User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » Hidden Complete Folder Page [1]  
Budiss
All American
2348 Posts
user info
edit post

Hello,


I think my computer has a virus because it has been running insanely slow and the cpu usage is constantly around 70% and up. I did a Symantec AV full system scan and discovered a hidden complete folder with several zip files. When running the scan it said on each file it had the W32.alcra.F virus and it deleted each one(It took like 2 days). Even though the virus is no longer on detected on the scan(I did another one) it still shows these files still exist and my computer is still running slow and has high cpu usage.

I searched google for the same problem and apparently it is a common virus from limewire, but the explanations all deal with XP and I am running Vista, and some of the shit they did to fix the problem isnt compatible with Vista.

Anyone have any suggestions on what I should do or how I can fix this problem. I can post a HJT log if it helps.

Thanks

3/14/2007 10:13:36 AM

dFshadow
All American
9507 Posts
user info
edit post

format c:\

3/14/2007 10:28:53 AM

darkone
(\/) (;,,,;) (\/)
11610 Posts
user info
edit post

Back up to CD any files that you really care about. Format your computer and reinstall everything from scratch. Reformatting is generally a faster and more effective solution than going through the commonly long and tedious process of removing virii and spyware.

3/14/2007 10:37:07 AM

0EPII1
All American
42541 Posts
user info
edit post

1 - run lots of anti-virus and anti-spyware programs (some good free ones: grisoft AVG, PC tools AV, spybot, ad-aware)
2 - RUN THEM IM SAFE MODE
3 - post your HJT log at http://www.hijackthis.de (automated website; instant recommendations)

3/14/2007 10:39:16 AM

MiniMe_877
All American
4414 Posts
user info
edit post

get Process Explorer from here http://www.microsoft.com/technet/sysinternals/utilities/ProcessExplorer.mspx and look for any suspicious processes running, especially any that are hitting 100% CPU usage constantly.

It will also let you kill any process easily, but use with caution because you can crash windows if you kill the wrong process

3/14/2007 10:42:55 AM

Budiss
All American
2348 Posts
user info
edit post

If I really dont care too much for the files on my computer is reformatting the best and easiest way for me to get rid of the virus?

[Edited on March 14, 2007 at 10:45 AM. Reason : Thanks for all the responses.]

3/14/2007 10:45:07 AM

dFshadow
All American
9507 Posts
user info
edit post

yes

3/14/2007 10:49:05 AM

darkone
(\/) (;,,,;) (\/)
11610 Posts
user info
edit post

Quote :
"is reformatting the best and easiest way for me to get rid of the virus"


yes

3/14/2007 12:34:59 PM

IROLA_BLUNT
All American
535 Posts
user info
edit post

Before you do any scans (virus or spyware) be sure to turn off your System Restore. Once you have turned off system restore be sure to update all your virus and spyware definitions. Then, reboot into Safe Mode and run the virus scan and spyware scans.

If that doesn't work then go ahead and format it - that will definitely take care of the problem.

3/14/2007 1:29:13 PM

gs7
All American
2354 Posts
user info
edit post

Quote :
"yes"

3/14/2007 1:58:03 PM

Perlith
All American
7620 Posts
user info
edit post

There are a lot of tutorials on how to format and reinstall a computer out there. I would have a laptop or second non-infected computer available in case something unexpected happens while you are doing it.

3/14/2007 5:05:40 PM

waffleninja
Suspended
11394 Posts
user info
edit post

one method is to check your system processes, which works pretty well many times (although some are completely hidden which i don't understand at all)

1. press ctrl+alt+del
2. click on system process
3. look at the image name column. anything you don't know what it is or if it looks suspicious, google the name (e.g. type rundll32.exe into google. although that one is not a virus). there may even be something like alcra.exe or something that just stands out that is the virus. google will tell you if it is a virus or not (normally the first google result will).
4. if you find one that is a virus, first end the system process (click on that row and click end process)
5. then hit the windows start button, go to search, then go to for files or folders
6. Click on All files and folders
7. search for the system process you just ended (e.g. type "rundll32.exe" into the search if that was the virus)
8. delete any files that come up matching that file you just searched.

3/17/2007 2:17:50 PM

Charybdisjim
All American
5486 Posts
user info
edit post

Quote :
"look at the image name column. anything you don't know what it is or if it looks suspicious, google the name (e.g. type rundll32.exe into google. although that one is not a virus). there may even be something like alcra.exe or something that just stands out that is the virus. google will tell you if it is a virus or not (normally the first google result will)."


Viruses will often disable valid system processes and then run as a process with the same name. Googling process names is only marginally helpful.

3/17/2007 7:27:04 PM

 Message Boards » Tech Talk » Hidden Complete Folder Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.