Remove Win64.Patched.B.Gen with Effective Solution

Win64.Patched.B.Gen Scenario

Win64.Patched.B.Gen carries on plaguing PC users and making money thereby in the wake of Win64:Patched-A [Trj]. According to the files and folders (C./Windows/system/user32, c:\Windows\System32\services.exe and C:\WINDOWS\system32\winntddu.dll) flagged by installed anti-virus programs, it can be told clearly that Win64.Patched.B.Gen affects system files. Thus problems listed below emerge to surface:

1. More variations of win64 like Conedex.B, agent.BA Trojan and sirefef Trojan will be detected by installed security utilities.
2. Computer stops responding to most any input.
3. CPU won’t stay stable in the middle of operation.
4. Error message could occur to block some running.

In effect, the problems aren’t the real causes to hasten Win64.Patched.B.Gen removal. People should know its dangers under the cover of mechanical problems. Keep reading to rich your knowledge about Win64.Patched.B.Gen and get the most effective way finally. Any help request will be answered immediately by VilmaTech Online Support if you click on the live chat button below.

 

What Win64.Patched.B.Gen Does?

Win64.Patched.B.Gen explains it well as a Trojan horse equipped with typical Trojan characters to take advantage of vulnerability. The very first thing Win64.Patched.B.Gen does when it’s penetrating a system is to numerate drivers regarding security service as well as corresponding running processes and overwrite them with its .dat and .exe files to weaken functions, so that Win64.Patched.B.Gen manages to proceed.

Win64.Patched.B.Gen shares the same goal as any other infections, which is money. Its malicious driver will be loaded down after the overwriting to communicate with its data files to work in perfect union. It has been found that URL filed has been embedded in some of its data files, which is responsible for downloading tracking cookies onto the target machine from designated web sites by its author. Once tracking cookies are put into places, online whereabouts will be recorded. Such information can exchange for money as other spammers are eager to know online destinations so that they know where to put their products on for a better promotion or sales.

Incidental mechanical problems are not what Win64.Patched.B.Gen intends. However, to guarantee its own persistent stay for money, Win64.Patched.B.Gen has to weaken the overall guard. Besides, Win64.Patched.B.Gen exploits ports to form backdoor for additional downloads. Consequently, the target machine becomes susceptible to other infections. With more exotic items settling onto the target machine, the limited internal storage will be occupied considerably to result in a sluggish PC performance. Win64.Patched.B.Gen’s vicious attribute code would corrupt build-in documents or arouse conflicts within to bring up error issues.

It is always recommended to remove Win64.Patched.B.Gen as soon as possible so that no further problems pop up or no further threatens to information security. Considering the fact that Win64.Patched.B.Gen manages to dodge automatic removal by installed security utilities, it is advisable to employ manual way for a complete removal. Below is the recommended removal instruction. Follow the steps carefully to avoid any deviations or mistakes that could bring up more troubles. In the event that you are overwhelmed by the problems and don’t know how to proceed, senior technicians from VilmaTech Online Support are stand-by here to offer help.

 

Effective Way to Remove Win64.Patched.B.Gen

Step1. remove Win64.Patched.B.Gen in Safe Mode.

Windows 7/Vista/XP

• Restart system and keep tapping on “F8” key when the system is rebooting.
• When “Windows Advanced Options Menu” appears please choose ‘Safe Mode’ with your arrow keys and press Enter key.
  

 
Windows 8

• Restart system and keep tapping on”F8″ key while holding down Shift key.
• When a new screen appears please choose ‘See advanced repair options’ to proceed.
• Then select ‘Troubleshoot’ option and followed by ‘Advanced Options’.
• Choose ‘Windows Startup Settings’ next and hit ‘Restart’ on the lower right hand corner of the desktop to enter Safe Mode.

 
 
Step2. remove all temp files to further help remove Win64.Patched.B.Gen.

• Hold and press Win key and R key together and bring up Run box.
  
• Put in “%temp%” and hit Enter key to get a window filled with temp files.
• Select all with Ctrl+A key combination and remove them all.

 
 
Step3. access Database to remove anything related to Win64.Patched.B.Gen.

