Solved

Issue removing virus/malware

Posted on 2012-03-22
12
542 Views
Last Modified: 2013-11-22
I just ran rougekiller, tdss killer, malwarebytes, super anti-spyware and I can't seem to get this virus/malware out of an XP Pro SP3 computer.  Although all did come with some type of virus/malware, I cleaned and deleted each one, but no success.  I'm attempting to run Combofix now, but I'm almost possitive that this will also not be sufficient as well.

Any ideas?

The pc just keeps on hanging both online and while clicking from one folder to another.  I also verified that no other, than normal processes are running.
0
Comment
Question by:vulture71
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +4
12 Comments
 
LVL 9

Expert Comment

by:joshbula
ID: 37754286
Backup the documents/data, format it and do a clean windows install.  It's the only way you know for 100% sure you'll get it all.
0
 
LVL 1

Expert Comment

by:MetMc
ID: 37754295
Do you know any details of the virus/malware?  Is it popping up with a fake antivirus?  Need a little bit more detail.
0
 
LVL 7

Expert Comment

by:frajico
ID: 37754299
Boot the PC from any BOOT/Recue CD like:

Kasperky Rescue CD 10
AVG Rescue CD
Microsoft Defende Offline CD (Microsoft SpySweeper MSSS_Media32.iso or mssstool32.exe)
Panda Security Recue CD

TO analyse and disinfect the HDD and OS without loading any virus/malware
0
Upcoming Webinar: Securing your MySQL/MariaDB data

Join Percona’s Chief Evangelist, Colin Charles as he presents Securing your MySQL®/MariaDB® data on Tuesday, July 11, 2017 at 7:00 am PDT / 10:00 am EDT (UTC-7).

 
LVL 1

Expert Comment

by:MetMc
ID: 37754304
Clean install is typically the best solution, but it is not always the optimal solution depending on the critical nature of the programs installed on the computer and how much difficulty will be involved in reinstalling them.
0
 
LVL 38

Expert Comment

by:younghv
ID: 37754469
If you will post the logs from all of the scanners you used, it will help us better understand what you are dealing with.
0
 
LVL 9

Expert Comment

by:joshbula
ID: 37754693
It has been my experience that by the time I ran every anti-malware scanner, created and ran boot disks, searched for what the scanners found and tried those solutions from blogs or forum posts, registry edits, removed services, etc... I ended up spending more time trying to clean it that I would have spent doing a backup, format, and clean re-install of everything, including obscure and hard-to-install software.  

I've learned the hard way that a format and clean install is the most efficient way to get rid of malware, and the only way to make sure it's completely clean.
0
 
LVL 14

Expert Comment

by:shahzoor
ID: 37755234
Take out the harddrive
Connect it to a different computer via usb
Make sure its a healthy computer wit latest antivirus and must be a different antivirus than what you are using
Perform a deep scan operation on the harddrive
Further run a disk check as well
I am sure it will remove all viruses + malware etc :)
0
 
LVL 38

Expert Comment

by:younghv
ID: 37755263
shahzoor - the old technique of "Slaving" a hard drive for a scan is not effective against current malware variants. The system needs to be booted to the Windows OS to identify and clean the malware.

Additionally, "Slave Scans" can erroneously delete critical system files without the Windows File Protection service running. A sure way to cause a BSOD.

Read more details here: Malware Fighting – Best Practices
0
 
LVL 5

Expert Comment

by:9660kel
ID: 37759468
Knowing what rogue killer found would be very helpful in moving this further, if you could post the log file, that would be great.
0
 

Author Comment

by:vulture71
ID: 37763952
Sorry guys,

I just ended up starting from scratch.  Thanks for all your help.
0
 
LVL 5

Expert Comment

by:9660kel
ID: 37764036
I guess we'll never know if it was a 15 minute fix or not then.
0
 
LVL 38

Accepted Solution

by:
younghv earned 500 total points
ID: 37765180
vulture71,
I see that you are a brand new member here on EE, so please take the time to learn how to ask (and manage) the questions you post.

More details here:
http://www.experts-exchange.com/help/viewHelpCategory.jsp?helpCategoryID=3 and
http://www.experts-exchange.com/help/viewHelpPage.jsp?helpPageID=13

At this point you have asked 14 questions, abandoned (at least) 2, and never did have the courtesy to respond to any of the volunteers who tried to help you with this malware problem.

In case you haven't figured it out yet, the Experts (all volunteers) here on EE are some pretty smart people. When you continually ignore their efforts, some will decide to return the favor.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
We take a look at some of the most common obstacles that IT teams run into as they work relentlessly to keep all the alarms and sirens from going off at once.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question