Trojan virus help - has it gone to my BIOS?

[agiaba]

Hello,
I need help! I will try to be as clar as possible:
1.) I opened a bad .exe file and got about 41 viruses (Trojans and worms).
2.) Tried to remove them to no avail, so did a complete restore to factory settings.
3.) The computer works a little better, but loads up slowly, IE often freezes a few seconds after opening page, can't uninstall certain progs, and mainly: the 'insides' (sorry I am not techy), to the right of the laptop under the DVD drive make 'working' noises every few mins (this never happened before).

Could this be BIOS virus? Should I reset it by removing CMOS battery? The laptop does not run the same before the virus hit, despite the factory settings restore.

LAPTOP SPECS - HP G62 Notebook, Windows 7 Home Premium 64-bit, 3GB RAM (I think, maybe 4), bought 3 months ago.

Any help would be greatly appreciated!

 

[T_T]

While it is possible for a virus to infect your BIOS, it is extremely unlikely. With that being said, I believe a more common explanation could be attributed to what you are now experiencing. Laptops produce less heat because they use less energy; however, because laptops only have ventilation at the bottom, they retain more heat than tower-based PCs.

During your complete restore, you had to reformat the hard drive and reinstall the factory settings, including the OS. This takes a lot of time. Keep in mind, I"m not accusing you, rather, I'm just suggesting an alternative to an infected BIOS. During the restore process, your laptop may not have been adequately removing heat. This heat could have damaged your laptop just enough to make it run slower. By the way, HP laptops are well-known to run hotter than most other brands.

Because the laptop is still very new, I strongly advise against removing anything to continue troubleshooting. I would contact HP to let them know about the performance problem. HP laptops and touchscreen systems are notorious for declining in performance and becoming inoperative within days of warranty expiration; and HP is notorious for finding ways to prove your warranty expires weeks before you would "think" it should, so letting them know now will only benefit you. What you do after talking to the tech support depends on what they tell you.

 

[mary221]

Agiaba, what antivirus you used to remove the malwares?
There is no need to go to factory settings in BIOS. As T_T pointed out, there is so little possibility that you got a BIOS virus.

I think by doing the factory settings you did something unappropriated for your configuration.

First, let's get rid of the viruses.

Strange noise could be the a fan full of dust or hard disk ( which is a bad news ). Make sure your hard disk drive temperature is bellow 50 Celsius degrees. A excellent value will be 35.
I

 

[reprotected]

When you say Factory Settings, do you mean you reformatted and clean installed Windows or did you System Restore? If you reformatted or clean installed Windows, you should have no problems, but if you System Restored, I recommend you scan your computer with MalwareBytes AntiMalware, remove any threats, or get support from the BleepingComputer/MalwareBytes community.

 

[davcon]

Run Rkill or TDDS Killer in safemode.
http://www.bleepingcomputer.com/download/anti-virus/rkill
http://support.kaspersky.com/faq/?qid=208283363
Also as suggested Malwarebytes updated and full scan in safemode.
Get a reliable Anti-virus like AVIRA,AVAST,or MSE and scan stuff before opening.
I scan pretty much everything i download with MSE and Malwarebytes before opening.
Haven't had a virus in a couple of years.

 

[johnmathew395]

Disable the System Restore feature on your computer. If this is still turned on, the system will restore any deleted files, including those infected by the Trojan horse. This can be done by going into the My Computer file and looking for the Performance option. Then select File System, Troubleshooting and Disable System Restore.

Turn on the computer and run it in safe mode. Restart the computer and when the words begin appearing on the screen, press the F8 key. This takes you to a new screen, where you'll select the safe mode option. Let the computer start as it regularly would before you continue.
Go into the Control Panel by clicking on the "Start" button at the bottom left-hand side of the screen and looking for the Control Panel.

Select the Add or Remove Programs icon. The computer should then show a list of all programs existing on your system.

Look for programs that include Spyware or adware on your computer and select the Remove program option. Many users have found it helpful to look for programs that they didn't install and those that were installed when they downloaded a game or other program onto their computer.

Open the Windows System folder and delete all files that include the Trojan virus extension. Go through the list twice to make sure you removed all virus files. Then restart the computer in normal mode and check the folder again. If all the files are gone, you'll be ready to move on. If there is any remaining, remove them and restart the computer.

 

[ojuliusg]

I would like to add to this tread. I have the system restore virus. I went as far as removing the drive, reformatting and swapping another unused hard drive into that computer. The reformatted hard drive is now being used in another computer with no issues. The computer with the new hard drive that originally had the infection was rebuilt and surprise, the infection is back. It has to be in bios. There are no other drives with in the computer and no mapped network drives as of being rebuilt. No other computer seems to have the infection. I'll flash bios and rebuilt once more. It does seem that the system restore virus has the capability in optimum conditions to flash itself in a chip set or other PROM.

If you have this virus, don't bother fighting it with tools. Nothing seems effective. Rebuild and FLASH Bios to the latest version based on your manufacturer. I fight infections like these every day, and this one seems to be quite resistant to AV.