I do PC support for SMB's and, unfortunately, my clients do tend to catch a virus here and there. I've had great luck cleaning them on my own using AVG, MalwareBytes, JRT, TFC, and other tools found here on BleepingComputer.
I've now run across one that I can seem to clear away. I've narrowed down to a couple of suspect files/folders, but can't find anything about them when doing a Google search.
I found this entry in the registry
If I delete it, it comes back. I've tried deleting the OaveQoszi.bxa file and it comes back.
I've run AVG, JRT, TFC, TDSSKiller, HiJackThis, MalwareBytes, MaylwareBytes AntiRootkit, HitManPro 64, and ComboFix on this to no avail.
I have now pulled the drive out and connected it to as a secondary drive to another machine and am running TrendMicro's Housecall on it.
In the meantime, wondering if anyone else has seen this?
The client called me originally because they could not open IE 10. If would open the window and then close right-away.
Since getting in front of the machine myself, it is very sluggish (IE will open but takes a while to be responsive - more so than it should). Viewing processes in Task Manager I can see an extra instance of Explorer, several CMD instances, several TrustedInstaller instances, and several REGEDIT instances.
The machine is Dell OPtiPlex 3020, WIndows 7 Pro, 64 bit, 4GB RAM.