View Single Post
  #7 (permalink)  
Old August 21, 2008, 08:34 AM
BrainEater's Avatar
BrainEater BrainEater is offline
Hall Of Fame
Join Date: Mar 2007
Location: Calgary
Posts: 2,741


My first advice would be to stop trying now , save what data you can , and blow away windows (format/reinstall).I say this because it could take much much longer to clean what you have.

I'll give you a quick primer on trojans/virii since I've removed a few , and you'll see what I mean.

Now they don't all work this way , but a lot of the time the original 'Infection' is merely a 'downloader-installer' . It's this program your antivirus will find and clean , but if it's had a chance to do it's job , it's too late.You'll now have 5-10 smaller , unnamed programs running , the AV will not always get , and these are the ones that do the dirtywork.This group of smaller programs is also capable of a)preventing successful AV use , but b) detecting when bits of itself have been deleted/cleaned ,and promptly re-downloading them.

There's one last thing about the smaller downloaded bits that makes them difficult.A lot of these trojans are designed to make the host into a 'bot' . This means the smaller downloaded programs are dynamic (because the people running the 'botnet' can change them quickly), and that means your AV won't find them.

If you want to actually clean this , your going to have to do a lot of detective work.Many hours.Start by identifiying what processes are running that don't belong , then start hunting thru the registry for applicable entries to that process...This will lead you to others , etc.....

From the size of the infection you describe however , this might be a losing battle , as you probably have more than 1 species of bugs running around in there....

GL !
Supermicro X11DPi-NT:2x Xeon Gold 6144's:Lots more other stuff.Dual 4k monitor video .
Reply With Quote