Infected by igfxmtc malware

Ask for help on any software/hardware related problems. .

Moderators: 0xA110C, Admins

Post Reply
User avatar
patrickmiami
Phantom VIP
Phantom VIP
Posts: 375
Joined: January 6th 2012 - 4:44 am
P2P Clients: MorphXT
Has thanked: 24 times
Been thanked: 1 time

Infected by igfxmtc malware

Post by patrickmiami » January 1st 2018 - 10:34 pm

Looking for solution. Infected by igfxmtc.exe. (running process on normal and safe mode) :-( (tried adwcleaner and roguekiller with no results)
Image

User avatar
drcoolmor
Global Moderator
Global Moderator
Posts: 26099
Joined: June 7th 2010 - 1:12 am
P2P Clients: eMule
Azureus
Has thanked: 2 times
Been thanked: 694 times

Re: Infected by igfxmtc malware

Post by drcoolmor » January 1st 2018 - 10:51 pm

this will take care of it :roll:

Portable UnHackMe v9.20 Build 620

Code: Select all

https://userscloud.com/l5wgkf8fcrps
https://dailyuploads.net/1iz5fsvrhk7i
Image

User avatar
patrickmiami
Phantom VIP
Phantom VIP
Posts: 375
Joined: January 6th 2012 - 4:44 am
P2P Clients: MorphXT
Has thanked: 24 times
Been thanked: 1 time

Re: Infected by igfxmtc malware

Post by patrickmiami » January 2nd 2018 - 3:35 am

:dunno: UnHackMe cannot kill process (running at start even in safe mode)
Image

User avatar
Will-I-Am
Phantom
Phantom
Posts: 635
Joined: December 11th 2014 - 11:46 pm
P2P Clients: eMule & uTorrent
Location: The Big Apple
Has thanked: 4 times
Been thanked: 26 times

Re: Infected by igfxmtc malware

Post by Will-I-Am » January 2nd 2018 - 5:35 am

This link has the following topic: 'How to remove IGFXMTC.EXE manually'

(Solved!) Here is how to remove "IGFXMTC.EXE" virus (Gen:Variant.Midie.42390 (B)) COMPLETELY: Simple "IGFXMTC.EXE" Removal Guide
http://greatis.com/blog/how-to/remove-i ... -virus.htm



igfxmtc.exe - Google Search
https://www.google.com/search?client=af ... gfxmtc.exe

User avatar
drcoolmor
Global Moderator
Global Moderator
Posts: 26099
Joined: June 7th 2010 - 1:12 am
P2P Clients: eMule
Azureus
Has thanked: 2 times
Been thanked: 694 times

Re: Infected by igfxmtc malware

Post by drcoolmor » January 2nd 2018 - 6:13 am

Will-I-Am wrote:
January 2nd 2018 - 5:35 am
This link has the following topic: 'How to remove IGFXMTC.EXE manually'

(Solved!) Here is how to remove "IGFXMTC.EXE" virus (Gen:Variant.Midie.42390 (B)) COMPLETELY: Simple "IGFXMTC.EXE" Removal Guide
http://greatis.com/blog/how-to/remove-i ... -virus.htm
Why I recommend you to use an automatic way?

You know only one virus name: "IGFXMTC.EXE", but usually you have infected by a bunch of viruses.
The UnHackMe program detects this threat and all others.
UnHackMe is quite fast! You need only 5 minutes to check your PC.
UnHackMe uses the special features to remove hard in removal viruses. If you remove a virus manually, it can prevent deleting using a self-protecting module. If you even delete the virus, it may recreate himself by a stealthy module.
UnHackMe is small and compatible with any antivirus. :whistle:

also if you cant delete it try....
Unlocker v1.9.0 (Installer + Portable) + v1.9.2-P2P

Description: Unlocker is a very light software solution that helps rename, move or delete locked files with a single click and through a very simple yet efficient interface.

Unlocker is a must-have tool on all Windows computers. Millions of Windows users are stuck with locked files every day, so Unlocker should be given at least a try.

Release Name: Unlocker.v1.9.0.Installer+Portable+v1.9.2-P2P
Size: 2.0 MB

Code: Select all

https://dailyuploads.net/y30msjgj1bqm

https://userscloud.com/b0nqlh8dai1g

http://cloudyfiles.com/nz09alm8mh0m

https://filescdn.com/9hx3s834gzcf

https://rapidgator.net/file/36245f11fdee8929c80055ee71512a3e
Image

User avatar
Will-I-Am
Phantom
Phantom
Posts: 635
Joined: December 11th 2014 - 11:46 pm
P2P Clients: eMule & uTorrent
Location: The Big Apple
Has thanked: 4 times
Been thanked: 26 times

Re: Infected by igfxmtc malware

Post by Will-I-Am » January 2nd 2018 - 5:08 pm

Check this out also:

Malwarebytes | FREE Anti-Malware & Malware Removal
https://www.malwarebytes.com/mwb-download/

Remediation - cleans infected machine

User avatar
drcoolmor
Global Moderator
Global Moderator
Posts: 26099
Joined: June 7th 2010 - 1:12 am
P2P Clients: eMule
Azureus
Has thanked: 2 times
Been thanked: 694 times

Re: Infected by igfxmtc malware

Post by drcoolmor » January 2nd 2018 - 9:51 pm

if none of the apps help u, try freeware Hiren’s BootCD 15.2
http://www.hirensbootcd.org/download/ :wink2:
Image

