We encourage you to register on our forums and post any questions you might have. The How-To Geeks monitor this forum and will respond to your question quickly.
Okay I managed to delete :
C:\Windows\system32\Drivers\mchInjDrv.sys
and
C:\Windows\System32\Drivers\a90thxv.SYS
using Admin Account.
So Im running another scan and now its :
C:\Windows\System32\Drivers\ayx8md7x.SYS
Any thoughts on how to get rid of this?
Thanks for all the help.
Well, a search on mchInjDrv.sys shows exactly what I suspected. This malware is hiding and regenerating when removed. Here are instructions from Symantec on removal:
http://www.symantec.com/securi.....38;tabid=1
Note this line: "Loads the following driver, when stealth mode is activated, and uses it to hide its process and service: mchinjdrv.sys". The idea of hiding itself and recreating the random letter filename is why this is being called a rootkit by AVG.
Okay I followed the instructions to delete the malware but it just kept switching names.
So I ran AVG in Admin Mode and deleted both.
After that I completely un-installed AVG and it gave me an option to also delete any viruses or anything that was in the vault so I did.
I read up a little on different security and decided to go with BitDefender Total Security 2008.
In a few tests of products it came out number 1 and AVG didnt fare so well.
Now Ive run scans and come up clean :)
I also have SUPERAntispyware installed < great program.
Just wanted to post and say thanks for all the help.
Sorry for the lag between responses,all the help is greatly appreciated!
You must log in to post.
|
svchost.exe jusched.exe dwm.exe ctfmon.exe wmpnetwk.exe |
wmpnscfg.exe rundll32.exe wfcrun32.exe Ipoint.exe Itype.exe |
Wfica32.exe Mobsync.exe Cmd.exe Dpupdchk.exe |
