infected ? it is weird but before i played the same game with no problems...and it tooks only 3G of memory not 13... At each restart 2.1G are occupied by windows 8.1, after being infected 13 G are occupied and in the task manager the sum of all tasks memory occupation is 850 m ... why ESET don't detect this even the firewall don t seem to detect it . i m using internet security. in this case it is useless... Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted October 29, 2014 Administrators Share Posted October 29, 2014 I strongly doubt there are threats that allocate several GB of RAM. You wrote "it dont detect it and the only way to get rid of it is using ESET sysrescue on an usb key." So what did you exactly do after booting from a SysRescue usb key? Link to comment Share on other sites More sharing options...
netshaman 0 Posted October 30, 2014 Author Share Posted October 30, 2014 I run a on demand scan and after that all is returning to normal but sysrescue says nothing about an infection this is weird... Link to comment Share on other sites More sharing options...
ESET Insiders stackz 115 Posted October 31, 2014 ESET Insiders Share Posted October 31, 2014 (edited) it seems that a file named " kmspico" is infected by this but i m not sure at 100 %. As in KMSPico, the MS Windows and Office activator that is usually bundled with PUAs? Is your Windows installation genuine? Edited October 31, 2014 by stackz Link to comment Share on other sites More sharing options...
arridepcoptimizer 0 Posted December 4, 2014 Share Posted December 4, 2014 What kind of threat show on your computer or for what is the source of that threat. If you don't understand properly then choose a best antivirus or security software that will secured your data from any kind of harm. Link to comment Share on other sites More sharing options...
SweX 871 Posted December 5, 2014 Share Posted December 5, 2014 (edited) @arride.... Stop spam this and other forums, they are not advertising platforms to gain attention for the links in your signature. hxxp://forum.antivirus.baidu.com/index.php?topic=5697.msg6672#msg6672 hxxp://www.xiforums.com/Thread-Best-antivirus-for-window-computer?pid=873#pid873 hxxp://www.scottdizzle.com/viewtopic.php?f=26&t=919 Edited December 5, 2014 by SweX Link to comment Share on other sites More sharing options...
lisawayne 0 Posted December 6, 2014 Share Posted December 6, 2014 In few simple ways you can detect and remove virus from your PC. 1.) The intial step is that you need to scan your computer. 2.)If your computer is infected with virus then you should dissconnect it from Internet. 3.)The most crucial step is that you need to gather information about the virus, that how effective it is, what are bits symptoms. 4.) In this step you can ask for help from any search engine. 5.)And when you gather Information then you can easily uninstall the program. Link to comment Share on other sites More sharing options...
Recommended Posts