I have a virus on my computer and need help fixing it.

hilol

Junior Member
Apr 19, 2011
4
0
0
when i turn my pc on i have to go to safe mode because when i let it go all the way through the icons on my desktop wont appear and the only way i can shut the pc off is through Taskmanager and it lags like crazy and the bar at the bottom with start on it is not visible even when i click the arrow and try to drag it up it doesnt work. anyone kno how to help me?
 
May 13, 2009
12,333
612
126
Have you ran a virus scan? I'd try to run a couple different antivirus scans first and see if that works. I believe you can run avg from a boot cd if you can't get to windows. Virus' today are so complex you almost always have to do a clean install to get rid of it and even then they still can stick around.
 
Last edited:

C1

Platinum Member
Feb 21, 2008
2,386
113
106
Try a Windows "Repair".

Also regarding OFT's experience, if you "Wipe" the drive before a new install, nothing previous survives.
 

hilol

Junior Member
Apr 19, 2011
4
0
0
i have tried antivirus Comodo caught a file called TrojWare.Win32.Agent.Gen@ some numbers does that help?
 

TJCS

Senior member
Nov 3, 2009
861
0
71
I would reformat and reinstall if i were in your shoes. You can never really be absolutely sure that you have entirely removed the infection. It might have copied & replaced files else where in your system.
 

pete1229

Senior member
Feb 12, 2011
325
0
0
Comodo and CCleaner are both excellent (and free) tools for cleaning your PC of infected registry files, but I have to agree with TJCS, the only way to be sure you are completely rid of viruses, adware and malware is to reformat, and reinstall. It's not an easy solution by far, but it is the most effective one. That's why its always a good idea to backup! backup! backup!
 

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
Comodo and CCleaner are both excellent (and free) tools for cleaning your PC of infected registry files, but I have to agree with TJCS, the only way to be sure you are completely rid of viruses, adware and malware is to reformat, and reinstall. It's not an easy solution by far, but it is the most effective one. That's why its always a good idea to backup! backup! backup!

How does a reinstall get rid of malware on other drives?
A reinstall is not necessary a cold boot using a av boot disk is all you have to use. There's lot of free ones around the web. Even kaspersky have one you can download. A format doesn't remove malware from the ram as well.
 

Athadeus

Senior member
Feb 29, 2004
587
0
76
I decided to take on a virus removal 'properly' rather than reinstall for once this last year. I used all the tools I found working on http://forums.anandtech.com/showthread.php?t=74891. Removed 7 infected files between all of them, changed the security setup a lot, put MSE on it and there has been no sign of infection again.

However, it was still not worth the time, even though it was a fairly clean install before the malware. I spent about 3 hours on it, but I let the longest script run overnight which would have been bad to sit through.

My totals:
1 successful malware removal attempt.
3-4 failed malware removal attempts which turned into...
100+ reinstalls due to malware.
 

hilol

Junior Member
Apr 19, 2011
4
0
0
im glad to say i have just fixed my computer after many times of trying system restore it finally worked and i got it to go through and i got my comodo to run and another malware protection and comodo found 17 threats and the other program found 2 so i restarted my pc and i ran Window Washer and now my internet browser opens fast and it seems to be fine again. Woot!
 

pete1229

Senior member
Feb 12, 2011
325
0
0
How does a reinstall get rid of malware on other drives?
A reinstall is not necessary a cold boot using a av boot disk is all you have to use. There's lot of free ones around the web. Even kaspersky have one you can download. A format doesn't remove malware from the ram as well.

Who said anything about other drives? Hilo said he can boot into safe mode, why would you not boot into safe mode to help analyze the problem and run whatever registry washer you have? Why would there be malware on RAM? RAM is not flash memory, it's not ROM, once the system is shut down all the data on RAM is gone. If you format an HDD, the only data written to the RAM would be from the boot disk after the fresh install. If you want to get a guaranteed clean registry (which is where malware exists) then a clean install on a formatted HDD is the only way to go, unless of coarse you know exactly where the malware/virus resides within the thousands of registry files, and the only one who would know that would be the idiot who created the malware/virus in the first place.
 
Last edited:

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
im glad to say i have just fixed my computer after many times of trying system restore it finally worked and i got it to go through and i got my comodo to run and another malware protection and comodo found 17 threats and the other program found 2 so i restarted my pc and i ran Window Washer and now my internet browser opens fast and it seems to be fine again. Woot!

You want to hear the good news or the bad news first. Please download hijack this
www.hijackfree.com/en/hijackfree/
Then post the log file here.

