?
Solved

Issue removing virus/malware

Posted on 2012-03-22
12
Medium Priority
?
543 Views
Last Modified: 2013-11-22
I just ran rougekiller, tdss killer, malwarebytes, super anti-spyware and I can't seem to get this virus/malware out of an XP Pro SP3 computer.  Although all did come with some type of virus/malware, I cleaned and deleted each one, but no success.  I'm attempting to run Combofix now, but I'm almost possitive that this will also not be sufficient as well.

Any ideas?

The pc just keeps on hanging both online and while clicking from one folder to another.  I also verified that no other, than normal processes are running.
0
Comment
Question by:vulture71
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +4
12 Comments
 
LVL 9

Expert Comment

by:joshbula
ID: 37754286
Backup the documents/data, format it and do a clean windows install.  It's the only way you know for 100% sure you'll get it all.
0
 
LVL 1

Expert Comment

by:MetMc
ID: 37754295
Do you know any details of the virus/malware?  Is it popping up with a fake antivirus?  Need a little bit more detail.
0
 
LVL 7

Expert Comment

by:frajico
ID: 37754299
Boot the PC from any BOOT/Recue CD like:

Kasperky Rescue CD 10
AVG Rescue CD
Microsoft Defende Offline CD (Microsoft SpySweeper MSSS_Media32.iso or mssstool32.exe)
Panda Security Recue CD

TO analyse and disinfect the HDD and OS without loading any virus/malware
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 
LVL 1

Expert Comment

by:MetMc
ID: 37754304
Clean install is typically the best solution, but it is not always the optimal solution depending on the critical nature of the programs installed on the computer and how much difficulty will be involved in reinstalling them.
0
 
LVL 38

Expert Comment

by:younghv
ID: 37754469
If you will post the logs from all of the scanners you used, it will help us better understand what you are dealing with.
0
 
LVL 9

Expert Comment

by:joshbula
ID: 37754693
It has been my experience that by the time I ran every anti-malware scanner, created and ran boot disks, searched for what the scanners found and tried those solutions from blogs or forum posts, registry edits, removed services, etc... I ended up spending more time trying to clean it that I would have spent doing a backup, format, and clean re-install of everything, including obscure and hard-to-install software.  

I've learned the hard way that a format and clean install is the most efficient way to get rid of malware, and the only way to make sure it's completely clean.
0
 
LVL 14

Expert Comment

by:shahzoor
ID: 37755234
Take out the harddrive
Connect it to a different computer via usb
Make sure its a healthy computer wit latest antivirus and must be a different antivirus than what you are using
Perform a deep scan operation on the harddrive
Further run a disk check as well
I am sure it will remove all viruses + malware etc :)
0
 
LVL 38

Expert Comment

by:younghv
ID: 37755263
shahzoor - the old technique of "Slaving" a hard drive for a scan is not effective against current malware variants. The system needs to be booted to the Windows OS to identify and clean the malware.

Additionally, "Slave Scans" can erroneously delete critical system files without the Windows File Protection service running. A sure way to cause a BSOD.

Read more details here: Malware Fighting – Best Practices
0
 
LVL 5

Expert Comment

by:9660kel
ID: 37759468
Knowing what rogue killer found would be very helpful in moving this further, if you could post the log file, that would be great.
0
 

Author Comment

by:vulture71
ID: 37763952
Sorry guys,

I just ended up starting from scratch.  Thanks for all your help.
0
 
LVL 5

Expert Comment

by:9660kel
ID: 37764036
I guess we'll never know if it was a 15 minute fix or not then.
0
 
LVL 38

Accepted Solution

by:
younghv earned 2000 total points
ID: 37765180
vulture71,
I see that you are a brand new member here on EE, so please take the time to learn how to ask (and manage) the questions you post.

More details here:
http://www.experts-exchange.com/help/viewHelpCategory.jsp?helpCategoryID=3 and
http://www.experts-exchange.com/help/viewHelpPage.jsp?helpPageID=13

At this point you have asked 14 questions, abandoned (at least) 2, and never did have the courtesy to respond to any of the volunteers who tried to help you with this malware problem.

In case you haven't figured it out yet, the Experts (all volunteers) here on EE are some pretty smart people. When you continually ignore their efforts, some will decide to return the favor.
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A look at what happened in the Verizon cloud breach.
In this blog, we’ll look at how improvements to Percona XtraDB Cluster improved IST performance.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question