How to remove a virus
Thread poster: LilianNekipelov

LilianNekipelov  Identity Verified
United States
Local time: 00:42
Russian to English
+ ...
Sep 18, 2013

I really have a lot of hope in the people here - that someone with high technical skills can suggest something. On one of my favorite Lenovo computers I have virus that blocks all anti-viruses. I know there is a way around it to somehow deceive the virus, but I am not sure how, in this case. it is the type of virus that reverses letters completely. Please help. thank you. I will get back to you in a few hours.

 

Rolf Keller
Germany
Local time: 06:42
English to German
Unclear description ... no receipe possible Sep 18, 2013

Your description is by far too unclear.

Use a system restore tool (try that one that is built into Windows first). Don't try any other things: Any usage of an infected PC might make things worse.

If you have no backup data or don't know how to perform a system restore, ask an expert to come and see your PC. There is no such thing like a free&simple receipe.

it is the type of virus that reverses letters completely


Strange. In these days viruses avoid any visible activity. Except those viruses that demand money from you.


 

LEXpert  Identity Verified
United States
Local time: 23:42
Member (2008)
Croatian to English
+ ...
Name of the virus? Sep 18, 2013

Has your antivirus given you an intercept pop-up or report indicating the name of the virus? If you google the name + removal instructions, MacAfee or other AV sites may have removal instructions listed.

Other suggestions
- Try to boot into Safe Mode and then run your AV software.
- In Safe Mode, try to locate a restore point from a before you became infected.

Caveat: Removal instructions often, if not usually, involve manually changing registry entries, wh
... See more
Has your antivirus given you an intercept pop-up or report indicating the name of the virus? If you google the name + removal instructions, MacAfee or other AV sites may have removal instructions listed.

Other suggestions
- Try to boot into Safe Mode and then run your AV software.
- In Safe Mode, try to locate a restore point from a before you became infected.

Caveat: Removal instructions often, if not usually, involve manually changing registry entries, which is not generally advisable for the inexperienced user. If the virus can actually be removed (not always possible, in which case you may be better off doing a full factory restore), many AV providers offer remote virus removal services (ca. $100).
Collapse


 

Shai Navé  Identity Verified
Israel
Local time: 07:42
Member
English to Hebrew
+ ...
If you sure that the system is infected, run the following scans Sep 18, 2013

Before doing anything. Are you sure that your system is infected?
Character substitution could be the result of a faulty keyboard or some software conflict. However, blocking security software is usually an indication of some kind of malware.

So, assuming that you system is infected, backup your important data - I cannot stress this enough. The following methods are considered generally safe, but removing an infection could have side-effects and unexpected results depending on
... See more
Before doing anything. Are you sure that your system is infected?
Character substitution could be the result of a faulty keyboard or some software conflict. However, blocking security software is usually an indication of some kind of malware.

So, assuming that you system is infected, backup your important data - I cannot stress this enough. The following methods are considered generally safe, but removing an infection could have side-effects and unexpected results depending on the type of malware.

1. Download and run http://www.malwarebytes.org/products/chameleon/
2. AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
3. Download and run the aswMBR rootkit scanner by Avast (http://public.avast.com/~gmerek/aswMBR.htm).
4. Download and run an AV Resuce disk such as Kaspersjy Rescue Disk (https://support.kaspersky.com/viruses/rescuedisk#downloads).
5. 3. HitmanPro http://www.surfright.nl/en/hitmanpro (Paid, but I think that they still offer a 30 days fully functional trial). This is a great second opinion tool.

In most cases these would be generally enough. In the worst case scenario they will provide you with more information about the nature of the persistent malware, which might help in choosing the next step.
Collapse


 

Daina Jauntirans  Identity Verified
Local time: 23:42
German to English
+ ...
Change name of antivirus .exe file? Sep 18, 2013

I am sure the people who answered before me are much more knowledgeable than I, but I once was able to remove a nasty virus by changing the name of the antivirus' or virus killing software's EXE file so that the virus couldn't find it. The instructions for this were included with information about the virus I found on the Internet (on a different computer). To do this, you require an Internet connection, a second computer, and possibly a USB stick to transfer the files.

 

LilianNekipelov  Identity Verified
United States
Local time: 00:42
Russian to English
+ ...
TOPIC STARTER
Thank you everyone, very much Sep 18, 2013

I don't know the name of the virus -- it must be something new. It outsmarted some of my security programs (maybe they did not have the most current updates -- this might have been the reason). Then it blocked any new antivirus programs, antivirus, or other, updates, restarting the computer, the "add programs" wizard, the option "I agree to the terms of the agreement", which is necessary when downloading new programs, or even updates. I did not try the restore function, but i am almost 100% sur... See more
I don't know the name of the virus -- it must be something new. It outsmarted some of my security programs (maybe they did not have the most current updates -- this might have been the reason). Then it blocked any new antivirus programs, antivirus, or other, updates, restarting the computer, the "add programs" wizard, the option "I agree to the terms of the agreement", which is necessary when downloading new programs, or even updates. I did not try the restore function, but i am almost 100% sure that it would block it as well. No everything is blocked, though, except the letters are reversed -- all of the, so i started typing certain commands in the other direction. It helped a little bit.

Thank you, Daina -- I will try the exc option to save the file. it once helped me to do something similar when removing a Trojan Horse.

I will see what happens. I think this virus is around, and it must be something new. It also acquires a life of its one -- it mutates. so in the beginning there are fewer symptoms, and then as you try to do certain things, it blocks everything you are trying to do.
Collapse


 


To report site rules violations or get help, contact a site moderator:


You can also contact site staff by submitting a support request »

How to remove a virus

Advanced search






SDL MultiTerm 2019
Guarantee a unified, consistent and high-quality translation with terminology software by the industry leaders.

SDL MultiTerm 2019 allows translators to create one central location to store and manage multilingual terminology, and with SDL MultiTerm Extract 2019 you can automatically create term lists from your existing documentation to save time.

More info »
WordFinder Unlimited
For clarity and excellence

WordFinder is the leading dictionary service that gives you the words you want anywhere, anytime. Access 260+ dictionaries from the world's leading dictionary publishers in virtually any device. Find the right word anywhere, anytime - online or offline.

More info »



Forums
  • All of ProZ.com
  • Term search
  • Jobs
  • Forums
  • Multiple search