Help with virus removal (kind of a long story)

s7zero7 · May 29, 2014

MAJOR NEW UPDATE

After a system restore the problem persisted, but, after a scan my antivirus detected "Hacktool:MSIL/Gendows" on my computer.
Furthermore, does anyone know how to remove this? keep in mind my problem with downloading still persists as all of my downloads eventually fail.

Keeno99 · May 29, 2014

You could try using a different antivirus:

http://free.avg.com/us-en/free-downloads

Get "AVG Antivirus Free 2014"

If it get super serious you might have to re install windows. A possible fix is to do the system restore back to a certain time:

Win 8: http://blogs.msdn.com/b/zxue/archive/2012/03/09/windows-8-how-to-29-restore-system-to-a-previous-state-using-restore-point.aspx

Win 7: http://windows.microsoft.com/en-us/windows/what-is-system-restore#1TC=windows-7

s7zero7 · May 29, 2014

Keeno99 :

The thing Is I cant download another one, as I stated, any download will suddenly go up to like 45 minutes and then blank out and freeze.
I'm considering a system restore

Dogsnake · May 29, 2014

Seems like this could be a real pain. I found this guide (http://malwaretips.com/blogs/virtool-win32-obfuscator-xz-removal/) and it implies a rather complicated infection. If you choose to follow it, I would download all the tools (6) that you don't already have so they are ready to install for each step. When you are done you can use the freeware version (http://www.revouninstaller.com/revo_uninstaller_free_download.html) to uninstall the tools as they are so many. Also once you have a clean system delete all you system restore points and set a new one that is clean. The virus parts are in your restore point files as well as your current version. Lastly this virus is a type of Trojan that gets into your system by your actions (questionable sites, bootleg software, etc.). Try being more attentive to what you open and look at.

Keeno99 · May 29, 2014

Yup, I'm dumb sorry about that. I would definitely go for the system restore as I said earlier. Good luck

I hope it works

s7zero7 · May 29, 2014

Dogsnake :

I cant download anything for one, so I wouldn't be able to get them programs.
I suspect I recieved the "virus" after downloading Call of Duty 2 the other day as my disk copy wouldn't work, however the game worked and it did for others so I don't know why I have this.

s7zero7 · May 29, 2014

For an update I managed to download RogueKiller and TDSS killer, but neither of them detected ANY malware/trojan, I'm not certain if Malwarebytes did remove the virus as my youtube videos and downloads still wont work.

Keeno99 · May 29, 2014

Try the restore to before you got the virus.

s7zero7 · May 29, 2014

Keeno99 :

The other guy said something about it affecting my restores, so Im not sure If I can

COLGeek · May 29, 2014

From another system, get the AVG Rescue CD. Burn to CD/USB and then boot from that device. Update definitions when asked and perform a full scan of the system. Remove all that is found. Get the application here:

http://www.avg.com/us-en/avg-rescue-cd

s7zero7 · May 29, 2014

COLGeek :

Again it didn't seem to detect anything, Im still convinced I do have a virus, absolutley no downloads will work, internet is shutting off every 5 minutes, PC is slow, Youtube wont work.

s7zero7 · May 29, 2014

Alright I'm going to try a system restore, Ill let you know how it goes and set this to solved if it works.

s7zero7 · May 29, 2014

System restore failed, but interesting results, post updated, still need help.

Dogsnake · May 29, 2014

Bottom line here is do a clean install of windows. Back up your data and do it right. The virus pointed to originally is a conduit for other malware. You are chasing the tail and need to cut off the head. If you were my client with this issue I would reinstall windows and rebuilt the system software. This is the only way you will be sure to have a clean system.

s7zero7 · May 29, 2014

Dogsnake :

Right, we're taking the PC to a friend soon/a few days who is very experienced with this stuff who can probably do something about it, thanks.
In the meantime, do you suggest I not use my PC incase of personal information being stolen?

Dogsnake · May 29, 2014

If you are concerned about info. theft disconnect from the internet. If you need to create documents, print, listen to music, work with phots or whatever it will all be good as long as you are stand alone not connected to the outside world.

s7zero7 · May 29, 2014

Dogsnake :

Now I was looking through task manager and saw something, "cltmngsvc.exe" and found out it was a virus...I did everything to remove it. from what I know it is completely removed.
But please, make me sound like a retard, are them green underlined words linking me to ads FROM toms hardware, or is it a virus..?

Keeno99 · May 30, 2014

STEP1:

Press Ctrl+Alt+Del keys together and stop HackTool:Win64/Gendows virus processes in the Windows Task Manager.

STEP2:

Go to Folder Options from Control Panel. Under View tab, select Show hidden files and folders and uncheck Hide protected operating system files (Recommended), and then click OK. Remember to back up beforehand.

STEP3:

Press Windows+ R keys and search for regedit in Run. Delete associated files and registry entries related to HackTool:Win64/Gendows virus from your PC completely.

Run antivirus if you have one and then reboot. Hope this helps.

Help with virus removal (kind of a long story)

Reputable

Distinguished

Reputable

Distinguished

Distinguished

Reputable

Reputable

Distinguished

Reputable

Cybernaut

Reputable

Reputable

Reputable

Distinguished

Reputable

Distinguished

Reputable

Distinguished

Share this page