• Donate
    TheWindowsForum.com needs donations to stay online!
    Love TheWindowsForum.com? Then help keep it alive by sending a donation!

Ground.exe infection-keeps reinfecting even when removed by antivirus programs

WELCOME TO THEWINDOWSFORUM COMMUNITY!

Our community has more than 63,000 registered members, and we'd love to have you as a member. Join us and take part in our unbiased discussions among people of all different backgrounds about Windows OS, Software, Hardware and more.

Register Log in
Q

quick

New Member
Aug 16, 2016
4
0
There is a malware Ground.exe that keeps re-infecting even after removed by malawarebytes etc. I read a few years ago about where the writer indicated a file in the windows that was responsible for it re-infecting it. But I cannot remember where I read it or what the file was. None of the removal methods online will stop it from re-infecting.
 
Funny, knee jerk tells me rootkit, all the symptoms. Something that persistent after malwarebytes is probably either a rootkit or something that reaches out to the web for reinfection. I would get a few powerful a/v malware tools together, bleeping computer is a really good source. Unplug the system before you run these programs. After you clean out whatever the programs find, run system file checker.
  1. Click Start.
  2. In the search bar, type CMD .
  3. Right-click CMD.exe and select Run as Administrator.
  4. On the User Account Control (UAC) prompt, click Yes.
  5. In the command prompt window, type SFC /scannow and press Enter .
  6. System file checker utility checks the integrity of Windows system files and repairs them if required.
This will prevent the system from going out and becoming infected again, if that's what is going on.
However Dog's philosophy is, when in doubt, wipe it out. woof
 
Last edited:
Ok, I use SFC all the time, but I will DL an antivirus program that scans before boot up. To get rid of it if it is in the boot sector. Malarebytes doesn't permanently get rid of it. Thanks
 
quick said:
There is a malware Ground.exe that keeps re-infecting even after removed by malawarebytes etc. I read a few years ago about where the writer indicated a file in the windows that was responsible for it re-infecting it. But I cannot remember where I read it or what the file was. None of the removal methods online will stop it from re-infecting.
Click to expand...
There is a program in windows that is hidden that creates the ground.exe program. Ground is a Bitcoin generator, that alters your EXE. Sapping the CPU power generated by them when they are activated. It alters the EXE file attaching a g to it, and weakens the original EXE file, so it cannot be used. I remember three years ago reading an entry here listing the windows operating file that created ground.exe. But I have lost that paper. So, as long as that hidden windows' perpetrator is still there, it just keeps generating ground.exe. If anyone has it please post it here, so we can get rid of this menace, also it's been my experience that SFC doesn't fix the problem.
 
You must log in or register to reply here.

Similar threads

TWF Bot
  • Article
Open and run DxDiag.exe - Microsoft Support
Replies
0
Views
532
TWF Bot
TWF Bot
hacxx
Do anyone know for which version of windows bitsadmin.exe is not deprecated?
Replies
0
Views
638
hacxx
hacxx
hacxx
Register Quick Batch File Compiler - With only one cmd.exe command
Replies
0
Views
1K
hacxx
hacxx
hacxx
Register WinRAR (All versions) - With only one cmd.exe command
Replies
3
Views
2K
hacxx
hacxx
hacxx
Register Website 2 APK Builder Pro with one cmd.exe command
Replies
0
Views
1K
hacxx
hacxx

Latest posts

Back