Results 1 to 3 of 3
  1. #1
    New Lounger
    Join Date
    Jan 2015
    Posts
    1
    Thanks
    2
    Thanked 0 Times in 0 Posts

    Angry compatibilitycheck malware

    I recently have been getting multiple instances of a process called "compatibilitycheck.exe" which together take up virtually 100% of the cpu (Win7 SP1) on one of our computers. There is also a service called "compatibility verify" which gets installed at startup (even though I have previously disabled it). I can remove the source files (C:/users/"name"/app data/roaming/compatibility verifier) by restarting in safe mode and I can remove the registry entries, but they are mysteriously reinstalled on the next boot.

    I cannot find a username or other identifying information for these programs. I suspect that they are being installed by some adware, but I cannot identify that either.

    Has anyone encountered this and been able to remove it? Thanks.

  2. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,484
    Thanks
    283
    Thanked 572 Times in 476 Posts
    Welcome to the Lounge, baukus

    Looks like this: http://www.herdprotect.com/signer-ad...69afa75af.aspx, upload the exe file to virustotal.com for a check on the Publisher name and current detections as verification.

    Startup trigger should be here: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run → compatibilitycheck.exe. Stop and then disable the Service from services.msc and deletete the Run key from the Registry location above.

    Do that from Safe Mode and it should fix it - unless you have a different version - and then clean out what's left over. Reboot and test.


    (In the Registry entry above, ignore the 'space' in 'CurrentVersion', it's added by the forum software for some odd reason)

  3. The Following User Says Thank You to satrow For This Useful Post:

    baukus (2015-01-11)

  4. #3
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,164
    Thanks
    47
    Thanked 976 Times in 906 Posts
    Have you run the usual array of anti-malware products on the computer? Malwarebytes Anti Malware, ADWcleaner, Spybot etc.

    cheers, Paul

  5. The Following User Says Thank You to Paul T For This Useful Post:

    baukus (2015-01-11)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •