Computer Help forum

General discussion

Sticky Virus ,,,,, Please Help :(

by urMohid / January 31, 2011 10:44 PM PST

Hello all, this is a strange virus I'm having in my computer which is causing so much problems for me and I'm not able to remove it any way. This virus has disabled my task manager, regedit, and antivirus show hidden files so far and maybe some other things which I have not yet discovered. It creates a file named autorun.inf in all drives alongwith some other strange named exe files. I have tried everything I could but it is not going out.
I have already tried these things;
- AVG antivirus protection has been disabled but when I scanned whole computer nothing had been discovered (I have latest virus definitions)
- Autorun virus remover deletes all viruses and also fixes things spoiled by virus but all goes back after 3-4 seconds.
- Comodo antivirus doesn't bother to start.
- Malwarebytes Anti-Malware discovers many viruses deletes them and everything returns just like autorun virus remover. It's auto protection discovers virus every time I open a drive.
- Even reinstalled Windows. Formatted C and reinstalled windows. When windows start after installed virus is in its place. I tried installing windows again and first of all installed malware remover from USB stick (100% virus free) and it removes viruses and all happens like previous ie virus comes back.
- I have tried different things by reinstalling windows more than six times.

BTW I'm using windows XP. Any idea about this???????

Discussion is locked
You are posting a reply to: Sticky Virus ,,,,, Please Help :(
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Sticky Virus ,,,,, Please Help :(
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
by Bob__B / January 31, 2011 10:55 PM PST

Grab a copy of DBAN.....wipe the drive.

Now install Windows.

Collapse -
You say that you are using Windows XP ...
by Edward ODaniel / February 1, 2011 12:18 AM PST

but you don't mention anything about what Service Pack level your XP instllation is at BEFORE you access the Internet with the computer. XP without any Service Pack is well known to have a rather brief uninfected lifespan once it gets on the Internet.

You may have a rare BIOS virus. Download any BIOS update from your computer or motherboard manufacturer's site and install it AFTER wiping the drive but BEFORE re-installing Windows.

After updating the BIOS you can install Windows but scan the installation CD for virus on a different computer first and make sure that the problem computer CANNOT connect to the Internet during or after the installation. Also make sure that any external storage drives or flash drives are disconnected from the computer as they may be the carrier for the problem. Once Windows is installed install Service Pack 3 which you should download on a different uninfected computer - copy the file to a CD to install it on the problem computer. This link is to the Network Installation Download AND THIS IS WHAT YOU WANT! Ignore anything on the page about using Windows Update for a single computer.
Windows XP SP3 Network Installation Package

After installing the SP3 download, on another uninfected computer:
1. Avast or AVG for the Antivirus
2. RKILL -
3. Malware Bytes -
4. Super Anti-Spyware -
5. Hitman Pro -
6. Autorun Virus Remover 2.3 build 1022 -
7. I would also STRONGLY recommend Emisoft Anti-Malware/Anti-Trojan Software which is not freeware but isn't expensive especially considering how effective it is -

DO NOT use any of these you already downloaded Download FRESH COPIES of each as it is entirely possible that existing copies are infected. Download them from the publisher's sites I linked you to to ensure the files are not infected.

Now, with the computer STILL not connected to the Internet, install the Anti-Virus of your choice and give the computer a quick scan - it should be clean.

Now install RKILL, MalwareBytes, Super Anti-Spyware, Hitman Pro, Autorun Virus Remover 2.3, and Emisoft Anti-Malware/Anti-Trojan if you opted to get it. Scan with each and again the computer should come up clean.

Now, making sure that the AV is running connect any external drives ONE AT A TIME and scan each with Autorun Virus Remover 2.3 then one or more of the anti-malware utilities. Be especially careful to scan any and all Flash Drives or Flash media cards you may use IMMEDIATELY on insertion.

If ANY scan comes back showing a problem shut down the computer then re-boot into Safe Mode and re-scan.

After all scans are clean you can connect to the Internet and get all the updates BEFORE installing any other software.

After all updates are installed start installing your software but be sure you scan everything BEFORE installing it as you are getting re-infected from somewhere and it just might be that software.

Collapse -
Aggressive attacks
by Willy / February 1, 2011 12:33 AM PST

As already stated to you, and since you'be already did OS re-installs, to "wipeout" the HD and start all over again the OS install. As you seem to think your pgms. and such are virus free, again verify that. You just can't take anything for granted. Its *VERY RARE* to have any bios virus or MBR type virus at work here. These by they're very nature either you introduced them or someone did to allow full access to the system. Which leads me to believe more than some pgm. or file you've allowed or think is virus free, really isn't. The best way to prove that is to have yet another HD, totally cleaned and wiped free, then reload the OS, etc. and check results. If the virus comes back, some procedure on your part is infected to include the AV tools used. Burn to disc, whatever Av tools and verify that before burning on another PC if possible. just reload the OS and test right then and there once completed the reload. I fo trust the OS itself isn't some recovery copy or worse some internet copy, then all bets are off, these too can be AV scanned as source files alone on another PC. Also, if you get to a point where the OS is reloaded(right after reload), boot into safemode with networking and use the AV disc to test system. If all this fails, report back AFTER having done this, don't assume anything.

tada -----Willy Happy

Collapse -
by urMohid / February 2, 2011 1:43 PM PST
In reply to: Aggressive attacks

Thanks to all friends who replied. Today I'll try the solution and post the results. I have XP SP2. As I already have 2 HDDs attached to my pc it would be easy for me to get them scanned one by one from other pc easily. Then I'll try updating BIOS too.

Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?