Windows XP SP2 | Pentium D (2.80GHz x2) | 120GB HDD | 1GB RAM | other information on my profile page
Avira AntiVir Personal | Ad-Aware Anniversary Edition | CCleaner
I'll put this down in a list, in a chronological order~
+ new, 120GB SATA HDD installed (old one died, of old age I suppose - but that's not the case)
+ fresh XP SP2 installed
+ silly cousin and his removable-disk with fun.exe comes in and double clicks the damned file.
+ Avira picks it up as a Trojan and "cleans" it, doesn't delete it
+ Avira begins to detect TR/Crypt.XPACK.Gen viruses occasionally in /system32/ thanks to real-time guard
+ Full system scan (with Avira) appears to clean system from XPacks (mostly in %temp% area)
+ Full system scan (with Ad-Aware) removes some cookies and such
+ I disabled and re-enabled System Restore (advice from a friend)
+ Avira begins to detect TR/Crypt.ZPACK.Gen viruses occasionally (An evolution!?)
- one of the places this virus respawns a lot is in "C:\WINDOWS\system32\x" but no such folder exists
+ fun.exe ALWAYS spawns in any removable-drive I plug into my computer. Scans do not detect anything. Removed by taking drive to another computer and simply deleting it. (Same friend as above used a flash-drive on my computer and just deleted fun.exe, his computer's been unaffected, used it on a different computer and no fun.exe appeared to be on his drive)
- if I delete fun.exe in the drives while they are connected, they're still there in the drives. Pressing F5 while the windows are open proves this, fun.exe reappears~
Other viruses Avira recently picked up:
TR/Dldr.BZW and TR/Spy.44544.1
God knows where those two came from, and I have no clue how to get rid of this set of respawning annoyances.
"Respawning", for the lack of better terms.
Scan with Avira immediately before posting this produced two TR/Crypt.ZPACK.Gen (located inside C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ as two GIF files.) and that's better than the fifteen detections of ZPack this morning.
Scan with Ad-Aware immediately before posting this produced 53 TAI-3 Cookies and one Win32TrojanAgent TAI-10 (located deep inside C:\System Volume Information folder),
Promptly removed from my computer. Problem persists.
Sooooo, people of BleepingComputer. What should I do?
Should I switch to a different anti-virus program? I really don't want to, I'm very fond of Avira's real-time guard, so please tell me to switch to something else ONLY if it's absolutely necessary.
Thanks in advance for any help you guys can give me.
edit: Just remembered to mention, I do not have a CD-R or a DVD-R drive. I can however borrow one if needed - but that'll take a couple of days.
Edited by Supreme Edgeboy Max, 25 May 2009 - 02:31 PM.