Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Unable to run spyware/malware killers


  • Please log in to reply

#1
Mighty Blob

Mighty Blob

    New Member

  • Member
  • Pip
  • 3 posts
My daughters machine has been contaminated with something nasty, and as yet I have not been able to get close to even identifying the source.

OS is XP SP2

Whatever it is is smart enough to recognise any attempt to shut it down.
It prevents any internet download.
It closes taskmanager, regedit and other system level tasks.
MSConfig will run, but it switches from diagnostic startup to selective startup and so I can't get the machine into safe mode.

Adaware will run but won't kill the virus.
I've tried installing the free downloads from this site, but none will install or run, so no HJT logs I'm afraid.

AT the moment I'm at my wits end and am contemplating rebuilding the machine from scratch.

Please advise on what my next step should be, because I'm not even getting to square one on this one.

Many thanks, in advance.

Mighty Blob.
  • 0

Advertisements


#2
Mighty Blob

Mighty Blob

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
I'm bumping this as I've made a little headway.

One of the infections is now definately confirmed as W32/Summon-C.

However knowing what it is doesn't help me kill it.

What's my next / First? step?

Thanks

Mighty Blob.
  • 0

#3
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Hi Mighty Blob
Sorry for the late reply the board has been really busy lately,
If your still looking to resolve this issue,

Please run through all the steps outlined in this Topic
Post back a fresh log when done please

If you have resolved this issue please let us know.

Thanks and again sorry for the late reply

Don
  • 0

#4
Mighty Blob

Mighty Blob

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Don77

Thanks for getting back to me. I should really have posted the resolution I came to.

The name SummonC I wrote down from the Symatec site. When I went back to check it, I managed to identify the worm as W32.Surflog.C and Symatec have a standalone cure for it.

Downloading it from a different machine I managed to run it from disk and kill the worm.

My daughter was then able to run Ad-Aware and Spybot which I believe took out over a hundred residuals (probably tracking cookies). I also installed the AVG v7 and turned her Firewall back on.

I've no doubt the machine still has a number of infections, but none seem to be serious enough to make her complain.

Thanks again, but I think this issue has been resolved. But I'll certainly remember this site, and am also recommending to friends.

Mighty Blob
  • 0

#5
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Might be worth a look at the HJT log,
Its your choice however,
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP