virus - advice required

  cliffoa 12:17 23 Apr 2008


My pc has picked up a virus from god knows where. It won't let me connect to the web, has disabled my system restore, disabled help and support in control panel, deleted an antispyware programme and won't let me add or remove programmes. Plus probably other stuff I haven't discovered yet. I have no idea how this got through as I have AVG (free) which I keep updated weekly, windows firewall, spybot and other antispyware/adware programs.

After I got the virus I ran AVG twice on my whole system but it still picked up nothing.

I did a Hijackthis system scan and posted the logfile on their site, which analysed it and suggested something nasty might be lurking in Startup:PowerReg Sceduler V3.exe.

I.T. guy where I work says it will be difficult to root out completely and I'm probably looking at reformating the hard drive and reinstalling the OS. Does anyone have any other advice, before I go ahead? And what additionally might I do to prevent this kind of thing happening again?

I read with interest the perennial debate on this forum between those advocating paid-for AV progs, and those saying they offer no more value or protection that freebies like AVG. I've been using free AVG for years and had no probs, but this has dented my confidence.

If I have to reformat, is it safe to save all my valuable files (music, photographs, videos, some important word docs) to a separate hard drive or discs, then put them back on after I have reformatted and reinstalled OS? Or could virus lurk in them too? My I.T. guy says it's most likely just in the OS.

Also, does anyone know best way to reformat and reinstall OS? It's XP pro, I think I still have the original discs. Do they give an option to reformat?

Sorry for so many questions. Anyone that can help, much appreciated.

Computer sits quarantined in a corner like someone infected with the plague. I could cheerfully throttle the morons out there who think it's clever and big doing this stuff. It's just so bl**dy pointless. Feel sorry for business people who have their busoinesses (and lives) ruined by these criminals. One day governments may get together and take this problem seriously. I think if the day ever arrives when viruses are traceable back to source, we'll see this probelem go out like a light, as these faceless cowards crawl back under the floorbards where they belong. Sorry everyone, just had to get that off my chest.

  Mac70 12:39 23 Apr 2008

IT guys always say that, without investigating what the infection is first.
It does sound bad though, and time-wise formatting may be quicker and easier.
Back up any important documents etc, to cd or flash, then scan them to ensure you havent saved the infection too.
Stick the Windows disc in the CD drive and reboot to cd.
You will get the option to format. Dont use the quick option in this case.
If possible, download an anti-virus and firewall installers on another computer, for transferring once you have reinstalled. Install those, visit Windows updates then add to your security.

  Jak_1 12:44 23 Apr 2008

Transfer all your data files as soon as you can, they should be infection free.
I had a nasty about 3 months ago when an unkown virus destroyed 3/4 of my data files on 5 drives and altered my system settings making getting online impossible and various other functions. I recovered what data I could and did a full system re-install (XP-Home), reconection to the net (Manualy) took just a minute and then re-installed all the various programs that I wanted. Before transfering the recovered data I virus scanned it first with no problems reported. Since then I have not had a problem and have recovered over 50% of lost data. The lost data were my backup files that were on ext drives connected at the time, however that is another story.
I would save what you can and then re-install the system with an destructive install ie totally re-formatting the drive rather than just re-installing the system. That way you can be fairly sure there is no nasty lurking in a dark corner. Don't forget though that once the system has been reinstalled you may need to download sound and video drivers to take over from the generic ones supplied with windows.

  hiwatt 12:45 23 Apr 2008

I suggest registering with this forum click here if you haven't already done so.They'll give you instructions on how to remove any infections.You'll need to be patient though as they are volunteers and are very busy.

you may as well try this you have nothing to lose. download and save click here disconnect interent (not knowing whats on pc) uninstall avg and all other security programs, reboot, manually delete all folders of uninstalled programs.
install nod after prompted reboot connect to internet for database update, reboot into safe mode (only works with v3) do a custon indepth scan of everything and follow nods advice it has imho the best detection and pretty good cleaning you may however have to remove some registry values manually, they will be harmless should you choose to leave them, but other programs may report them as traces.

  DieSse 13:47 23 Apr 2008

"My pc has picked up a virus"

May I ask how you know this if AVG tells you there isn't one?

Or are you just supposing you've got a virus because things have gone wrong?

You could put the drive into a different computer, with a known good AV program on it (NOD32 say), and test the drive on that. You can also run specialised rootkit programs to find "hidden" viruses.

I've gone down that route a number of times - also it may give you the chance to copy off vital dat before you re-install XP.

  hiwatt 13:52 23 Apr 2008

Have you tried booting into safe mode?If you can do that you might be able to do a system restore from there,although if it has been turned off you'll have no restore points to restore to.

  cliffoa 15:43 23 Apr 2008

Thanks for all your replies and advice so far. I tried booting in safe mode but functionality of same items was compromised there too. Also, I can't get on internet to download any potential fixes (logging on now from work PC), so it's looking like I'm going to have to do the destructive reformat, after saving as many of my important files, photos and music as I can. Does anyone have a view on whether I should stick with AVG free going forward, after I've got rid of this virus, or should I upgrade to a bigger/better (i.e. more expensive) AV program. I.T. guy at work recommended Kaspersky, but on these forums I've noticed NOD32 being mentioned quite a lot. Is that the one considered best?.

  DieSse 15:59 23 Apr 2008

I ask again

"My pc has picked up a virus"

May I ask how you know this if AVG tells you there isn't one?

Or are you just supposing you've got a virus because things have gone wrong?

  cliffoa 16:27 23 Apr 2008

Apologies DieSse, other than what I've put above, I don't 'know' I have a virus in the sense that I can identify it. I am not a computer expert, which is why I'm on this valuable forum. But based on a sudden disabling of many of the functions on my computer (some of which I list above), and based on postings on this and other forums I have been researching on the internet, and based on my discussions with the I.T. department where I work, I made an educated guess that what I have is some kind of virus or worm or malware, at any rate something malicious that I didn't have one minute, and I had the next. I have come across quite a few postings that reported viruses that some AVs just didn't pick up. So I'm assuming I've got the same. I did ask my I.T. friends if it was possible to to 'find and root it out' without a reformat (which is possibly the same as the 'rootkit' programs you mention). However, they suggested that was not foolproof, and the safest option to ensure removal was a reformat. Believe me, I'm not ignoring your advice, I just want to find the safest and 'most achievable' solution, for someone of my modest computer expertise.

  Diemmess 16:30 23 Apr 2008

Two truths seem (to me) to stand out.

1) You may be assuming a viral cause when you really have a wrecked OS.
(DieSse wisely suggests this.)

2) If you re-install your OS from a clean formatted disk you will be up and running again.

There is just the chance that some faulty RAM or faulty HD has caused the catastophe, but you will only be sure if a fresh installation turns belly up.
AVG is a very good anti-virus and though there may be something out there that it doesn't pick up, the chances of that are negligable

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Alienware 17 R4 2017 review

These brilliant Lego posters show just what children's imaginations are capable of

Mac power user tips and hidden tricks

Comment réinitialiser votre PC, ordinateur portable ou tablette Windows ?