• Access Database with “regedit” command put in Run box enabled by Win+R key combination.
• Remove the following entries.
  

(tip: it is secure to backup entries even though malicious modifications have been made. The backup file can be a straw to clutch at when some rectifications are made incorrectly. Here’s the video to show how.)

HKEY_CLASSES_ROOTWindowFiles\Check_Associations
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetINTEXPLORE.pif\ToP
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun\[random numbers and letters]
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon “Shell” = “%Documents and Settings%\[UserName]\Application Data\hotfix.exe”
HKEY_CLASSES_ROOTCLSID{random numbers} shellOpenHomePageCommand.

• Navigate to the following entries respectively to find suspicious key value started with “Run” and delete accordingly.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders Startup=”C:\windows\start menu\programs\startup

 
 
Step4. end running processes and service associated with Win64.Patched.B.Gen.

• Access Task Manager with Ctrl+Alt+Delete (Ctrl+Shift+ESC for Win8 users) key combination.
• Click View tab to choose “Select Columns” and tick “Image Path Name” and PID.
  
• Meanwhile access Accessories under All Programs (All Apps for Win8 users) from Start menu (Start Screen for Win8 users).
• Choose System Tools and spread Software Environment in System Information window to select Running Tasks.
  
• End the culprit running processes and service according to the shown path name and service name in Task Manager and Service window (use “services.msc” command to access) respectively.
  

 
 
Step5. unveil hidden items to remove the ones generated by Win64.Patched.B.Gen.

Windows 7/XP/Vista

• Access “user accounts and family safety” from ‘Control Panel’ window and choose ‘Folder Options’ to proceed.
  
• Hit View tab to tick ‘Show hidden files and folders’ and non-tick ‘Hide protected operating system files (Recommended)’.
• Press Enter key would show all hidden files and folders.

 
Windows 8

• Access Windows Explorer from Start screen.
• Hit View tab to tick ‘File name extensions’ and ‘Hidden items’.
• Press Enter key would show all hidden files and folders.
  

C:\Windows/system/user32
c:\Windows\System32\services.exe
C:\WINDOWS\system32\winntddu.dll
C:\Windows\Installer\{648c7366-661d-8c7c-a2b5-bfc01b210a94}\U\000000CB.@

 
 

How to Prevent Win64.Patched.B.Gen

Win64.Patched.B.Gen is adept at exploiting vulnerability. Therefore, Win64.Patched.B.Gen can be expected on some loosely programmed software such as freeware, shareware and adware. Drive-by downloads should raise your attention when attempts are done to install a third-party program. Also, Win64.Patched.B.Gen is always taken as a tool to form backdoor and connect to remote server. Thus it attracts many cooperation opportunities with other infections/malware. Attacked by other infections could hold a chance to be harassed by Win64.Patched.B.Gen. Thus quick fix is another way to prevent Win64.Patched.B.Gen affection. There are of course other prevention ways:

1. Run regular full scans to find any potential dangers like vulnerability and infections.
2. Update or download the latest patch to the system.
3. Install website monitor, Firewall to help filter junk sites and sites with sensitive content so as to decrease the possibility to be attacked by Win64.Patched.B.Gen.
4. Download or update items from official sites rather than any prompt-up message from nowhere.
5. Do not accept and run files/ documents sent through chat tools casually and no click open any attachments in an Email sent by strangers.
6. No visit to unknown foreign web sites, especially the ones containing pornographic content or offering video downloads.

 

Win64.Patched.B.Gen Removal Recommendation

It is impossible to identify if Win64.Patched.B.Gen is introduced by other infections or introducing other infections onto the target machine. Therefore the surefire plan should be removing all problems and infections together with Win64.Patched.B.Gen so that the Trojan horse won’t re-emerge right after a reboot. To do this, specialized computer knowledge is required to dig out every single malicious item in local disk that cannot be removed by installed anti-virus programs since it looks so similar to system files. If any specialized technical help is needed, please do feel free to contact VilmaTech Online Support.

Published & last updated on March 24, 2014 by Erik V. Miller