Posted 18 February 2009 - 08:09 PM
Hey Everyone Im Pretty New To The Forums But Anywayz So If I Posted In The Wrong Section...
I Got Over 5 Computers Infected With This Injected JS.Virut.X JS.Virut.Y Win32.Virut.X Win32.Virut.Y that is not listed what so ever on any google pages. its called something completly different with SOPHOS Removal Emogen Or HTML I FRAME.
Avast wont remove it
AVG wont remove it
Outpost security suite pro wont remove it (claims to remove it but then it reappear on scan after restart)
Zonealarm claims to remove but on restart reappears
avast goes into LOOP - both home n pro
DR WEB wont remove.
bit defender wont remove
kaspersky wont remoe and kaspersky gets shutdown by it
outpost the virus creates rules to reenable itself in the smart advisor filter as acting as a genuine certificate for the vendor.
its a rootkit so YES i have formatted and reinstall windows, replace hard disk drives, scanned and removed virus etc... and transferred data back and it has taken over the newly formatted system
Malwarebytes with latest update, picks up over 8 threats and removes on restart but reappears when you rescan as it does not remove or does and it regenerates itself injecting the files over and over and it gets worse each time...
YES. SYSTEM RESTORE IS OFF. and all points removed... never enabled...
McAfee Wont Work
Norton Wont Work
Kapersky Wont Work
Bit Defender Wont Work
avast wont work
avg wont work
hijack this is denied
task manager denied
if i grand these to approve and have access via scripting or reg entries i can bypass the access denied but still does not work...
ROOTKIT software such as UNHACK ME by GENESIS
F-Secure wont work... picks up HIDDEN ROOTKITS but wont remove... claims to but they reappear
the only option really i have left it the one that i cant deal with which is format and lose all data and start from scratch
DOES ANYONE HAVE ANY OTHER IDEAS I HAVE NOT YET TRIED OR COVERED
combofix doesnt work or even run
catch me - doesnt work
ad aware picks up but doesnt remove
spybot S&D doesnt work
malware doesnt work
im running out of ideas
NOD32 doesnt even pick up a virus
its not a false postive but it mainly goes for MYOB14 up to MYOB 18 files to do with HTM files mostly and injects into system32
and root %windir% directories....
it also is hidden
i comes along with the varient HTML-IFRAME. which nothing removes..
IM CONFUSED, UPSET, AND dunno what to do...
if anyone has any ideas please get back to me ASAP
THANKYOU VERY MUCH FOR YOUR TIME N SUPPORT