I need help now!

[Guest BigMac530]

My computer is infected with a virus. I wasnt able to open task manager. I then found out it infected the task manager. Windows then suggested that I download "Windows Optimization Center". then it did a system reboot and it apparently removed some infections I had. I log into windows, and this thing on the bottom is telling me that there is a keylogger in the PC. I unplug the Ethernet. I'm doing a full scan of my harddrive with avast, currently 5% into it. Now the Optimization center is popping up win all the files/ programs that are infected and are "blocked". Notable ones such as ATI CCC, Alienware command center, and my antivirus. I need help guys. How do I fight this and what do I do?? Via iPod

[Guest Dill]

Best option would be a reformat, otherwise run your antivirus stuff out of safe mode.

[Guest BigMac530]

30% into the scan. I have a basic understanding of what reformatting is, but how do it do it and what does it exactly do? I am able now to run all the programs I said were blocked. Still staying of the Ethernet for now.

[Guest BigMac530]

Avast is saying that there is no infection in the computer. I restarted my computer and it is running normal. I am still worried. Ethernet cable still not plugged in.

[Guest RET.SSgt.Haterade=US=]

Reformat is the last thing you should do. It'll wipe your hard drive so you'll lose everything. You should be able to run a program like Recuva to get back files you can't afford to lose afterward, but it's not a guarantee. You should be able to get it with Avast, Malware-bytes Anti Spyware, or SUPERantispyware. I use both of the latter programs. Remember, you can have more than one antispyware program, but you should only have one anti-virus. Make sure you run your computer in safe mode before using these programs, otherwise they won't do what you need them to do (Windows Optimizer Center has defenses against these programs when you run them in normal mode). If that doesn't work, you should be able to manually delete the thing. I'll dig up a good link for that if needed.

[Guest RET.CW4.ThievingSix=US=]

Also try to identify what the virus is, if avast shows up with a warning, google the virus and you will be able to see what it does and how to remove it. If you can tell us exactly the virus that avast pops up with or show us an avast log with the virus name we can help you. it may look something like these Win32.Virusname.123 Trojan.Win32.Virusname.A

[Guest BigMac530]

Ran a full scan with Avast and its saying there are no threats. How can i be sure that its not hiding somewhere in my computer? And ThievingSix, the virus was a Trojan i remember it saying. And it infected the task manager command. Computer is running fine and everything works, but still worried if anything was taken by a keylogger.

[Guest Dill]

From what I've read Malware Bytes can get rid of this.

[Guest RET.SSgt.SonicMulisha=US=]

Another thing that you can do is go to Microsoft's website and use their free Mal. Software removal tool.

[Guest RET.CW4.ThievingSix=US=]

Yeah but do you have the exact virus name? Because a trojan can infect and lay dormant and allow a hacker to remote access your computer. There are thousands if not millions of trojans out there. Often a virus scanner cannot pick up the trojan unless it starts doing something suspicious, and avast isen't the best at doing that either. The name should be in your logs if you can find them.

[Guest RET.SSgt.Haterade=US=]

[quote='Cpl.Dill=US=','http://clanunknownsoldiers.com/hq/thread/?postID=79382#post79382']From what I've read Malware Bytes can get rid of this.[/QUOTE] It can. I've gotten it off my mom's computer with Malware Bytes.

[Guest Kaine]

I don't know if you know how, but if I were you, I'd just wipe it clean. Repartition and reinstall your OS.

[Guest Dill]

(Which is basically reformatting, without losing data necessarily.)

[Guest CC.Decayed=US=]

No system restore?

[Guest Dill]

Lol, doubt system restore would do anything to a virus like that.

[Guest BigMac530]

Its in the Avast virus chest. The name is "Win32:Pirminay-E [Trj]".

[Guest BigMac530]

And the filenames that are infected by that virus are in my task manager, running. Is this a problem?

[Guest RET.Maj.Skyler=US=]

Download AVG (Free) and do a full scan in safe mode and tell me what comes up as infected with all the info Or if you want to be less hassle way you could give me access to your computer to take a look and fix your problems or make sure your safe from viruses when we both have time.

[Guest CC.Decayed=US=]

[quote='Cpl.Dill=US=','http://clanunknownsoldiers.com/hq/thread/?postID=79409#post79409']Lol, doubt system restore would do anything to a virus like that.[/QUOTE] System image recovery is what I meant. Not system restore, my bad. Pretty sure that will work but my guess is he doesn't have it.

[Guest MAJ.Kaossilator=US=]

[quote='CC.Decayed=US=','http://clanunknownsoldiers.com/hq/thread/?postID=79414#post79414']System image recovery is what I meant. Not system restore, my bad. Pretty sure that will work but my guess is he doesn't have it.[/QUOTE] Well if his Aurora is anything like my M15x, he got a Windows image CD in addition to a Resource CD. They both have bootable apps, but I [I]think[/I] that the Windows image one boots to an image recovery console of some sort. Worth checking at least.

[Guest BigMac530]

[quote='PFC.Kaossilator=US=','http://clanunknownsoldiers.com/hq/thread/?postID=79415#post79415']Well if his Aurora is anything like my M15x, he got a Windows image CD in addition to a Resource CD. They both have bootable apps, but I [I]think[/I] that the Windows image one boots to an image recovery console of some sort. Worth checking at least.[/QUOTE] I was just checking that big car manuel that Alienware gives us. Is it the "Aurora Resource DVD"?

[Guest BigMac530]

Another thing i noticed is unfamiliar processes in Task Manager like "winlogon.exe" and "csrss.exe". Both of which i can't go to properties or end those processes.

[Guest doctoRR]

Malwarebytes is the way to go. Run it when in safe mode with networking.

[Guest BigMac530]

Ok i did a Malware Bytes full scan on Safe Mode w/ Networking and it found 104 infections and apparently removed them. Restarted and ran a quick test in regular windows. No threats found. Is it really gone?

[Guest RET.CW4.ThievingSix=US=]

You'd hope so :D, just turn on your internet and hope for the best.