Solved Avira finds this virus but can't remove it

Lenovo Essential g560 0679alu 15.6" led...
March 30, 2015 at 14:38:52
Specs: Windows 7
I hope this picture is self explanatory

Oh, yes. And Malwarebytes doesn't find it at all.

message edited by i_am_jim

See More: Avira finds this virus but cant remove it

Report •

March 30, 2015 at 14:51:36
✔ Best Answer
Download and burn to DVD an ISO of Kaspersky rescue disk.

Boot up with that.

It will boot into a Linux based desktop; and go online to update itself. Then will scan your HD fully... and remove anything nasty it finds.

The OS (a Linux variant) will load into RAM only; thus leaving the HD as mere resource for the RAM installed OS - which it can will scan and clean.

Afterwards.. boot into Windows as per norm; and then download and run JRT (Junkware Removal Tool):

JRT will install itself to e the Desktop and produce an icon there. Click on that icon to open a dos style window. Follow the onscreen prompts. As I recall it will require a reboot to complete its work.

Both of the above are freebies; and and safe to run.

There are pests that can insinuate themselves into the OS and effectively hide from many anti-viurs utils; if the OS is actually booted up/active. Scanning from outside the affected OS itself means they can often (usually) be defeated... The Kaspersky disk is one of several that can do this. JRT goes after other pests that may lurk in other ways - within the booted/active OS...; and useful to run after the Kaspersky utility.

message edited by trvlr

Report •

March 30, 2015 at 15:21:47
After posting logs from the previously mentioned scans, here is the next step.

We will still have about 5 steps to do.

Run RogueKiller
User Guide
Official tutorial
How to Temporarily Disable your Anti-virus
If RogueKiller won't run, open IE & turn off SmartScreen Filter.
Download & SAVE to your Desktop. If your default download location is not the Desktop, drag it out of it's location onto the Desktop.
Quit all programs that you may have started.
Shutdown your antivirus to avoid any conflicts.
Please disconnect any USB or external drives from the computer before you run this scan!
For Vista or Windows 7/8, right-click and select "Run as Administrator to start"

For Windows XP, double-click to start.
Wait until Prescan has finished ...
Then Click on "Scan" button
Wait until the Status box shows "Scan Finished"
Anything that is not checked, leave it unchecked.
Click on "Delete"
Wait until the Status box shows "Deleting Finished"
Click on "Report" and Copy & Paste the content of the Notepad into your next reply.
The log should be found in RKreport[1].txt on your Desktop.
Exit/Close RogueKiller.
When completed make sure to re-enable your antivirus.

Report •

March 30, 2015 at 15:41:16
Morning JohnW (in the land of eternal sun, and gorgeous beach bunnies...) from a coolish and wet 'n windy UK evening...

Report •

Related Solutions

March 30, 2015 at 15:56:19
Evening trvlr, we are heading slowly into your weather, though in our patch, we have never seen snow, we may get hail once or twice a year.

Been to UK 3 times, twice for Xmas & last time 2 & 1/2 years ago in June, we stayed in Frome.
Wife is originally from Enfield.

What you lack in Sunshine is made up by green.

message edited by Johnw

Report •

April 1, 2015 at 04:59:58
Thanks for the help. So far I've run the Kaspersky rescue disk and it may have fixed the problem.

Report •

April 1, 2015 at 05:12:20
" So far I've run the Kaspersky rescue disk and it may have fixed the problem"
Only partially, think of it like a cancer, unless you get it all....

It is impossible to guide & advise you to getting a clean comp, without seeing the logs.

Report •

April 1, 2015 at 07:46:49
I would be inclined to agree with JohnW, in that whilst Kaspersky will have apparently dealt with the pest as posted..., you may well have other nuisances "lurking about" and of which you know not.

Worth the time/effort now to check for anything else that might be hanging about ready to cause mayhem anon... (if not already doing so behind the scenes and you're not aware of it).

Report •

April 1, 2015 at 18:19:46
The system is twisting my arm to give someone credit for best answer. The reason I didn't already do that is because I really don't know who gave the best answer. I used the first one and stopped, but I may have needed to continue into the more involved answer. I have decided to credit the answer I used even though it may be unfair.

Report •

April 1, 2015 at 20:15:22
You should continue to make sure that all is clean. My recommendation is to follow JohnW, run what he recommends and post back the logs for review.
At the VERY least, run Malwarebytes, remove anything it finds, and post the log (copy/paste) back. This way, if anything is found, you will know you probably still need to go further and if it does not detect anything, you still might, but that will be your decision. JohnW will take you through all steps for as long as it takes to make sure you are in good shape if you give him the chance.

You have to be a little bit crazy to keep you from going insane.

Report •

April 3, 2015 at 13:35:13
I had run malwarebytes before I posted my original message. It found nothing.

Report •

Ask Question