Nasty viruses

[merrillmck]

Yes, I boot in safe mode and the virus is named Trojan.Mitglieder.B or "System.exe". I try to delete it but first I must end the process. As soon as that happens, I get a shutdown.exe popup saying that the computer will shutdown in less than a minuite so I keep typing shutdown.exe -a in the command prompt while trying to delete System.exe. I have found even when the process is terminated, it cannot be deleted and the computer still shuts down no mater how many times I enter the command.

Deleting files, killing processes, etc. is an impossible way to get rid of spyware and viruses. It has modified your registry and other services to rewrite any files you delete and restart any processes you kill.

You need 3rd party software to get rid of it. Which software is debatable but this thread has a lot of opinions http://forums.x10hosting.com/crossfire/82229-what-best-antivirus.html

Booting in safe mode in XP is described here http://support.microsoft.com/kb/315222 . Any modern OS should have some sort of safe boot.

I would be surprised if the virus is active in safe mode. The whole idea of a safe mode is to have all your OS files readonly (even an Admin can't delete or modify them), only start the minimum # of processes and services (which wouldn't include your virus), and allow you the user to then run the next process of your choice which should be your anti-virus software. A good software will clean up your registry and remove the virus. You might need to try a couple anti-virus programs. Boot in normal mode and you should be good to go.

-----------------------------------------------

As an aside I once tried deleting the games files (ie Minesweeper) so I couldn't play them. Well they delete for about 2 seconds before they ... poof ... reappear. In XP, Vista, and most modern OSs you can't delete/alter the core OS files. Now whether Minesweeper is a core OS file is very debatable.

 

[garrettroyce]

Minesweeper is key to me using Windows

I really think you're too far in to fix your computer. I'd say back up files and reinstall.

 

[espfutbol98]

I would be surprised if the virus is active in safe mode.

I guess this is a surprising virus! As I'm sure I've at least hinted to, the virus is operating in the core drivers because:rant2: in safe mode :rant2:it is clearly running and there are many programs and settings (unknown to me) keeping the system.exe process from being terminated and deleted. I agree with everyone that suggests to re-install the OS.

 

[garrettroyce]

I think it was mentioned before, but I think even if you were to fix your computer, Windows would never be the same again.

There are people I know who re-install Windows every 6 months, no matter what :biggrin:

 

[zen-r]

The method that I suggested at the start of this thread provides you with the opportunity to start your PC safely & cleanly to a boot disk, which contains all the necessary anti-malware software to scan & clean your PC.

If it doesn't work, by all means carry on & wipe your PC. But I think it's foolish for people to recommend straight away that you wipe your PC, without first ascertaining if you have any important data on there which mustn't be lost.

Added to that, another factor is the quantity & complexity of the installations you currently have on there. If you would have days worth of re-installation time ahead of you, perhaps with software to install that you can longer get hold of, or settings made which you can no longer remember - then this is all something to be taken into account.

Which is better, an attempt to recover your PC, or to just wipe it & start again? This is a question only a person who knows what is already on their PC can decide.

Personally, if you have any data on there, I'd give my suggestion a go first.

Booting to safe mode will be, as you have already confirmed, a waste of time unless you're really lucky in being able to stop just the right processes from starting.

Booting to a bootable Operating System disk is better, but it leaves you with having to find all the files that you want to back up - only easy if you have been very careful about where you have located your files in the first place. And it doesn't allow you to open installed applications, to remind yourself how you originally set up their preferences/options etc.

If you are able to boot & de-infect your PC using my suggested method, then you are still able to do a fresh re-installation later on - should you decide that unwanted remnants or damage is left behind. But at least you can then do it from the within the desktop of a running PC, with all the advantages of being able to make note of how things are currently set-up & where files are located.

 

[med.zrouga]

mate try Kaspersky

 

[taha116]

Wait for the AVG issue u had, make sure u rename it before atempting install...

Secondly heur is the name of a very disliked trojan that his a major security hole and will compleley destroy you comp, it is probably wat caused all that.

google a heuer remvoal tool as i rember looking at one a couple weeks ago

I think it was mentioned before, but I think even if you were to fix your computer, Windows would never be the same again.

There are people I know who re-install Windows every 6 months, no matter what

Serisoly? OMg i just noticed im letunenat!!! woo

 

[garrettroyce]

Wait for the AVG issue u had, make sure u rename it before atempting install...

Secondly heur is the name of a very disliked trojan that his a major security hole and will compleley destroy you comp, it is probably wat caused all that.

google a heuer remvoal tool as i rember looking at one a couple weeks ago





Serisoly? OMg i just noticed im letunenat!!! woo

Congrats

I don't think anyone has asked yet, do you have the Windows install discs? If not, then saving this install may be your only option.

Also, have you tried doing a system restore waaaay back? Most of the times, viruses attack the system restore, so you are still infected, but maybe it'll clean up some of the other garbage.