Not signed in (Sign In)
This discussion has been inactive for longer than 5 days, and doesn't want to be resurrected.
    •  
      CommentAuthorJehrot
    • CommentTimeAug 19th 2011
     (10162.21)
    I use the free version of Avast, that's kept me clean for the last few years.
    •  
      CommentAuthorFinagle
    • CommentTimeAug 19th 2011
     (10162.22)
    @Greasemonkey -

    Go back to the post I linked to above, and go through all the steps there in order.
    You're going to need Combofix most likely to remove this infection, if Malwarebytes alone won't do it.
  1.  (10162.23)
    I remembered that I have a Premium service with Trend Micro, so I called tech support and had a technician link remotely. It took two techs three hours to dig out the culprit - it was a rootkit which had hidden itself in the TCP/IP stack. Malwarebytes wouldn't even run, nor would my usual antivirus. In the end they ran Combofix under DOS, and that did the trick.

    Thanks for all the help, everyone.
  2.  (10162.24)
    Greasemonkey: http://www.surfright.nl/en

    Give that a go next time.
  3.  (10162.25)
    Cheers, I'll bookmark it.
  4.  (10162.26)
    I haven't kept up in the world of virus' but damn, that sounds like a tricky one.

    Also, keeping a linux live disc around can be great for that too - you can boot from the disc and use the linux version of Avast! to scan every corner of your windows machine and since it's not running anything from within windows it prevents the virus/trojan from running/hiding/replicating/stopping your antivirus.

    Not trying to be all LINUX LINUX YEAH YEAH YEAH! It's just another tool I've used to clean up particularly nasty infections on family computers.
  5.  (10162.27)
    In the end they ran Combofix under DOS, and that did the trick.


    That's what I was going to recommend :)
    Combofix seems to work great at getting rid of viruses and malware that your average scanners can't find and/or remove.
    •  
      CommentAuthorJay Kay
    • CommentTimeAug 20th 2011
     (10162.28)
    I'm glad this thread came up--I've been embarrassingly lacking anti-virus stuff for longer than I'd care to admit, but I picked up Avira and it seems like everything's on the up and up.
  6.  (10162.29)
    The infection turned out to be the MBR rootkit (TLD4), which is apparently the worst bastard of a virus to remove.

This discussion has been inactive for longer than 5 days, and doesn't want to be resurrected.