Arrgh! Can't get rid of a virus!

philstanbridge

philstanbridge

philstanbridge

Man of Honour
Joined
18 Oct 2002
Posts
8,522
Location
West Coast of Scotland
Need some help chaps - got an annoying virus that I can't clean.

Win32/Gael.D apparently. I'm running Microsoft Security Essentials, Anti-Malware free and Kaspersky AV 2011. Security Essentials is the software that keeps detecting it everytime I try to move/delete or access a file/folder that is infected. Kaspersky locks the file in question, and asks me to restart the pc. As soon as I restart the pc, same happens again. SE detects it, Kaspersky locks it. My entire Steam backups folder has been infected apparently, and more besides probably. I have tried to delete the folder, and it leaves the locked files behind. I have tried a RMDIR from dos, which hasn't worked either.

Any ideas apart from Format c: which I'm not prepared to do.
 
In my experience having two AV products doing on-access scans is a bad idea. Have you tried disabling one of them?
 
what i had to do when I had a stubborn virus was locate it, make a batch file that deletes it,with the directory of the file, run windows in safe mode and run the batch file, worked a treat i tell you.
 
In the past I've used a program called Hi-jack This (might be known as something else these days). You had to be very careful what you told it to delete though.

edit: combofix in the above post is also a good suggestion.
 
I removed MSE, and just have Kaspersky installed. Kaspersky now picks up 42 Tenga.A threats on one folder alone on my NAS. I haven't even scanned the rest of it yet - so I'm going to create a rescue disk and see what happens.
 
+1 for malwarebytes, disable your AV, run a full scan over night, it would soon tell you if you have an infection.
 
disable system restore first
run ccleaner slim
post a hijackthis log

now run your kaspersky
run mbam
run spybot
 
You must log in or register to reply here.
Back
Top Bottom