3 replies to this topic

[Hugh_LA_Tech]

I've run Norton, AntiVir, SDFix, and MBAM (with suspect drive slaved to clean host machine). Rootkit Revealers just want to look at the booted drive. If anyone knows of one that will look for root-kit on other than C:, please chime in!

Originally I had an "Anti-virus warning" pop-up, but I think I nailed that one over the weekend -- obviously this system has/had at least two or three trojans at work.

The symptom at this point is that I can't search for anything anti-malware related. When I did, the browser (any browser) would terminate. Until I killed wdmaud.sys, it re-directed to 7.7.7.0 then terminated, now it just terminates without that re-direct -- not much of an improvement.

Other search results are bogus.

No anti-virus program I've found will install, regardless of how I rename it. I copied in SDFIX and ran it in safe mode but it doesn't find anything. (SDFix is the only one I know of that can be copied in -- the others scatter all over the drive and registry, and won't run without all their footprints in place from an install)

I have to go to a CMD prompt to access either DVD-ROM drive. Explorer won't open them.

So nothing builds a log without booting the drive.
Nothing runs if I BOOT the drive.
Since nothing has found the culprit, I don't know what it is. (they are?)

Does anyone have any suggestions of other programs to try?

Thanks!

[AdvancedSetup]

I do have a question. Are you a Network Admin, or PC Technician?

I would use this tool to start with in your case since the other tools are not working for you.

Requires access to a working computer with a CD/DVD burner to create a bootable CD.
[indent]Avira AntiVir Rescue System - download[/indent]

Avira AntiVir Rescue System
Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore. Thus it is possible to:
[indent]

• repair a damaged system,
  
  
• rescue data,
  
  
• scan the system for virus infections.[/indent]
  Just double-click on the rescue system package to burn it to a CD/DVD. You can then use this CD/DVD to boot your computer.
  The Avira AntiVir Rescue System is updated several times a day so that the most recent security updates are always available.

[AdvancedSetup]

Please post a status update on this.

[AdvancedSetup]

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.