Well, the other night I discovered I had a malware issue that I couldn't get rid of. Avast! seemed to not pick up on it, my inbuilt windows protector kept finding it and was unable to be rid of it. I googled the issue, found a malware remover that was recommended by a number of websites and forums and reviews, and follows the instructions. It said it had successfully removed a bunch of malware and, as instructed, restarted my computer.

Now, my computer won't boot up. It does it's little DELL thing at the start with the loading bar, and then the black screen where usually I'd get some startup info appearing before the Vista sign and noise and logon ability. But instead of seeing info come up and then moving on to the logon, I just get a black screen with a flashing underscore in the top left...and nothing.

And I think some of the files marked as malware were in my system 32 folder or something :smallsigh: The original thing that sparked all this was Win32/Renos.FM.

Or it may have been .JM. I don't remember now :smallsigh:

Any advice? Am running system diagnostics now.

Edit: Disregard, I got it to run :D Leaving the thread open for a while though in case the file hasn't gone away and I still need advice. Thanks!

From searching Google, I get the impression that you might not be out of the woods yet.

Microsoft have it listed as a trojan that usually masquerades as either a video codec or a piece of antivirus software, and the viruslist thing is well out of date. Among other things, it downloads rogue antivirus software, and I also found a few horror stories about it successfully locking users out of real antivirus software.

You might want to make doubly sure that the malware remover you downloaded is everything it seems though. Could you provide a link and details of the web browser you used please?

I'd suggest making sure that it's not able to run (use your antivirus software and Windows Defender), run a full anti-virus scan (making sure that you have the latest definitions).

You might also want to contact Microsoft's tech support or another professional for advice.

In case an antivirus doesn't get that virus, then use HijackThis. Run a scan, check each and every entry and, if you don't know what it is, google it, and when you find the virus, delete it with HijackThis. Once you're done with that, disable system restore, restart the computer, and re-enable system restore.

If you don't disable the restore, once you restart the computer, the virus might re-install itself.

Of course, the most efficient method is the antivirus... but sometimes, no matter how up-to-date it is, it won't pick up on a few infections. That's when things like this have to get done.

(System Restore is in My PC properties, then advanced settings, then System Protection. THat's in Vista. In XP it was under My PC properties, but on a different tab.)

I would strongly advise against using HijackThis!

It builds a comprehensive list of every single thing it perceives as unhealthy about your system, and many entries tend to be things you don't actually need to fix.

Apparently, Avast! does have a correct database listing for Reno.JM, by the way, so your AV software may have been compromised.

You can test your antivirus software by opening Notepad, copy-pasting the EICAR test string (http://en.wikipedia.org/wiki/EICAR_test_file) into it, and saving the resulting file as eicar.com:


X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

All antivirus software is designed to react to the EICAR test string as if it was a virus (note that there may still be an issue if the antivirus software does respond to the test file).

You may wish to install AVG as a temporary solution (http://free.avg.com/gb-en/homepage), or even use the trial version of Kaspersky (http://www.kaspersky.com/trials), McAfee (http://home.mcafee.com/Store/Downloads.aspx).

NOTE: Make absolutely certain that you're on the right site. Get your web browser to scan the site to make sure it is authentic.

If it's a really catastrophic infection, then you might have to pop in a recovery disk and restore your files from backup.

I would strongly advise against using HijackThis!

It builds a comprehensive list of every single thing it perceives as unhealthy about your system, and many entries tend to be things you don't actually need to fix.



Err... no, it doesn't. It simply lists everything that it finds in the registry, not the unhealthy things. It lists everything. From drivers to startup programs. Everything. That's why I said... google the things it finds if you don't already know what it is, and when you find the virus delete only that.

On a healthy system, every entry should be something you don't need to fix at all.

I got it guys, don't worry. Malwareby, fully updated, got rid of it completely. Everything's running at a hundred percent capacity and nothing's picking up anything, and it's stopped redirecting my search results the way it was. Guess it's fixed :smallbiggrin:

Thanks anyways though.