Got a PC with virus on, want to do everything except format

Satangel · Apr 3, 2013

So a person we know pretty well just brought her (ancient) laptop here, says she has a virus on it.
The virus immediately makes all downloaded files branded as 'virus, potentially harmful for your PC', hence she can't download anything anymore.
I installed SUPER AntiSpyware & Malwarebytes, they found a lot of things but the virus isn't gone. I used both the free versions. I also ran a quick Microsoft Security Essentials scan, didn't find anything......

I've uninstalled Chrome (her browser) 3 times, even with REVO Uninstaller, the next time I install Chrome (downloaded on another PC, transferred via USB), it gives the same problems.
Even Internet Explorer can't download anything (it marks it as virus again...), I haven't tried Firefox though.

So basically, what can I do? All browsers seem to be marked, and the 3 Anti virus programs I usually use don't find it....
I can format, she's bringing the Windows DVD tomorrow, but that's of course last option.

Rydian · Apr 3, 2013

http://gbatemp.net/threads/infection-removal-and-prevention-guide.298763/
Try the exe file association reset.

WiiUBricker · Apr 3, 2013

If your computer is really infected, their is a good chance that no tool will help.

trumpet-205 · Apr 3, 2013

Do we know what kind of virus we are dealing with? You should do repair only under Safe Mode.

Satangel · Apr 3, 2013

Rydian said:
http://gbatemp.net/threads/infection-removal-and-prevention-guide.298763/
Try the exe file association reset.

I tried, it's like the registry file isn't there. I can see it in the .zip archive, but when I extract it or try to run it, nothing happens. It's like the .reg file isn't even there.
I turned on hidden files, didn't show up either.

WiiUBricker said:
If your computer is really infected, their is a good chance that no tool will help.

True that, but you never know. I'm not keen on formatting, last resort.

trumpet-205 said:
Do we know what kind of virus we are dealing with? You should do repair only under Safe Mode.

It seems to affect all browsers. I just installed Firefox on her laptop, the first time that laptop ever had Firefox, and that browser could download. But when I tried to run the exe or the files I've downloaded, it was like they didn't exist. Very weird stuff, it gives no error in the download, but when you try to approach the downloaded file(s) in Windows, it's like nothing ever happened.

Clydefrosch · Apr 3, 2013

just save all important data with a linux live cd and format it.

if malwarebytes didnt help you, chances are it cant be removed without a trace anyway.

Rydian · Apr 3, 2013

Satangel said:
I tried, it's like the registry file isn't there. I can see it in the .zip archive, but when I extract it or try to run it, nothing happens. It's like the .reg file isn't even there.
I turned on hidden files, didn't show up either.

True that, but you never know. I'm not keen on formatting, last resort.

It seems to affect all browsers. I just installed Firefox on her laptop, the first time that laptop ever had Firefox, and that browser could download. But when I tried to run the exe or the files I've downloaded, it was like they didn't exist. Very weird stuff, it gives no error in the download, but when you try to approach the downloaded file(s) in Windows, it's like nothing ever happened.

Hm, try this tool then.
http://download.bleepingcomputer.com/grinler/eXplorer.exe
See if it kills the malware process long enough for you to run some cleanup stuff.

Issac · Apr 3, 2013

Install some antivirus software (there are free ones that people recommend sometimes, I forgot the name. Or my personal favourite Eset Nod32 (or anything you can find)).
Reboot the computer in Safe Mode (pressing F8 or F6 or something like that on boot). Run the antivirus software and let it do it's magic. If it doesn't solve anything... Maybe something else will do.

Ericthegreat · Apr 3, 2013

Hey why not update it to a new version of windows (if compatable) and it will prob make the pc faster and will move all files to windows.old. But the prob is browsing habits, but its prob hard to tell a girl to stop watching porn on bad sites

trumpet-205 · Apr 3, 2013

Satangel said:
It seems to affect all browsers. I just installed Firefox on her laptop, the first time that laptop ever had Firefox, and that browser could download. But when I tried to run the exe or the files I've downloaded, it was like they didn't exist. Very weird stuff, it gives no error in the download, but when you try to approach the downloaded file(s) in Windows, it's like nothing ever happened.

Can you try it under Safe Mode?

* Run msconfig
* Under "Boot" tab you will see "Boot Options" with 4 options below "Safe Boot". Check "Safe Boot" and "Network".
* Reboot your PC, you should be now in Safe Mode

Also I recommend you use online scanning tool,
http://housecall.trendmicro.com/
http://www.pandasecurity.com/homeusers/solutions/activescan/
http://www.eset.com/us/online-scanner/

Run all of them.

Magsor · Apr 4, 2013

Install windows onto a vhd; faster and easier...
1. You need windows 7 premium or windows 8
2. Choose a new install of course
3. Where your prompted to choose a disk press shift-f10 (this will open command prompt)
4. diskpart
5. create vdisk file=c:\vhd.vhd type=expandable maximum=22222
6. attach vdisk
7. alt-tab to refresh and choose your new disk

pyromaniac123 · Apr 4, 2013

Take hdd out of pc, get 2lbs of thermite, put thermite on top of hdd, stick some magnesium ribbon into thermite and light. Virus deleted.

pokefloote · Apr 4, 2013

pyromaniac123 said:
Take hdd out of pc, get 2lbs of thermite, put thermite on top of hdd, stick some magnesium ribbon into thermite and light. Virus deleted.

