Aaaarrrgghhh, darn virus.

[solo]

Son has managed to land another virus on his desktop ( Windows Vista, home edition). Whatever I do to try to remove it meets with failure ( Kaspersky, Superantispyware). Restarts appear to take the pc back to a time prior to installing anti virus programs. I'm stumped. Is there anything I can do or should I just bite the bullet and get a new hard drive or even a new pc.

 

[pipemajor]

Do you know the name of the Virus?
If so, Google for it by name. Someone might have composed a special removal tool.

 

[dave.m]

Son has managed to land another virus on his desktop

Solo,
What makes you think it is a virus as opposed to malware (there is a difference)?
Give us the name of it and let us see what we can come up with.

Also explain more clearly what happens here:
"Restarts appear to take the pc back to a time prior to installing anti virus programs. "

dave

 

[solo]

Names.......not sure. The first sign of a problem was google not going to the selected link. There was a "dropper/win-nv" and "Packed.Win32.K r a p.ag" both Trojans apparently. I suspect that there may be more. There is also malware present I believe.

The machine had AVG free on it. This didn't prevent infection but offered to remove it if I upgraded to the pro version. Superantispyware was already on the PC. I downloaded and managed to install Kaspersky after the infection. After running either Kaspersky or SAS a restart was required. If the machine booted up, it booted up to a state when both SAS and Kaspersky were on the machine but yet to be installed. Hope that makes sense. So installing, running and restarting all took me back to the same point.

I now have several headaches over this and have decided to drink lager instead.

I've had to put spaces betwen the letters of K r a p cos the sweary filter blanked the word out.

 

[dave.m]

Try this in the morning, not after a skinful of lager.

First of all try to update SuperAntiSpyware, if it updates then reboot into safe mode and run a full scan with SAS.
Let it remove all it finds.
Then reboot into normal mode and see how you get on.

If it fails to update, forget the scan and procede to the next suggestion.

It is actually Trojan spyware/malware that you have, not a virus.

Next Suggestion

Do you have Ccleaner installed? If so run the Cleaner and clear out all it finds.
If not:
1st thing to do is clear out all your temporary files, tool of choice is ATF Cleaner, it is free and you do not have to install it. Download and instructions here (Windows XP, 2K, 2003 & Vista ONLY)
* NOTE : If you would like to keep your saved passwords, click No at the prompt.

-- Click on ATF-Cleaner to run it
-- Where it says Select Files To Delete, Check the Select All Option
-- Click Empty Selected - > OK

If you use Firefox browser, do this also:

* Click Firefox at the top and choose Select All from the list.
* Click the Empty Selected button.

Then, having run either Ccleaner or ATF

Please download MalwareBytes' AntiMalware


* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:

o Update Malwarebytes' Anti-Malware
o Launch Malwarebytes' Anti-Malware

* Then click Finish

If an update is found, it will download and install the latest version.

* Once the program has loaded, select > Perform Quick Scan, then click > Scan.
* When the scan is complete, click > OK, then > Show Results to view the results.
* Be sure that everything is checked, and click > Remove Selected.
* When completed, a log will open in Notepad. Save this log to My Documents in case it is needed for reference.
Reboot as required.

Run a scan with the program that found the virus/trojan and report back.

dave

 

[daozen]

Always worth downloading, running and posting the log of a HiJackThis scan as well. Though if you do dont do anything else until advised.

 

[solo]

Thanks Dave and daozen. Will give your ideas a try. It will probably be the weekend before I can get round to it. Thanks again.

 

[solo]

Update.
I don't appear to have administrator rights on this machine anymore.
Can not start windows. Turned pc on this morning and two hours later it was still booting up.
Boot discs from the net have no success either.
I suspect there is a "msblaster" worm in there somewhere.
Can't run any anti-virus/malware programs, even online scanners appear to stall.
Can't boot in safe mode.
F11 doesn't work.
Don't have a recovery CD and the one time I got into windows I couldn't find the Master CD/DVD creator.
I've installed "ubuntu" to give me some access to stuff I need but I don't find it user friendly.
Finally got "avast" downloaded tonight but it just appears to have scanned the linux part of the machine.
Time for a new pc I think unless there is a "for dummies" fix out there.
Frankly, I'm getting tired of looking.

 

[solo]

Blinking flip!!! Found a recovery disc for this pc. Assuming it works, is it safe to boot an infected pc back to factory settings or might the virus/malware still remain?