Virus! Peernet?

P

Paul Moloney

Argh, I feel like a n00b. While trying to fix a wireless connection
problem, I must have left my machine wide open to attack. First I knew
of it, it slows down, and a red "Infected" icon appeared in my task
bar.

I disconnected the internet connection and rebooted. Windows Explorer
refuses to start and, when I tried to start it from the Task Manager,
it immediates dies/is killed.

Using the command line, I ran AVG anti-virus - it found one file
infected, but I don't think it was to do with the problem. When I
rebooted, same problem as above.

I tried a repair installation. No luck, Explorer _still_ dies.

I looked at my Windows directory to see if there was anything obvious
added there. There was a new directory in there called PeerNet, which
didn't ring a bell. Doing a google says something about printer
drivers, it's a product I definitely haven't installed. Anyone know if
it might be the problem? Any idea how to resurrect Explorer at least?

Thanks,

P.



--
-pm

http://oceanclub.blogspot.com

"I was raised in the Jewish tradition, taught never to marry a
Gentile woman, shave on a Saturday night and, most especially,
never to shave a Gentile woman on a Saturday night."
 
M

Malke

Paul said:
Argh, I feel like a n00b. While trying to fix a wireless connection
problem, I must have left my machine wide open to attack. First I knew
of it, it slows down, and a red "Infected" icon appeared in my task
bar.

I disconnected the internet connection and rebooted. Windows Explorer
refuses to start and, when I tried to start it from the Task Manager,
it immediates dies/is killed.

Using the command line, I ran AVG anti-virus - it found one file
infected, but I don't think it was to do with the problem. When I
rebooted, same problem as above.

I tried a repair installation. No luck, Explorer _still_ dies.

I looked at my Windows directory to see if there was anything obvious
added there. There was a new directory in there called PeerNet, which
didn't ring a bell. Doing a google says something about printer
drivers, it's a product I definitely haven't installed. Anyone know if
it might be the problem? Any idea how to resurrect Explorer at least?
Click to expand...
I've seen Peernet on lots of clean machines so I don't think that's your
problem. I'm guessing that "trying to fix" meant you disabled your av
and firewall.

You can start by scanning for viruses with either Sysclean (see link
below) or Dave Lipman's Multi-AV. Then continue cleaning with the
non-viral malware removal steps on my website. Make sure you follow the
directions to disconnect the machine from all networks. If you have
more than one machine (it sounds like you do), it would be smart to run
scans on all machines. Don't bring up the network until you know all
the machines are clean.

http://www.elephantboycomputers.com/page2.html#Removing_Malware
http://www.ik-cs.com/multi-av.htm - Dave Lipman's Multi-AV

Malke
 
O

oceanclub

I've performed a number of scans/cleans from the command line now with
multiple tools, including:

* F-Proc
* Spy Sweeper
* Ad Aware
* Spybot
* AVG command line
* CoolWebSearch Shredder

All in all, the following were found:

* CoolWebSearch
* cws_tiny0
* alyon

However, even when I do an XP repair, I still find that Windows
Explorer
closes when I try to run it.

Visually scanning the Windows directory, I've just found two files
that no spyware/virus
scanner picked up on:

* mssearchnet.exe -
http://www.liutilities.com/products/wintaskspro/processlibrary/mssearchnet/
* nvctrl.exe -
http://www.liutilities.com/products/wintaskspro/processlibrary/nvctrl/

Not sure why none of the scanners used missed these. I deleted it, but
Explorer still doesn't start up. Looks like I'm going to have to do a
full reinstall.

Any idea why none of the scanners I used picked up on the above files?

P.
 
A

Art

I've performed a number of scans/cleans from the command line now with
multiple tools, including:

* F-Proc
* Spy Sweeper
* Ad Aware
* Spybot
* AVG command line
* CoolWebSearch Shredder

All in all, the following were found:

* CoolWebSearch
* cws_tiny0
* alyon

However, even when I do an XP repair, I still find that Windows
Explorer
closes when I try to run it.

Visually scanning the Windows directory, I've just found two files
that no spyware/virus
scanner picked up on:

* mssearchnet.exe -
http://www.liutilities.com/products/wintaskspro/processlibrary/mssearchnet/
* nvctrl.exe -
http://www.liutilities.com/products/wintaskspro/processlibrary/nvctrl/

Not sure why none of the scanners used missed these. I deleted it, but
Explorer still doesn't start up. Looks like I'm going to have to do a
full reinstall.

Any idea why none of the scanners I used picked up on the above files?
Click to expand...

Both those files are suspect. Upload them to Virus Total:

http://www.virustotal.com/flash/index_en.html

You should use a better av than what you've tried. Try KASFX from my
web site. It's based on the Kaspersky scan engine.

Art


http://home.epix.net/~artnpeg
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Virus! Peernet? 1
GOODBYE AVIRA; HELLO AVAST! 3
Please Help! Virus? Avast, Firefox, Windows update quit working 4
The Girl Lodger 1
Jokes 6
Warning in email was received a day too late.... 10
SBS 2002 infected with Conficker virus - how to remove?? 5
virus ++++++++++ 5

Top