Trend Chipaway Virus keeps coming back

Hello experts.  I have a PC in a domain running XP Pro that became infected with the Trend Chipaway virus.  We get the big red screen that tells us that we can either press OK to continue or Cancel.  We removed the hard drive and ran a scan on it using Kaspersky, which found the virus and cleaned it.  All was well for several weeks, then the virus returned.  We did the same and it was gone for only two days and returned again.  No one else on the network is getting this virus.  The network is protected with Trend Micro Worry Free Advanced.  The server is SBS 2003 and using Exchange (2003) for email.  How is this old virus getting onto this PC? Where is it coming from?  We're currently scanning all PC's and server including Exchange database.  Any ideas??
jhuntiiAsked:
Who is Participating?
 
Tyler LaczkoConnect With a Mentor Commented:
Here are the steps to remove the virus.

boot to safe mode
login as administrator
disable system restore (viruses can be saved in the restore points and come back)
run malware bytes
run ccleaner
run antivirus (i recommend anti-vir)


0
 
optomaConnect With a Mentor Commented:
Viruses in system restore(if present), wont surface unless that restore point is used to go back to so no need as of yet to remove restore points :)

Run TdssKiller and Hitmanpro.
http://support.kaspersky.com/viruses/solutions?qid=208280684
http://www.surfright.nl/en/hitmanpro

If still having issue run Combofix and post log here
http://www.bleepingcomputer.com/combofix/how-to-use-combofix


0
 
jhuntiiAuthor Commented:
Thank you both very much.  I disabled system restore (for now) and used the kaspersky cleaner, pluls Malwarebytes and that seems to have done the trick.  Thanks again.  :)
0
 
jhuntiiAuthor Commented:
Thanks again.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.