Posted 07 September 2009 - 05:05 PM
I have been trying to clean a clients PC for 5 days straight. I can't run any AV or Malware program because whatever it is detects it and instantly closes it, even in safemode. Furthermore, if I try to reopen a program it closed, I receive a message that says,
"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."
I removed the drive and placed it in another PC and ran Kaspersky Internet Security 10 on it and it detected and cleaned 285 files that were infected with virus.win32.virut.ce. I placed the drive back in the original computer and tried to run a scan and the same thing happened to all attempts to clean it. I then Booted the PC with both Ultimate Boot Disk and Hiren's BootCD and ran virus scanners to clean the system. After all that, I rebooted to Safemode and attempted to run a scan and the same thing keeps happening. I again placed the drive in another PC and ran a scan with Kaspersky and it found 43 more infected files but these were infected with an assortment of virii such as Trojan.Win32.Agent2.chxn, Trojan-Downloader.WMA.GetCodec.ae, Backdoor.Win32.Agent.akli, Trojan.Win32.Monder.bzea, Trojan-Downloader.Win32.Agent.bqxc, Trojan.Win32.Agent2.chuf, Trojan-Downloader.Win32.Agent.cosh, Trojan-Downloader.Win32.Delf.vma, and Trojan-Downloader.Win32.Generic.
I don't want to waste anyone's time (or mine) so I will list all the programs I tried:
Adaware Anniversary Edition, AVG, Avast Home Edition, AVZ, X-RayPC, Gmer (I even tried the one you download with a randomly generated filename), FixVundo, Malwarebytes Anti Malware, OTL, RemoveIt, rmvirut.exe, rougefix, RootRepeal, Sophos Anti Rootkit, Spybot Search & Destroy, Stinger, Sysclean, VirtumundoBeGone, Xclean_micro, and MultiAV.
I had a little success with MultiAV. I downloaded to my good PC and downloaded all the updates for all 4 AV programs, which are Sophos, McAfee, Trendmicro, and kaspersky. I booted up in safemode and the virus allowed me to scan with ALL 4 programs and delete what they found. However, I still couldn't run any other program.
Any assistance will be greatly appreciated. I've been repairing/cleaning computers for about 10 years and have NEVER ran into malware this evil....lol.