-
February 9th, 2011, 11:33 AM
#1
Stubborn Virus
I have been removing viruses for several years and have only had 2 occurrences where I had to format the drive to solve the problem. A coworker of mine who has similar skills says that he has:
Ran System Restore
Ran s deep scan with Malwarebytes with System Restore turned off
Ran AVG, Avast, and SpyBot
This has not helped. It is NOT Antivirus 2009 but does have similar messages. Any attempts to access antivirus sites are redirected. His last attempt to run System Restore produced a message saying, That Will Not Help You! Any attempts to print produce messages stating the printer is missing when it is clearly visible in Printers/Devices and set as the default. Some system tray icons are missing.
I apologize for the lack of detailed info but was curious as to what else could be done to solve the problem. He is running XP Pro with SP3 and IE 8.
Thank You!
Jeff
If nothing changes, Nothing changes!
-
February 9th, 2011, 11:52 AM
#2
Registered User
Well the simplest infection I've removed that was missed by tools was an exe file hidden in the startup folder in the start menu, secondly you never mentioned using combofix, smitfraud, or vundofix. All of which you should try. In addition if those fail I could safely say it's a rootkit infector. This I would have to say you may need to research depending on the infector. The tools I use I don't know where to find online anymore and the names of the executables I have are not the actual names for the original programs.
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
-
February 10th, 2011, 07:31 PM
#3
Registered User
Malwarebytes AntiMalware isn't designed to detect rootkits. AVG is trash. Spybot does a slightly better job against rootkits than MBM, but it isn't too good either. You really need to run ComboFix. Never download it from any site but bleepingcomputer.com. ComboFix will detect and eliminate most rootkits, but you always want to run it a minimum of twice. If you see the same rootkit, say TDSS3 detected on both passes, download and run Kaspersky's latest TDLKiller.
Once you've eliminated any rootkits, rerun MBAM in full scan mode. MBAM is very good, but it is also sort of a one trick pony. Quick scan will detect most active malware, except for rootkits, but it won't find many of the changes to your networking files, leftover installers, etc. A full scan will find a lot of these, as will Spybot.
Once this is all done, you should confirm that all your network settings are correct. That means verifying that you don't have any unexpected settings for a proxy server, default gateway, DNS server, hosts file, or trusted sites. Combofix will have deleted your hosts file if it found an infection, and I'd personally run Spybot's Immunize feature to create a new one. If there is any software on the machine that requires specific entries in the hosts file to connect to a site, you'll need to add these entries manually.
Last edited by slgrieb; February 10th, 2011 at 07:35 PM.
-
February 10th, 2011, 07:39 PM
#4
Registered User
yeah, what he said. I am curious as to why you have AVG and Avast on the system. This is always a good way to foul up a pc by having more than one antivirus at the same time on a PC. Stick with a good one and leave it, adding more because "one doesn't work anymore" is just going to make things worse, especially if there is an infector present.
One Script to rule them all.
One Script to find them.
One Script to bring them all,
and clean up after itself.
-
February 10th, 2011, 10:22 PM
#5
Registered User
Lose both antivirus products, and download and install Microsoft Security Essentials/
Sergeant WOTPP
-
February 11th, 2011, 03:12 AM
#6
Registered User
Your dead wrong if you think using restore or leaving it active will let you clean this. Its hiding in the system restore, so turn it off and do the scanning in safemode.
2 anti-viruses is just useless as they will conflict with each other, especially when they are as useless as those 2. Use what MobilePCPhysician said .
Microsoft Security Essentials, if you can even install it.
Last edited by Ferrit; February 11th, 2011 at 03:23 AM.
Similar Threads
-
By JonDaviS in forum Spyware & Antivirus - Security
Replies: 2
Last Post: January 13th, 2010, 07:41 PM
-
By xacebop in forum Spyware & Antivirus - Security
Replies: 21
Last Post: April 8th, 2008, 04:45 PM
-
By GrandDad in forum Spyware & Antivirus - Security
Replies: 1
Last Post: October 27th, 2004, 07:23 AM
-
By Froghead in forum Spyware & Antivirus - Security
Replies: 4
Last Post: January 14th, 2003, 02:55 AM
-
By Danrak in forum Tech-To-Tech
Replies: 21
Last Post: May 12th, 2000, 07:18 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks