Posted 06 June 2009 - 08:39 AM
I'm trying to remove a virus from a laptop. It runs Windows XP. When I first received the pc to fix it, it had quite a few symptoms. The background was changed, antivirus 2009 (or something like that) was installed, no programs would run, web traffic was rerouted to the local host, popups would come, taskmanager and regedit were disabled. After running, malwarebytes' Anti-Malware, 3 items kept appearing. Two items were trackers, and one item was the waledac trojan. I then ran combofix I thought I had removed everything. However, the combofix log still listed userinit as infected and as soon as the computer got internet connection again, the viruses/spyware started to come back. I then ran bitdefender 2009 and it removed a few more items. It really seemed it was clear at the time, but just to be safe I went ahead and removed bitdefender and was putting on avast antivirus as a free antivirus scanner to hopefully prevent this from happening in the future for the user. While avast was scanning, it detected 3 malware (all 3 were .dlls it couldn't delete) and told me that there was a virus infecting system memory, to restart, and do a boot time scan. I did the boot time scan, it found 1 item, deleted it, and then started up but it keeps finding the .dlls, can't delete them, and tells me there is a virus in the memory (which it can't seem to remove). I'm in the process of finishing up running Microsfoft Windows Malicious Software Removal Tool, but it hasn't found anything yet and is about 97% done.