Vista machine virus infection
On a HP running Vista can not get the processor to run at less then 100% most of the time.
I have cleaned with JRT, ADWCleaner, Combofix 2 times. Have removed significant amounts of malware and rootkits. But it still runs at 75 to 100% when idle. Removed several unused/junk programs.
Have used Process Explorer to try to isolate the problem, but no clues there.
This does have an old copy of CA antivirus that I can not get uninstalled. I want to run a new av but want to uninstall CA first.
Two problems: processor running 100% of time and removing CA.
I have cleaned with JRT, ADWCleaner, Combofix 2 times. Have removed significant amounts of malware and rootkits. But it still runs at 75 to 100% when idle. Removed several unused/junk programs.
Have used Process Explorer to try to isolate the problem, but no clues there.
This does have an old copy of CA antivirus that I can not get uninstalled. I want to run a new av but want to uninstall CA first.
Two problems: processor running 100% of time and removing CA.
Use the CA Antivirus – Step-by-Step Removal Guide:
http://maxuninstaller.com/howtouninstallguides/how-to-uninstall-ca-antivirus/
http://maxuninstaller.com/howtouninstallguides/how-to-uninstall-ca-antivirus/
Hello DwEckert,
Could you please post the last Combofix logs from the C:\ drive?
It seems there are some infection which need manual removal.
Sudeep
Could you please post the last Combofix logs from the C:\ drive?
It seems there are some infection which need manual removal.
Sudeep
You could follow the steps in my article which usually cleans up most infections
https://www.experts-exchange.com/Security/Vulnerabilities/A_12285-Virus-Removal-Methods.html
https://www.experts-exchange.com/Security/Vulnerabilities/A_12285-Virus-Removal-Methods.html
ASKER
Sudeep
I have run Combofix 2 times. The first had a large number of files removed. The second, not so many. The second Combofix took about 4 hours. I'm posting both.
combofix.txt
I have run Combofix 2 times. The first had a large number of files removed. The second, not so many. The second Combofix took about 4 hours. I'm posting both.
combofix.txt
ASKER
ihasham
I've installed Malwarebytes hundreds of times. This time it installed OK but would not start. I deleted and reinstalled and no start. I ran RKill first and tried Malwarebytes in Safe Mode and still would not start. Any suggestions?
Dan
I've installed Malwarebytes hundreds of times. This time it installed OK but would not start. I deleted and reinstalled and no start. I ran RKill first and tried Malwarebytes in Safe Mode and still would not start. Any suggestions?
Dan
If MalwareBytes is not working, use the worse one, HiJackThis! which should allow you to clear whatever you want... Use it with caution!
Your last Combofix logs suggests that you are still infected. So here is what you need to do.
Scan the system with the tools mentioned below and in the sequence they are mentioned and post the logs
Make sure you DO NOT REBOOT the system after running tools in point 1 & 2.
1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller
I would also recommend you to go through the articles from Younghv and RPG for the links of the tools and for the future reference
Basic Malware Troubleshooting
https://www.experts-exchange.com/A_1940.html
Rogue-Killer-What-a-great-
https://www.experts-exchange.com/A_4922.html
Stop-the-Bleeding-First-Ai
https://www.experts-exchange.com/A_5124.html
Run MalwareBytes in Quick Mode and if that required reboot, then reboot the system and run tools mentioned in point 1 and 2 but this time run MalwareBytes in Full Systen Scan.
So in your next reply post the RogueKiller logs, MBAM logs and TDSSKIller Logs
Sudeep
Scan the system with the tools mentioned below and in the sequence they are mentioned and post the logs
Make sure you DO NOT REBOOT the system after running tools in point 1 & 2.
1. RogueKiller/TheKiller
2. MalwareBytes
3. TDSSKIller
I would also recommend you to go through the articles from Younghv and RPG for the links of the tools and for the future reference
Basic Malware Troubleshooting
https://www.experts-exchange.com/A_1940.html
Rogue-Killer-What-a-great-
https://www.experts-exchange.com/A_4922.html
Stop-the-Bleeding-First-Ai
https://www.experts-exchange.com/A_5124.html
Run MalwareBytes in Quick Mode and if that required reboot, then reboot the system and run tools mentioned in point 1 and 2 but this time run MalwareBytes in Full Systen Scan.
So in your next reply post the RogueKiller logs, MBAM logs and TDSSKIller Logs
Sudeep
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
nobus
None of the tools was doing any good and had not had a response for 24 hours from EE so I went ahead and started the HP fresh install.
Will let you know if that fixes the problem.
Dan
None of the tools was doing any good and had not had a response for 24 hours from EE so I went ahead and started the HP fresh install.
Will let you know if that fixes the problem.
Dan
i suppose you deleted the partition(s) before reinstalling? then it will eliminate all problems
Theoretically HP recovery partition is a disk partition that can be infected by malware...
Check right after while service pack is spinning...
Check right after while service pack is spinning...
ASKER
None of the malware cleaning tools was making much of a difference. Your "fresh install" suggestion was the final step I was trying to avoid, but it cleared the problems. The only problem was the extensive updating to get current. Couldn't talk him into a new one. I gave that old Vista a new life.
i suggest making an image, after the pc is up to date; that way you can restore it much faster.
you can use the free Paragon B&R : http://www.paragon-software.com/free/
you can use the free Paragon B&R : http://www.paragon-software.com/free/
install emet from microsoft in addition to common security tools. it clears blush from vistas face...
a. Run Malwarebytes Antimalware (www.mbam.org)
b. Remove any unwanted toolbars / software on the system please.