SYSTEM RESTORE WILL NOT REMOVE A VIRUS!



If you are that badly infected you have only two options for cleaning it out. The best way is backing up all your files that you don't want deleted to a USB stick. Then reload your operating system. A full destructive reformat. OR, The second best. A rescue CD. If you have means of burning a disk, Kaspersky makes one of the best rescue disk out there and it's free. What happens is, You burn the CD and run it in your disk drive. You reboot the computer, It will boot from the disk,not the hard drive. This takes a little longer because your disk drive is a little slower. But, It works very well.



http://support.kaspersky.com/4162

The best way [fastest for me] is to use system restore to a point before the virus was installed .

if that doesnt work

a factory restoration will

back up your personal data and factroy restore.



To search out all the viral code is a time comsuming task . months in some caases.. unless your setup for it and can access from dated files and such.. even then its goign through regestry entries and stuff...



removing files if not in windows then in dos with delete and delete tree commands.

as some software virus sre descised as a system .dll file when they are a directory tree of both files and folders with the top folder calling itsself a file.



deltree the file should do it form a command propt in dos even ram dos win 98 with a ntfs4 dos software runing to access the ntfs disk.



virus's tend to rename themself and replicate themself as well.

once the virus has bene removed then the regestry entry may still give you an error for the pop up file not found thing at boot ...

in which casue you then need to find and elete the regestry entry after booting back into windows.



in the end you are never really sure you got all of it.



just factory restore and keep a good real time vrius protection running.

once you feel you have run itno a virus or maleware restore back to a restore point.



in the time it takes to post to forms and wait for this and that you coudl have had the systemn factory restored and runnign clean booted again.



if you happen to find a file or suspect it as beign a virus then zip the file and add it to an email to an antivirus support site aka security essentials or nortan .....report it they will confirm if it is a virus or your are on the wrong track and are deletign windows files or worse.

Open task manager (CTRL + ALT + Delete) (Or right clicking on the taskbar and clicking start task manager), Google the names of all the processes you see on the task manager (To see if they are safe),

if you see it as unsafe right click on the process and click "Open file location", make a copy of it to the desktop, upload the file to https://www.virustotal.com/ (To check if it is safe),

if it comes back as malware (Over 50/50 or if over 2 major antivirus vendors detect it (Kaspersky, AVG, Mcafee, ESET-NOD32, Malwarebytes, SUPERAntiSpyware or TrendMicro),

tell us if anything at all comes up and the link to the scan,

just copy the link in the address bar) right click on the process and click end process. If you got a result of malware (Over 50/50) open the start menu, type in msconfig, go to the "Startup" tab, if the under "Command" was detected as malware by Virustotal untick the checkbox.

Once you have done click "Apply", once you exit DO NOT reboot your computer.



On Google Chrome click the tools (Can be a wrench or 3 kind of line things), view background pages and end everything that is slightly orange, open settings, extensions and remove everything.



After you have done that reboot your computer into safe mode (the key to enter it varies from computer to computer but for me it is f8, just remember to press the key before windows starts loading. If f8 doesn't do it use your search engine to find what your key to do it is), once it is loaded in safe mode run a scan with your antivirus then