If you need urgent support, call 999 or go to your nearest A&E. To contact our Crisis Messenger (open 24/7) text THEMIX to 85258.
How to get rid of a stubborn virus
Former Member
Posts: 1,876,323 The Mix Honorary Guru
in General Chat
Right i've got this stubborn virus on my computer, Mcafee picks it up but doesn't quarinteen or delete it. I want this bastard off my computer so tell me how to get it off please. I'm the most tech literate person in this household (a terrifying notion in its self) , and i dont have a tech fairy to ask for help. I tried to start in safe mode but thats not working, it automatically restarts everytime i try, what should i do?
Please help urgently guys
Please help urgently guys
0
Comments
Here's the guide to using it.
http://www.spywareterminator.com
They should get rid of it. Also, do a internet lock down on your McAfee whilst scanning so it doesn't download anymore. Where did you get it from?
I'm gonna use those to try and have a good whack at it, but if not, i'll try your suggestion as well Jim, However keep the advice coming cause i have an ominous feeling i may need to use everything at my disposal lol.
Don't forget to put it back on though if you do this. I ended up trying this with one virus, forgot it was turned off and then got some horrible malware later. Because the system restore was off we ended up with a full system restore to get rid of it.
First thing you need to find out is how the 'virus' is getting executed when your PC boots up. To do that you need to find out what the .exe it's using is called. Your virus scanner should tell you this when it's detected. It's also likely that there's several copies of it on your computer hidden away in less accessible places like system restore points as someone mentioned earlier. Once you know what you're looking for you want to check the most obvious methods it could be using to run at startup. Windows XP has a tool that'll show you programs that run at startup. Click start/accessories/system tools/system information. Expand 'Software Environment' in the left menu and then click 'start up programs'. Check through the list and find any instances of the virus, location tells you the method it's using to startup. Anything beginning with HK is in your registry.
Next thing to do is download a program called Procexp that lists all the processes currently running on your PC. Reboot into safe mode run procexp and stop any running instances of the virus. Sometimes there's two instances that launch another when one of them is closed. The best way around that is to suspend both of the processes then terminate them. After that delete all instances from startup and the registry and reboot. Do another virus scan and see what comes up.
There's other more tricksy methods malware can use to launch and hide itself but if you're not very technically literate I'm not going to go into them. It might be a good idea to get a rootkit scanner though; sysinternals (the guys who make procexp) have one on their site.