Then download the following
http://www.combofix.org/download.php

Disable your antivirus and run it.
Malware hides themselves in your restore folders and gets restored with your system settings. Comodo won't detect them if they pack themselves
 

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
Who said anything about other drives? Hilo said he can boot into safe mode, why would you not boot into safe mode to help analyze the problem and run whatever registry washer you have? Why would there be malware on RAM? RAM is not flash memory, it's not ROM, once the system is shut down all the data on RAM is gone. If you format an HDD, the only data written to the RAM would be from the boot disk after the fresh install. If you want to get a guaranteed clean registry (which is where malware exists) then a clean install on a formatted HDD is the only way to go, unless of coarse you know exactly where the malware/virus resides within the thousands of registry files, and the only one who would know that would be the idiot who created the malware/virus in the first place.

Sorry didn't mean it in a bad way but most malware can't be picked up in safe mode especially rootkits. Then without knowing the name of the malware booting into safe mode trying to clean your pc with a file virus like Virut will destroy your data beyond repair. There's no disinfecting from there nor any other way as to wipe all your data then. Not even online experts can save you. That's why you never delete a file flagged as suspicious or go into safe mode. You upload it to a webscanner to get its name and its procedures. What I normally do I let it loose in a virtual machine tracing it then use a script to with Combofix to hunt it down.
For rootkits gmner. No single application, virus or anything has stood against gmner. It can bring down any rootkits. the ram thing always when your done cleaning switch of the pc completely for a few minutes to clear the ram completely. You can pop the sticks out aswell if you don't feel like waiting.
If you like to learn more about removing malware manually here are some good sources
http://www.backgroundtask.eu/Systeemtaken/Scan.php
Very good tool to start with
http://www.niksoft.at/download/startdreck.htm
 
Last edited:

VirtualLarry

No Lifer
Aug 25, 2001
56,572
10,207
126
If you want to get a guaranteed clean registry (which is where malware exists) then a clean install on a formatted HDD is the only way to go, unless of coarse you know exactly where the malware/virus resides within the thousands of registry files, and the only one who would know that would be the idiot who created the malware/virus in the first place.

Malware doesn't live in the registry. It can put entries into the registry, that cause it to load and/or auto-start, but it has to have a file in the filesystem proper, the malware doesn't solely exist in the registry. If you delete it from the filesystem, the registry entries will have no effect.
 

Matt1970

Lifer
Mar 19, 2007
12,320
3
0
Sorry didn't mean it in a bad way but most malware can't be picked up in safe mode especially rootkits. Then without knowing the name of the malware booting into safe mode trying to clean your pc with a file virus like Virut will destroy your data beyond repair. There's no disinfecting from there nor any other way as to wipe all your data then. Not even online experts can save you. That's why you never delete a file flagged as suspicious or go into safe mode. You upload it to a webscanner to get its name and its procedures. What I normally do I let it loose in a virtual machine tracing it then use a script to with Combofix to hunt it down.
For rootkits gmner. No single application, virus or anything has stood against gmner. It can bring down any rootkits. the ram thing always when your done cleaning switch of the pc completely for a few minutes to clear the ram completely. You can pop the sticks out aswell if you don't feel like waiting.
If you like to learn more about removing malware manually here are some good sources
http://www.backgroundtask.eu/Systeemtaken/Scan.php
Very good tool to start with
http://www.niksoft.at/download/startdreck.htm

That is somewhat not true. Most Malware can be detected in safe mode and is the industry standard in removal. Booting in safe mode holds most malware at bay since most use windows files only loaded in normal mode. Then infected registry settings and files can safely be detected and removed. There are some infections that run in safe mode but they are the exception and not the rule. Those are more tricky buy they too can be held at bay.
 

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
That is somewhat not true. Most Malware can be detected in safe mode and is the industry standard in removal. Booting in safe mode holds most malware at bay since most use windows files only loaded in normal mode. Then infected registry settings and files can safely be detected and removed. There are some infections that run in safe mode but they are the exception and not the rule. Those are more tricky buy they too can be held at bay.

Well good luck doing that with a file virus or detecting rootkits. I don't say don't boot in safe mode its bad. I'm saying don't boot into safe mode until you identified the type of malware. A file virus like Virut will kill your pc. If its rogue malware like fake security software and you have identified it yes its ok safe mode will be a good idea then. But you'll have no luck with removing rootkits in safe mode.
 

LiuKangBakinPie

Diamond Member
Jan 31, 2011
3,903
0
0
Malware doesn't live in the RAM. Nothing does. You turn off your machine, POOF - all contents of RAM disappear.

Who said anything about turn off unless you run a complete ram test at the post rebooting does not clear your ram. How many people clear their page file at shutdown btw?
 

MadScientist

Platinum Member
Jul 15, 2001
2,183
63
91

jackofalltrades

Senior member
Feb 25, 2007
399
0
76
I am sorry but there are some infections out now that are nearly impossible to remove manually or with software and it sure isn't worth the time, You can do a clean install then after installing a good antivirus and antimalware program scan all disks for problems and delete them! don't clean them the program or file it has been tampered with not worth it.

Malware cannot reinfect your computer until you open the file there won't be registry entries for it to work until you open the file, then delete all infected files.I have 20 years experience and I don't carry infected files.

Best way to avoid problems don't go there.