Stubborn Virus
Results 1 to 6 of 6

Thread: Stubborn Virus

  1. #1
    Registered User
    Join Date
    Jun 2000
    Location
    Winfield, Alabama
    Posts
    507

    Stubborn Virus

    I have been removing viruses for several years and have only had 2 occurrences where I had to format the drive to solve the problem. A coworker of mine who has similar skills says that he has:
    • Ran System Restore
    • Ran s deep scan with Malwarebytes with System Restore turned off
    • Ran AVG, Avast, and SpyBot
    This has not helped. It is NOT Antivirus 2009 but does have similar messages. Any attempts to access antivirus sites are redirected. His last attempt to run System Restore produced a message saying, “That Will Not Help You!” Any attempts to print produce messages stating the printer is missing when it is clearly visible in Printers/Devices and set as the default. Some system tray icons are missing.

    I apologize for the lack of detailed info but was curious as to what else could be done to solve the problem. He is running XP Pro with SP3 and IE 8.

    Thank You!

    Jeff
    “If nothing changes, Nothing changes!”

  2. #2
    Registered User Niclo Iste's Avatar
    Join Date
    Oct 2007
    Location
    Pgh, PA
    Posts
    2,051
    Well the simplest infection I've removed that was missed by tools was an exe file hidden in the startup folder in the start menu, secondly you never mentioned using combofix, smitfraud, or vundofix. All of which you should try. In addition if those fail I could safely say it's a rootkit infector. This I would have to say you may need to research depending on the infector. The tools I use I don't know where to find online anymore and the names of the executables I have are not the actual names for the original programs.
    One Script to rule them all.
    One Script to find them.
    One Script to bring them all,
    and clean up after itself.

  3. #3
    Registered User slgrieb's Avatar
    Join Date
    Feb 2003
    Posts
    4,103
    Malwarebytes AntiMalware isn't designed to detect rootkits. AVG is trash. Spybot does a slightly better job against rootkits than MBM, but it isn't too good either. You really need to run ComboFix. Never download it from any site but bleepingcomputer.com. ComboFix will detect and eliminate most rootkits, but you always want to run it a minimum of twice. If you see the same rootkit, say TDSS3 detected on both passes, download and run Kaspersky's latest TDLKiller.

    Once you've eliminated any rootkits, rerun MBAM in full scan mode. MBAM is very good, but it is also sort of a one trick pony. Quick scan will detect most active malware, except for rootkits, but it won't find many of the changes to your networking files, leftover installers, etc. A full scan will find a lot of these, as will Spybot.

    Once this is all done, you should confirm that all your network settings are correct. That means verifying that you don't have any unexpected settings for a proxy server, default gateway, DNS server, hosts file, or trusted sites. Combofix will have deleted your hosts file if it found an infection, and I'd personally run Spybot's Immunize feature to create a new one. If there is any software on the machine that requires specific entries in the hosts file to connect to a site, you'll need to add these entries manually.
    Last edited by slgrieb; February 10th, 2011 at 07:35 PM.

  4. #4
    Registered User Niclo Iste's Avatar
    Join Date
    Oct 2007
    Location
    Pgh, PA
    Posts
    2,051
    yeah, what he said. I am curious as to why you have AVG and Avast on the system. This is always a good way to foul up a pc by having more than one antivirus at the same time on a PC. Stick with a good one and leave it, adding more because "one doesn't work anymore" is just going to make things worse, especially if there is an infector present.
    One Script to rule them all.
    One Script to find them.
    One Script to bring them all,
    and clean up after itself.

  5. #5
    Registered User MobilePCPhysician's Avatar
    Join Date
    Jan 2002
    Location
    Cleveland, Oh
    Posts
    2,384
    Lose both antivirus products, and download and install Microsoft Security Essentials/
    Sergeant WOTPP

  6. #6
    Registered User Ferrit's Avatar
    Join Date
    Apr 2001
    Location
    Vancouver Island The Real Canada
    Posts
    4,952
    Your dead wrong if you think using restore or leaving it active will let you clean this. Its hiding in the system restore, so turn it off and do the scanning in safemode.
    2 anti-viruses is just useless as they will conflict with each other, especially when they are as useless as those 2. Use what MobilePCPhysician said .
    Microsoft Security Essentials, if you can even install it.
    Last edited by Ferrit; February 11th, 2011 at 03:23 AM.
    Gigabyte 990FXA-UD3
    AMD FX 8350 4ghz OCTO-Core
    Windows 8.1 PRO 64
    Adata 256 gig SSD
    Kingston HyperX 1600 16 Gigs
    Sapphire R9 280 2gig
    Enermax Liberty Modular 620
    www.northernaurora.net
    http://www.northernaurora.net/page/chat.html

Similar Threads

  1. Win32/Cryptor virus need help how to delete it for good
    By JonDaviS in forum Spyware & Antivirus - Security
    Replies: 2
    Last Post: January 13th, 2010, 07:41 PM
  2. virus in my registry kills me after i format
    By xacebop in forum Spyware & Antivirus - Security
    Replies: 21
    Last Post: April 8th, 2008, 04:45 PM
  3. Warn'ing about email from ebay.......virus
    By GrandDad in forum Spyware & Antivirus - Security
    Replies: 1
    Last Post: October 27th, 2004, 07:23 AM
  4. Outlook Express virus protection?
    By Froghead in forum Spyware & Antivirus - Security
    Replies: 4
    Last Post: January 14th, 2003, 02:55 AM
  5. I love you virus
    By Danrak in forum Tech-To-Tech
    Replies: 21
    Last Post: May 12th, 2000, 07:18 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •