i scaned my computer throughly like 5 times already and deleted around 156 files already, but this virus still in, i dont know whatelse to do?
2007-02-15 17:02:48 · 7 answers · asked by M A 2 in Computers & Internet ➔ Security
(1) Get you self a good antivirus or a free one if your present anti virus is not protecting you .
(2) If you have not already scanned your comp with spybot do that now .Update it and then run it so it gets rid of all the spyware and trojans in safe mode
(3) Do an online virus scan to check if you still have any other viruses in your computer. And let us know if the online virus scan still finds any virus or spyware .
If the above steps do not remove the hijack then you would need to
(4) Download hijackthis
(5) Post the hijackthis log on the hijackthis forum for the hijackthis experts to take a look
6) Install and use firefox while browsing
2007-02-15 17:29:03 · answer #1 · answered by Anonymous · 0⤊ 0⤋
Try running Avast! (download the free home edition, you'll have to register it within 14 days, registration is free, just an email address is required)
After installation, turn off your system restore points (if you're in XP). Viruses often take over restore points and use them to reboot the system, loading the virus into memory.
Avast! on its first run will ask you to do a boot time scan, this is a must to clean this virus. Let it do that (it will take some time), then run Avast! again once the system comes back up.
If that doesn't help, then you've got more than just Win32. At the company I work for, we had a nasty run in a couple months back with a set of viruses that loaded this win32 virus over and over again. What's going on out there in the "wild", as hackers call it, is that there are hybrid sets of spyware/virus combos that "hook" into your system and can remote load viruses, so you have to combat both at once. This can cause a major death spiral for your system if you can't get the spyware hook disabled.
Unfortunately, I don't know all the details on our company's clean up team reports...but it involved us all going around to all comps on the network and loading several files that killed the hook, by killing it I mean the virus/spyware loader would try to call out to where it needed to download the viruses. Instead of allowing it to do that, we managed to get it to call an instance of notepad instead, in a sense cutting it off from the outside world.
If following the Avast! instructions doesn't clean it, unfortunately you may have to format and reinstall.
2007-02-16 01:19:31 · answer #2 · answered by stcpcpm1mom 3 · 0⤊ 2⤋
Use this program and procedure.
Download and Update Ewido (now called the AVG Antispyware). Do not run:
http://www.ewido.net/en/download/
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH YOUR PROGRAM(S).
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode.
RESET HIDDEN FILES AND FOLDERS.
The RESTORE POINTS may be infected with the Malware and cannot be used. Delete the old one(s) and make a new one.
CLEAR OLD RESTORE POINT(S). HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
2007-02-16 01:06:50 · answer #3 · answered by Anonymous · 0⤊ 2⤋
Try scanning in safe mode. This is how to use safe mode.
For Windows XP
If the computer is running it is best to shut down Windows and then turn off the power.
Begin by first clicking on the Start Button and then click on Turn Off Computer.
Now click on the Turn Off red colored icon to shut down your computer system.
It is best to wait between 15 to 30 seconds before you turn your system back on.
Turn on your computer and start tapping the F8 key on your keyboard.
Some Computers may display a keyboard error message if you begin tapping F8 too quickly.
Restart your computer again and begin tapping the F8 key a brief second or two later.
When the Windows Advanced Options Menu appears, Choose the Safe Mode option and hit Enter.
Windows will now boot your computer up in Safe Mode.
2007-02-16 01:06:50 · answer #4 · answered by G 7 · 1⤊ 1⤋
We could help you better if you actually gave us the virus name. there are no viruses called Win32. However, there are viruses categorized as win32 viruses because they affect 32bit windows operating systems. Also, there are thousands of these.
For the most part, if you give us a specific name of it, then we can direct you towards a stinger or specific removal tool for it.
2007-02-16 01:11:37 · answer #5 · answered by The_Amish 5 · 1⤊ 0⤋
if you have done all that you can then its time to format the hard drive and reload Windows and all your programs...just make sure to back up all your data beforehand as the format will wipe everything off your hard drive
2007-02-16 01:06:29 · answer #6 · answered by panda64 4 · 1⤊ 1⤋
Try this removal tool.
http://www.bitdefender.com/VIRUS-1476-en--Win32.Worm.Welchia.A.html
2007-02-16 01:06:44 · answer #7 · answered by ohok 2 · 1⤊ 1⤋