I see you live up to your username

The Milkman · Apr 4, 2013

Why not just do a system restore? Unless its rooted (which means you dun fucked up on a new lvl) a system restore should patch it right up and you dont have to loose alot of data.

trumpet-205 · Apr 4, 2013

The Milkman said:
Why not just do a system restore? Unless its rooted (which means you dun fucked up on a new lvl) a system restore should patch it right up and you dont have to loose alot of data.

Bad idea. A lot of times system restore will be tainted with maleware.

The Milkman · Apr 4, 2013

trumpet-205 said:
Bad idea. A lot of times system restore will be tainted with maleware.

Really? I mean im no professional but in the cases ive had a major virus on my PC a system restore at least got me back in to fix the problem.

trumpet-205 · Apr 4, 2013

The Milkman said:
Really? I mean im no professional but in the cases ive had a major virus on my PC a system restore at least got me back in to fix the problem.

Many malewares now target system restore, hence it is not recommended to use it. You can however, use third-party restore/disk-cloning software instead.

jefffisher · Apr 4, 2013

first thing you want to do is use ccleaner to disable all startup programs you dont recognize and restart.
then use taskmanager show processes from all users find anything that should not be there right click and open file location, if its a virus file end the process tree not just the single process the whole tree then delete the file.
check the ccleaner startup programs again and restart once more.
if the problem is still not fixed you should use the more advanced taskmanager in command prompt with the tasklist and taskkill commands make sure to /t and /f to the process to force it and all its children processes closed.
if the problem is still not fixed, it probably will be that simple method will get rid of almost anything then there is a program that can remove all known virus's to date but it's a last resort as it will reset nearly all windows settings and i can't find it right now.

Satangel · Apr 4, 2013

Issac said:
Install some antivirus software (there are free ones that people recommend sometimes, I forgot the name. Or my personal favourite Eset Nod32 (or anything you can find)).
Reboot the computer in Safe Mode (pressing F8 or F6 or something like that on boot). Run the antivirus software and let it do it's magic. If it doesn't solve anything... Maybe something else will do.

What difference will it make if I run those scanners in normal boot or not? I've run scanners , several scanner, just not in safe mode.

Ericthegreat said:
Hey why not update it to a new version of windows (if compatable) and it will prob make the pc faster and will move all files to windows.old. But the prob is browsing habits, but its prob hard to tell a girl to stop watching porn on bad sites

Well she says formatting is allowed, but I mainly don't want to hassle with drivers and finding a Windows version that still works. I told her I'll need the boot DVD, she's bringing it here as we speak. But I'm scared of drivers and product keys, which all come down to me finding them....

Magsor said:
Install windows onto a vhd; faster and easier...
1. You need windows 7 premium or windows 8
2. Choose a new install of course
3. Where your prompted to choose a disk press shift-f10 (this will open command prompt)
4. diskpart
5. create vdisk file=c:\vhd.vhd type=expandable maximum=22222
6. attach vdisk
7. alt-tab to refresh and choose your new disk

Not an option sorry, she's a real noob user, only uses Skype/Spotify/Gmail, nothing else. This PC runs like 3 hours in a week, I can't hassle her with virtual shit....

The Milkman said:
Why not just do a system restore? Unless its rooted (which means you dun fucked up on a new lvl) a system restore should patch it right up and you dont have to loose alot of data.

Will try, but I doubt there will be restore points.

jefffisher said:
first thing you want to do is use ccleaner to disable all startup programs you dont recognize and restart.
then use taskmanager show processes from all users find anything that should not be there right click and open file location, if its a virus file end the process tree not just the single process the whole tree then delete the file.
check the ccleaner startup programs again and restart once more.
if the problem is still not fixed you should use the more advanced taskmanager in command prompt with the tasklist and taskkill commands make sure to /t and /f to the process to force it and all its children processes closed.
if the problem is still not fixed, it probably will be that simple method will get rid of almost anything then there is a program that can remove all known virus's to date but it's a last resort as it will reset nearly all windows settings and i can't find it right now.

You sure the virus will just sit there as a process? I think it's more of a root/registry problem (just my 2 cents), it seems to embed itself in all browsers. In all browsers, that's what makes it so hard, even the brand new Firefox which never was installed on it, fails to work properly.

Pong20302000 · Apr 4, 2013

if shes got nothing important, Wipe, and reinstall windows, cleans the lot then

if important files then use a live CD to extract the files onto a usb then wipe and reinstall

better than having it still hiding somewhere

you can download all plain window discs legally, key should be on the bottom of the laptop

Got a PC with virus on, want to do everything except format

BEAST

Resident Furvert™

News Police

Embrace the darkness within

BEAST

Well-Known Member

Resident Furvert™

Iᔕᔕᗩᑕ

Not New Member

Embrace the darkness within

I am watching you

ส็็็็็็็็็็็็็็็็็็็(ಠ益ಠส็็็็็็็็็็็็็็็็็็็

Well-Known Member

GBATemp's Official Asshat Milkman

Embrace the darkness within

GBATemp's Official Asshat Milkman

Embrace the darkness within

Well-Known Member

BEAST

making notes on everything

Similar threads

Popular threads in this forum