Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


virus detections and maybe some on rootkit revealer

  • Please log in to reply
1 reply to this topic

#1 jefferysitz


  • Members
  • 35 posts
  • Local time:01:01 AM

Posted 23 December 2012 - 02:42 PM

Hello, my name is Jeffery Sitz. I am an A+ tech and can follow directions and know some about virus removal but am over my head now. I have 4 computers in my house, all of which I think are infected. I believe if you walked me through the cleaning process once I might be able to (maybe) do the rest on my own.

Info on first computer.
Windows XP SP3
all windows up to date
AVG Pro AV 2012 resident
Scan occasionally with MalwareBytes.

Both AVG Pro and MalwareBytes show the computer clean. They have never found anything.

I ran Avira rescue disk and it showed 11 java infections, mostly in two of my profiles application information. Avira Rescue does not fix so I deleted the files by hand and uninstalled Java.

I ran AVG Rescue Disk and it cleaned 8 java trojans and java viri.

When I run rootkit revealer I get between 10 and 15 items, mostly on directory but not in API or in API but not in directory. Before the cleaning they were giving what looked like reg keys starting with avg. After I did the rescue disk a different bunch were there starting with catalog1, catalog2, etc.

I ran SmitFraudFix and it gave me a VBS runtime error at the beginning, scanned some, said Remoes ( or something like it, sorry I did not write it down )deleted some files, then gave me the vbs runtime error again.

I had a bad virus infection (dozens of viri) a few months ago which made me reformat, delete the mbr, and reinstall windows. I was never sure however that it was not in my backup and I may have reinfected.

I have a feeling that I have a rootkit or mbr virus but don't really know where to go from here. I have backups on an external HD but do not have much faith they are not infected as well.

All of my data files are on different hard drive partitions or hard drives than my Windows partition.

I do have about 10 GB unpartitioned, so perhaps a linix installation could be possible if that would help.

Thanks in Advance
Jeffery Sitz

BC AdBot (Login to Remove)


#2 Jimbob85


  • Members
  • 308 posts
  • Gender:Male
  • Location:VA, USA
  • Local time:01:01 AM

Posted 27 December 2012 - 03:00 PM

Hi, welcome to BC.

I would try this, Kaspersky Rescue Disk. I have found this to be a great tool for malware removal.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users