Gav
March 12th, 2004, 11:37 AM
Hi all,
Win Xp Home - completely updated
P4 2.4Ghz
Broadband connection
EZ Armor suite - Firewall (Zonealarm pro rebadged) and Antivirus.
No other significant apps, as Recovery CD was only used a few days ago.
I am trying to clear what I am convinced is a virus infection from a friends PC, yet both Trend Micros Online Virus scan and EZ Antivirus dont pick up a thing. If I run REGEDIT, MSCONFIG or the EZ Antivirus they shutdown within a few seconds. I managed to rename REGEDIT and remove a reference to EXPLORER.EXE (agobot, i think) but something still kills the required apps after a re-start. I have scanned the entire PC in Safemode with all the settings in EZ Antivirus on so that any infected files it can't clean are wiped out but it finds nothing. I also scanned it in Safemode with the online scanner with no luck.
Another symptom is that in Task Manager, the CPU utilisation is 100% all the time and never dips. I found 2 x Explorer.exe's running, and End Tasked the higher utilisation one which seemed to do nothing. There was also several SVCHOST's running, one of which was at 50-60% - when I End Tasked this, the CPU dropped to the more usual 8-20%.
I ran Spybot and Ad-aware which produced few results, all of which were corrected.
Has anyone got any idea what this could be - the symptoms are mixed and could be any number of virus's.
He has recently restored XP but I believe he went online before he had updated XP and installed a firewall/anti virus. A "complete wipe out and re-install" is impossible because his XP cd is only a recovery version (nasty store bought thing).
Is a DOS based scan the next thing to try?
Oh, another thing worth mentioning is that the friend lives 200 miles away, I do all this through Remote Assistance as he is not exactly knowledgeable around Pc's.
Any help or ideas would be VERY welcome!!
Gav
Win Xp Home - completely updated
P4 2.4Ghz
Broadband connection
EZ Armor suite - Firewall (Zonealarm pro rebadged) and Antivirus.
No other significant apps, as Recovery CD was only used a few days ago.
I am trying to clear what I am convinced is a virus infection from a friends PC, yet both Trend Micros Online Virus scan and EZ Antivirus dont pick up a thing. If I run REGEDIT, MSCONFIG or the EZ Antivirus they shutdown within a few seconds. I managed to rename REGEDIT and remove a reference to EXPLORER.EXE (agobot, i think) but something still kills the required apps after a re-start. I have scanned the entire PC in Safemode with all the settings in EZ Antivirus on so that any infected files it can't clean are wiped out but it finds nothing. I also scanned it in Safemode with the online scanner with no luck.
Another symptom is that in Task Manager, the CPU utilisation is 100% all the time and never dips. I found 2 x Explorer.exe's running, and End Tasked the higher utilisation one which seemed to do nothing. There was also several SVCHOST's running, one of which was at 50-60% - when I End Tasked this, the CPU dropped to the more usual 8-20%.
I ran Spybot and Ad-aware which produced few results, all of which were corrected.
Has anyone got any idea what this could be - the symptoms are mixed and could be any number of virus's.
He has recently restored XP but I believe he went online before he had updated XP and installed a firewall/anti virus. A "complete wipe out and re-install" is impossible because his XP cd is only a recovery version (nasty store bought thing).
Is a DOS based scan the next thing to try?
Oh, another thing worth mentioning is that the friend lives 200 miles away, I do all this through Remote Assistance as he is not exactly knowledgeable around Pc's.
Any help or ideas would be VERY welcome!!
Gav