Posted 11 June 2007 - 03:19 AM
I've had my antivirus turned off for a few days and in that period, malicious websites were accessed. I use Kaspersky AV and Antihacker.
I noticed that something was wrong when suddenly after a reboot, certain keyboard keys stopped working (1 2 3 4 7 8 9 0 and [ ) - so not all number keys. I started Kaspersky and ran a virus scan. Several trojans were found in my java/ cache folder. I deleted the whole contents of that folder (even the files that were not detected as trojans).
The keyboard problem was not solved. After a system restore and several reboots later, and after removing all suspicious programs from my add/remove programs, the keyboard problem disappeared. However I got an error 2-3 times after rebooting "System has recovered from a critical error" (I have a picture of what happened if it's relevant). I don't get that error anymore but I'm afraid that my PC might still be infected.
I opened my taskmanager to see if there's anything suspicious going on, but was unable to find anything besides 6 svchost.exe running. I did some research and found out that it can be a virus target. From what I understood svchost can be ended from the task manager, but I got an NT Authority error - system will nshut down, after trying to end it. I did a search on my pc for svchost.exe and found 3 exe files that had 57kb each, all located in my Windows folder.
I downloaded the WinPFind3U program and tried to run a scan after disabling my Kaspersky AV and anti-hacker, but it just froze each time after 5 seconds. I also downloaded the AVG spyware program but instructions suggested that I run it after rebooting in safe mode - I tried tapping my f8 key but it takes me to a blue screen with "select boot to drive - removable floppy, hardware, removable cd drive" - instead of the normal options "restart in normal mode/ safe mode/ ms dos mode".
Can I/ Should I run the AVG program in normal mode? Does the fact that I have an AV make any difference - considering it's disabled?
Could you please advise on what I should do to discover if my PC is still infected?
Thank you in advance for your support.