The image above shows what I'm currently dealing with in my computer. Yes, it is a virus and I don't know how I got it. I went from having about 30 of them now to currently 1 it looks like. I don't want to reformat to get this off but I was wondering what I could do to try and remove this virus. I was told that running my computer in safe mode would do the trick but the last time I went into safe mode I ended up reformatting my computer due to something that had happened. Anyone got any suggestions? Please let me know if anyone has anything to say for this. And oh ya, if anyone says anything about the 'Microsoft Windows Malicious Software Removal Tool v2.1' that is supposed to detect and remove most viruses and what not, it doesn't work for me. It doesn't even know that this virus is here right now.
Thanks for the help,
~Joshgt2
None.
AFAIK, some viruses can only be removed in Safe Mode so it looks like you'll have to do that. I don't know how you ended up reformatting your computer from using Safe Mode before...
None.
Have you tried ad-ware? or perhaps a major brand anti virus program.
I am a Mathematician
Locate the file. Open up safe mode with command prompt. go to that file, and delete it. I did this once, but I actually had some sort of recovery program which essentially let me not even boot into safe mode, and went directly into a dos-type system.
Make sure you download hijack this, and see if that will help.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
AFAIK, some viruses can only be removed in Safe Mode so it looks like you'll have to do that. I don't know how you ended up reformatting your computer from using Safe Mode before...
Long story...
Have you tried ad-ware? or perhaps a major brand anti virus program.
I'm using BitDefender 2009, isn't that good?
Locate the file. Open up safe mode with command prompt. go to that file, and delete it. I did this once, but I actually had some sort of recovery program which essentially let me not even boot into safe mode, and went directly into a dos-type system.
Make sure you download hijack this, and see if that will help.
Can you give more information on how to do this? And what is "Hijack This"?
None.
Can you give more information on how to do this? And what is "Hijack This"?
http://www.google.com/search?hl=en&q=hijackthis&btnG=SearchI know, I know, astounding research I've done!
The trojan should be a simple file somewhere, and it should tell you the filepath. open up cmd (press win+r, then type cmd and enter). It will bring up a black window with a blinking cursor. Go to the location of the file by typing "cd c:\Windows\system32" if it is in windows\system32, which is probably where it's located. Then type del filename.extension. You may have to use some of the options for the command, so type in help del to get a list of what you might need to do.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
Ideally you want to do this in safe mode w/command prompt, or just simply with the command prompt.
"Parliamentary inquiry, Mr. Chairman - do we have to call the Gentleman a gentleman if he's not one?"
It may not be able to remove the virus because it's actually in use/running. Try and boot up in DOS or use something like CodeStuff Starter (I use it) to remove the virus if it boots up in your registry. Then delete the file manually. If that doesn't work, try other boot-up management utilities and then stop/remove/jam/something the virus. At the moment, it looks like it's in a process and it starts up at boot.
None.
Ideally you want to do this in safe mode w/command prompt, or just simply with the command prompt.
The only reason to do it in safe mode (and a good reason), is it makes it less likely for the delete action to fail because a process is currently accessing the file.That's what I just said. Windows, due to it's file-system, can obtain process locks, which prevent a file from being deleted, moved, renamed and copied (Read-Only basically). To combat this, you need to determine what is making the virus run.
At the moment, it looks like it's in a process and it starts up at boot.
What I mean by this is that it may start in the registry, in the WIN.ini, in the WIN.cnf or even in your Startup folder.
None.
The way I use to see if a virus is running and to kill it (and then deleting the offending files) is by getting process explorer and autoruns from microsoft (they're free, no worries). Then,
this article by Jeff Atwood is an excellent guide to using those tools.
None.
The way I use to see if a virus is running and to kill it (and then deleting the offending files) is by getting process explorer and autoruns from microsoft (they're free, no worries). Then,
this article by Jeff Atwood is an excellent guide to using those tools.
The only problem is is that if you don't have permissions to kill the process or you can't see it.
None.
Process Explorer shows all processes, which dlls are loaded by it, and if you go in its properties, you can also kill individual threads running inside a process (useful if the virus embedded itself in explorer.exe). The only problem is permissions if the virus is running as admin or system.
None.
Ad-aware (Lavasoft) is your best bet against a virus im thinking. The others here might say w/e about this, but ive gotten plenty of viruses, and all i do is ctrl+alt+delete if i see or think its running(the virus) then i go into safe mode and run lavasoft's ad-aware(full scan) and if it doesnt catch it i usually use the run prompt as others have said
None.