Has anybody ever been able to totally eradicate this thing without a format? Picked this thing up a couple of days ago and it is driving me freaking bonkers. Have tried 4 or 5 different programs that all claim to be the best - and when the scan is run they all find something different. Malwarebytes seems to be the best of the bunch aside from ESET in finding. But after removal it just coming back. Have done several manual searches. Also have a tech ticket open with ESET on it.
This is my second infection ever - the last one years and years ago caused me to dump Nortons and go with NOD32 (ESET) and have never had a problem since.
So - anybody ever been able to clean this crap off and live to tell about it??
:-)
Ron
[Reply]
I have, not easy though. I believe I have the files needed at work. PM me tomorrow if you still need them.
[Reply]
madurolover 05:25 PM 01-21-2009
Try a free program called MalWareBytes. I have had several people with this infection and it has gotten rid of it for them. After you download it make sure you update and then do a quick scan.
[Reply]
GrumpyOleTroll 05:50 PM 01-21-2009
Originally Posted by madurolover:
Try a free program called MalWareBytes. I have had several people with this infection and it has gotten rid of it for them. After you download it make sure you update and then do a quick scan.
:-)
This is what I did and now I swear by MalWareBytes!!
It saved me from having to reformat.
Shawn
[Reply]
ChasDen 05:50 PM 01-21-2009
If its coming back after a reboot, it has a hidden installer.
Try the manual uninstall instructions here:
(
LINK )
Chas
[Reply]
SeanGAR 06:00 PM 01-21-2009
Are you doing the AV scans in safe mode?
Can you boot from DVD or from another HD?
Me, I'd boot from a Linux live cd remaster with an updated ClamAV, run a Win AV program in wine, or put the HD into another computer as nonboot disk and scan it with an installed and updated AV program after booting the second computer. Because the infected drive is not accessed on boot in this situation, the virus should be easier to eliminate.
Good luck.
[Reply]
Originally Posted by Volt:
I have, not easy though. I believe I have the files needed at work. PM me tomorrow if you still need them.
No doubt I will still need them. Much appreciated if you could send what you have.
Originally Posted by madurolover:
Try a free program called MalWareBytes.
Originally Posted by GrumpyOleTroll:
now I swear by MalWareBytes!!
Yep - as I mentioned I have already installed MalWareBytes. Still no dice -
Originally Posted by ChasDen:
If its coming back after a reboot, it has a hidden installer.
Try the manual uninstall instructions here:
Definitely has an installer lurking somewhere - already tired those directions.
Thanks,
Ron
[Reply]
Kreth 06:07 PM 01-21-2009
Originally Posted by SeanGAR:
Are you doing the AV scans in safe mode?
:-)
A lot of malware has a hidden installer. If you don't scan from safe mode, it will just keep reinstalling itself.
[Reply]
Originally Posted by SeanGAR:
Are you doing the AV scans in safe mode?
Can you boot from DVD or from another HD?
Me, I'd boot from a Linux live cd remaster with an updated ClamAV, run a Win AV program in wine, or put the HD into another computer as nonboot disk and scan it with an installed and updated AV program after booting the second computer. Because the infected drive is not accessed on boot in this situation, the virus should be easier to eliminate.
Good luck.
**** (crap) no - forgot about running in safe mode - doh. Normally I would just pull the drive and toss in another - problem is that I'm running a RAID - have 4 drives here.
I had planned on reformatting - just not yet. Wanting to build the new server to transfer media stuff over - and then go with a single drive and a dual boot with x64 and Linux.
I got to much stuff going on to have to deal with this mess right now -
Ron
[Reply]
The wifey picked it up on my cuter last week, I used Spyhunter to clear it.
[Reply]
dunng 07:46 PM 01-21-2009
Make sure you update Malwarebytes and scan all files... Also try running BitDefender online scanner...
:-)
[Reply]
That box is in safe mode right now and running the scan in full mode. We will see what happens. Fingers crossed -
Ron
[Reply]
lenguamor 12:24 AM 01-22-2009
Langod 08:50 AM 01-22-2009
It's a ***** to get rid of. It can be done, but takes some persistance.
The easiest way to get rid of it -- if you're running XP or Vista -- is with a System Restore. Obviously, you'll need to have some idea of when you were infected so you can pick a date previous to the infection.
[Reply]