Hello,


I think my computer has a virus because it has been running insanely slow and the cpu usage is constantly around 70% and up. I did a Symantec AV full system scan and discovered a hidden complete folder with several zip files. When running the scan it said on each file it had the W32.alcra.F virus and it deleted each one(It took like 2 days). Even though the virus is no longer on detected on the scan(I did another one) it still shows these files still exist and my computer is still running slow and has high cpu usage.

I searched google for the same problem and apparently it is a common virus from limewire, but the explanations all deal with XP and I am running Vista, and some of the shit they did to fix the problem isnt compatible with Vista.

Anyone have any suggestions on what I should do or how I can fix this problem. I can post a HJT log if it helps.

Thanks

3/14/2007 10:13:36 AM

format c:\

3/14/2007 10:28:53 AM

Back up to CD any files that you really care about. Format your computer and reinstall everything from scratch. Reformatting is generally a faster and more effective solution than going through the commonly long and tedious process of removing virii and spyware.

3/14/2007 10:37:07 AM

1 - run lots of anti-virus and anti-spyware programs (some good free ones: grisoft AVG, PC tools AV, spybot, ad-aware)
2 - RUN THEM IM SAFE MODE
3 - post your HJT log at http://www.hijackthis.de (automated website; instant recommendations)

3/14/2007 10:39:16 AM

get Process Explorer from here http://www.microsoft.com/technet/sysinternals/utilities/ProcessExplorer.mspx and look for any suspicious processes running, especially any that are hitting 100% CPU usage constantly.

It will also let you kill any process easily, but use with caution because you can crash windows if you kill the wrong process

3/14/2007 10:42:55 AM

If I really dont care too much for the files on my computer is reformatting the best and easiest way for me to get rid of the virus?

[Edited on March 14, 2007 at 10:45 AM. Reason : Thanks for all the responses.]

3/14/2007 10:45:07 AM

yes

3/14/2007 10:49:05 AM

Quote :

"is reformatting the best and easiest way for me to get rid of the virus"

yes

3/14/2007 12:34:59 PM

Before you do any scans (virus or spyware) be sure to turn off your System Restore. Once you have turned off system restore be sure to update all your virus and spyware definitions. Then, reboot into Safe Mode and run the virus scan and spyware scans.

If that doesn't work then go ahead and format it - that will definitely take care of the problem.

3/14/2007 1:29:13 PM

Quote :

"yes"

3/14/2007 1:58:03 PM

There are a lot of tutorials on how to format and reinstall a computer out there. I would have a laptop or second non-infected computer available in case something unexpected happens while you are doing it.

3/14/2007 5:05:40 PM

one method is to check your system processes, which works pretty well many times (although some are completely hidden which i don't understand at all)

1. press ctrl+alt+del
2. click on system process
3. look at the image name column. anything you don't know what it is or if it looks suspicious, google the name (e.g. type rundll32.exe into google. although that one is not a virus). there may even be something like alcra.exe or something that just stands out that is the virus. google will tell you if it is a virus or not (normally the first google result will).
4. if you find one that is a virus, first end the system process (click on that row and click end process)
5. then hit the windows start button, go to search, then go to for files or folders
6. Click on All files and folders
7. search for the system process you just ended (e.g. type "rundll32.exe" into the search if that was the virus)
8. delete any files that come up matching that file you just searched.

3/17/2007 2:17:50 PM

Quote :

"look at the image name column. anything you don't know what it is or if it looks suspicious, google the name (e.g. type rundll32.exe into google. although that one is not a virus). there may even be something like alcra.exe or something that just stands out that is the virus. google will tell you if it is a virus or not (normally the first google result will)."

Viruses will often disable valid system processes and then run as a process with the same name. Googling process names is only marginally helpful.

3/17/2007 7:27:04 PM