User avatar
patrickmiami
Phantom VIP
Phantom VIP
Posts: 375
Joined: January 6th 2012 - 4:44 am
P2P Clients: MorphXT
Has thanked: 24 times
Been thanked: 1 time

Re: Infected by igfxmtc malware

Post by patrickmiami » January 3rd 2018 - 5:38 pm

Thanks Doc, Yep so far nothing works. neither UnHackMe or malwarebytes can find the source. Able to stop it (them) only for few minutes with "Process explorer" from sysinternals. it is probably installed as service Image
Image

User avatar
drcoolmor
Global Moderator
Global Moderator
Posts: 26099
Joined: June 7th 2010 - 1:12 am
P2P Clients: eMule
Azureus
Has thanked: 2 times
Been thanked: 694 times

Re: Infected by igfxmtc malware

Post by drcoolmor » January 3rd 2018 - 11:39 pm

i hope you have already ..in folder and files option, to show hidden files :hmm:
with Hiren’s BootCD if you know where the file is, you should be able to delete them.
the disk also contains some a/v programs. also check your host file.
I had Wajam, and had a hard time getting it all out, I have other boot cds and was able to delete it with them.

Code: Select all

Registry Keys: 9
Adware.Wajam.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\45537cfa29d96df02c0fe722080a9673, , [f899be678f1bb284382219248080f709], 
Adware.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\83c1b454d882f0696c7a2027c6e1d9ce, , [5e33b96ce4c60a2c5ba26191748ee020], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [1879a4811595241260b6be371ce5e31d], 
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [fc95f72e278310268d899065e021b24e], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, , [9ff29b8aa70374c2cf479b5ae21f07f9], 
Adware.Social2Search.EncJob, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\a5f83b14da5dc9f459faf9f6636be8dc, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.SearchAwesome, HKLM\SOFTWARE\SrcAAAesom Browser Enhancer, , [81107ca9c6e47bbb0721189e59a73dc3], 
Adware.SearchAwesome, HKLM\SOFTWARE\WOW6432NODE\SrcAAAesom Browser Enhancer, , [682959cc3f6b191d1612773fcf3117e9], 
PUP.Optional.Wajam, HKU\S-1-5-21-3559210594-213708560-1038674922-1001\SOFTWARE\WajIEnhance, , [29684fd6604a79bd5578b8b35fa3ba46], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc, , [2f622104b2f863d355e8c69c51b028d8], 

Files: 22
Adware.Wajam.Generic, C:\Windows\System32\drivers\45537cfa29d96df02c0fe722080a9673.sys, , [47776106d0177ce7152354549ee2caaf], 
Adware.Wajam, C:\Windows\83c1b454d882f0696c7a2027c6e1d9ce.dll, , [5e33b96ce4c60a2c5ba26191748ee020], 
Adware.Wajam, C:\Windows\Temp\wjmB258.tmp\update.exe, , [b0e1ad78edbd4ee847af769554adee12], 
Adware.Wajam, C:\Windows\Temp\wjmB834.tmp\update.exe, , [1081e93c05a5c76ff105da31aa571ae6], 
Adware.Wajam, C:\Windows\Temp\wjmBF48.tmp\update.exe, , [1e73fa2b3278b086a84e5bb050b1ad53], 
Adware.Wajam, C:\Windows\Temp\wjmC738.tmp\update.exe, , [f0a1170e7c2ea49242b425e6738ed22e], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\WBE_uninstall.dat, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\6a1a28513b773cacdf3f4e0712969810, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\e0d91ad5b94cdff029e3aba8a1af5ac8.exe, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\e627205e138a25f8d6333b7080e2b57f.exe, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\e9fbfeb71c817ca20597942ba65fb9b6.ico, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\f8bd067e924a6d10b87fa7ccb3101880.exe, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\mozcrt19.dll, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\nspr4.dll, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\nss3.dll, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\plc4.dll, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\plds4.dll, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\service.dat, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\service_64.dat, , [2f622104b2f863d355e8c69c51b028d8], 
Adware.Social2Search.EncJob, C:\Program Files\a5f83b14da5dc9f459faf9f6636be8dc\softokn3.dll, , [2f622104b2f863d355e8c69c51b028d8], 
Trojan.Agent, C:\Windows\e627205e138a25f8d6333b7080e2b57f.exe, , [ace577ae1793b87e5842ec445ba77e82], 
RiskWare.DontStealOurSoftware, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (0.0.0.0 keystone.mwbsys.com), ,[434e71b4e8c2f442700156f12ed243bd]
Image

User avatar
patrickmiami
Phantom VIP
Phantom VIP
Posts: 375
Joined: January 6th 2012 - 4:44 am
P2P Clients: MorphXT
Has thanked: 24 times
Been thanked: 1 time

Re: Infected by igfxmtc malware

Post by patrickmiami » January 4th 2018 - 1:21 am

:dunno: i just finished to burn hirens. let see
Image

User avatar
patrickmiami
Phantom VIP
Phantom VIP
Posts: 375
Joined: January 6th 2012 - 4:44 am
P2P Clients: MorphXT
Has thanked: 24 times
Been thanked: 1 time

Re: Infected by igfxmtc malware

Post by patrickmiami » January 4th 2018 - 7:46 pm

Good news !! finally fund and deleted by running under Win XP from Hirens (lost few keygen, but happy to get my CPU running 100 %) Thanks for the help ! :cheers:
Image

Post Reply

Return to “General Help and Support”