Malware Help

PitRacer

PitRacer

PR Founding Father
Ok, I've been fighting this thing for a while now and have not gotten it resolved. Let me know if anyone has any ideas.

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Backdoor%3aWin32%2fBandok.L&threatid=2147639588

I'm running Windows 7 Ultimate and using Microsoft Security Essentials. It keeps catching it and cleaning it every time I reboot or login, but I have not yet been able to get rid of this SOB. I'm trying to avoid blowing away and re-creating my user profile. Definitely profile based as other users login to my PC without issue.

I've tried Malwarebytes AntiMalware upon recommendation of our antivirus guy at work and it did not find anything.

I have fixed so many virus and malware infected PC's over the years, kindof ironic that the one stumping me is my own...

Thoughts?
 
start up in safe mode by hitting one of the F buttons at boot, can't remember which one. When in safe mode all drivers, startup programs, and I think internet are disabled. At this time run all of your security software. I recommend spybot s&d and ccCleaner. That will probably do the trick.
 
boot up in safe mode... run ccleaner to clean up all your temp files and such, also run the registry scanner from it. run and UPDATE malwarebytes (it may update twice, once for client, once for virus definitions - so check twice) and then full scan it.

Then boot up in normal mode and repeat scans i use MSSE along side with AVG. You can try downloading and running a scan with AVG free also.
 
I'd download an F-secure disc, run it, if that doesnt work, try a system restore, and if all else fails pull the files you need and reload windows
 
We have windows 7 and the best thing to do is make another profile and delete the one with a virus. It's the best thing to do to ensure it's gone, just save all your files to one of those flash drives and move it over.
 
How can you be sure that hiding among the files you copy over, is the trojan? Safe mode and system scanning is the best solution. If you don't boot up in safe mode windows won't delete the file(s) since it's in use by another program. i.e. the internet
 
I should have specified that scanning in SAFE Mode didn't find anything....then boot back up, login and there it is.

I have not yet tried any of the other scanners though, will try that soon.
 
windows loads minimal registry/files when in safe mode. thats why i always do cleans in both to be sure. the av software is more likely to find the stuff if windows has it currently loaded.... so often times i find a few things in safe moode and the majority in normal mode.

biggst mistake poeple make is not updating their av software prior to doing the scans. sometimes if things are bad enough you cant even get your software to update... then you sometimes can do the update in safe mode.
 
I had a similar problem a while back. I have Avast Antivirius (free from cnet.com)...It will restart your computer and run itself before eveything else loads. That did the trick for me last time.
 
You must log in or register to reply here.
Back
Top