Need help with persistent virus/malware

M

Marianne B.

I'm helping a friend who has a very nasty infection.

Here are the symptoms:

He has Norton AV, but when I try to open it, it closes immediately, so I can't
scan, update, or even uninstall it.

Any AV or anti-malware utility that I try to install flashes on the screen for
a second and then closes.
Same in Safe Mode.
Same after deleting all temp files.
Same after un-checking all startup items in msconfig.

If I try to go to any of the websites that have online AV scanners,
(TrendMicro, Symantec, McAfee, Kaspersky, Bit Defender, Panda,
F-Secure RAV), Internet Explorer closes or the control downloads
but won't run.

I copied a folder called "AVG" (that contains AVG and the current defs) from a
CD-ROM disk to the desktop.
When I tried to open the folder, it flashed for a second and closed. I renamed
the folder to "stuff" and it opened with no problem, but the AVG installer it
contained wouldn't run.

I couldn't use F-Prot for DOS because the HDD is formatted NTFS, and I
didn't have a Bart PE disk with me, so I didn't try that. This is the first
time I have encountered an infection that could prevent every online scan
from running.

Would appreciate any suggestions.

Thanks,

M.B.
 
M

Marcin Domaslawski

Hi,

If you will know what is the name of malware or file name, removing will be
much simplier.
You didnt write what exactly utilities tried to use but did you try simply
removal tools (some of them removes more then one certain malware) ?
- http://vil.nai.com/vil/stinger/
- http://www.avast.com/eng/avast-virus-cleaner.html
- http://www.softpedia.com/get/Antivirus/removerexe.shtml


Check if you can open system tools like regedit, taskmgr or msconfig - you
can check there what is launched when system starts.

Marcin Domaslawski
 
A

Ancient warrior

Iffffffffffff, there is nothing on the hard drive the user wants do a clean
install. Will probably be faster doing it this way than tracking down all
the bad stuff. Don't forget to remove the current partition, replace
it/format it, and then clean install.
Ancient warrior
 
P

PA Bear

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v1.99.1
(http://aumha.org/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. **Post
your log to http://aumha.net/viewforum.php?f=30,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7, or other appropriate
forums for expert analysis, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trojan? 5
Anti-Virus interference 9
MSE combined virus / malware .. very slow to start 6
Persistent malware item Trafficmp how to get rid of it? 3
Need a FREE for Anti-Virus program, please........ 9
malware issue - part II 50
Follow-up and still need help on ex-gf's virus! 12
Need help with probable virus/trojan 7

Top