Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Malware Removal Assistance Needed Please

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Malware Removal Assistance Needed Please

Unread postby panic » March 17th, 2009, 8:36 am

My desktop computer which is full of business sensitive information became infected yesterday. I am absolutely freaking out. Please help! I am using laptop until the desktop is clean.

I do not know exactly when or how it got the virus but I have noticed it running a bit slower but I had attributed it to getting full and occaisionally it would not boot correctly (i.e system errors on start up) I run McAfee Total Protection suite and Spy-Bot every 3 days and until yesterday, nothing has shown up. Yesterday, it opened up the XP-AntiSpyware-2009 thing, which I knew I did not have so I immediately locked the firewall down, unplugged the network cable and dsl and ran a virus scan and Spy-bot scan.

They found Generic downloader.z, Spy-Agent.bw!rootkit and Memory/NTQueryDirectoryFile plus a host of other spyware items that Spy-Bot supposedly fixed. I went to McAfee's website and researched the rootkit removal process and followed it exactly three times but as soon as I rebooted, it was back. Finally, I went into XP settings and turned off the System Restore point option and scanned again. McAfee came back clean after that. Spybot showed 8 errors, one of which said something about "firewall bypass" and supposedly fixed them again. Reboot, and so far, all comes back clean on both. It's still unplugged from network and internet until I can verify it is truly clean.

How can I be 100% certain the machine is completely clean? All our business accounting software and client info is on the desktop so I have to be sure it's completely gone before I put it back on the network and online. If it means completely wiping the entire system, I'd rather do that than gamble it's still infected.

Please advise.
panic
Active Member
 
Posts: 1
Joined: March 17th, 2009, 8:09 am
Advertisement
Register to Remove

Re: Malware Removal Assistance Needed Please

Unread postby NonSuch » March 19th, 2009, 2:43 am

This computer is a business computer and likely part of a domain as well. As such, it may very likely have been connected to the domain's network while infected, therefore, presenting a risk to other computers connected to that same network.

The online anti-malware community primarily serves home users and is therefore not ideally suited to deal with situations that are best handled by a company's own IT department. All companies have their own set of policies and procedures for handling situations like this, which are beyond our sphere of knowledge. Therefore, as this computer has been identified as infected, you are strongly advised to immediately seek the assistance of your company's IT department so they may implement their own preferred method for handling this situation.

If you do not have an IT department and must deal with this yourself, you must consider the following... As one of the infections you have mentioned is a rootkit, it is highly likely that your only option is to reformat and reinstall the operating system. That is always the best option for a seriously infected machine, especially one that is normally connected to a network and has sensitive business related information on it.

You are strongly advised to keep this system disconnected from the network until such time as it has been reformatted. You should immediately change all your passwords from a known clean computer and, if you have previously done banking or any other financial transactions from this system, immediately notify the relevant institutions that your identity may have been compromised.

As this issue falls outside the scope of this forum, this topic is now closed.

This posting is provided "AS IS" with no warranties, and confers no rights.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27300
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 51 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware