Printable View
Oh, yeah, I forgot to mention System Restore. Some of these nasties have a habit of hiding parts of themselves in System Restore. If you turn that off (Right-click My Computer, Properties, System Restore) and reboot to SafeMode, you should be able to scan and delete, and have reasonable assurance that it won't reinfect from the system restore files.
nihil's tools will help, too.
Backups? who needs stinkin' backups?
Yeah, Tiger's right, back up your data. Things can get dicey sometimes.
Oh, yeah, I forgot to mention System Restore. Some of these nasties have a habit of hiding parts of themselves in System Restore. If you turn that off (Right-click My Computer, Properties, System Restore) and reboot to SafeMode, you should be able to scan and delete, and have reasonable assurance that it won't reinfect from the system restore files.
nihil's tools will help, too.
Backups? who needs stinkin' backups?
Yeah, Tiger's right, back up your data. Things can get dicey sometimes.
Thanks Friends for the input, here's an update:
All previous scans were done with System Restore off. I then as per Nihil's recommendations downloaded Ewido and a+. I again scanned in Safe Mode with System Restore off. For good measure I scanned with the McAfee freetrial download I had and also with the Trend Micro free trial software that came with this Dell Laptop (I have only had it for a month). I have scoured the net and this site for a similar behavior and have found nothing yet--what I'm referring to is trying to delete one file with Symantec AV and finding the total files deleted climbing to about 4,000 before I stopped the process because it seemed to be going nowhere but up(the count, that is). To go over old ground, all files were successfully deleted, and now Safe Mode scans with products from 5 major vendors (Symantec, McAfee, Trend Micro, Ewido, and a+) that were done with System Restore off and fully updated definitions all say I'm clean.
Comments? What are the odds that something could be left? Performance is fine, I see nothing unusual running in my Task Manager. As far as backups, I tend to use this laptop as a lab for my apps, so there's nothing unique on it (its the slowest CPU I have, I like to test my custom apps on a dog to make sure they don't drag too much on slower computers). Could the steadily increasing file counter with the SAV delete have been a glitch? SAV found the signiture once and then it and every other AV program acted as if the delete was successful. I 'm puzzled by the lack of similar behavior out there, so if anyone else has seen their file counter go up like that upon AV deletion, let me know.
Thanks.
Thanks Friends for the input, here's an update:
All previous scans were done with System Restore off. I then as per Nihil's recommendations downloaded Ewido and a+. I again scanned in Safe Mode with System Restore off. For good measure I scanned with the McAfee freetrial download I had and also with the Trend Micro free trial software that came with this Dell Laptop (I have only had it for a month). I have scoured the net and this site for a similar behavior and have found nothing yet--what I'm referring to is trying to delete one file with Symantec AV and finding the total files deleted climbing to about 4,000 before I stopped the process because it seemed to be going nowhere but up(the count, that is). To go over old ground, all files were successfully deleted, and now Safe Mode scans with products from 5 major vendors (Symantec, McAfee, Trend Micro, Ewido, and a+) that were done with System Restore off and fully updated definitions all say I'm clean.
Comments? What are the odds that something could be left? Performance is fine, I see nothing unusual running in my Task Manager. As far as backups, I tend to use this laptop as a lab for my apps, so there's nothing unique on it (its the slowest CPU I have, I like to test my custom apps on a dog to make sure they don't drag too much on slower computers). Could the steadily increasing file counter with the SAV delete have been a glitch? SAV found the signiture once and then it and every other AV program acted as if the delete was successful. I 'm puzzled by the lack of similar behavior out there, so if anyone else has seen their file counter go up like that upon AV deletion, let me know.
Thanks.
one thing you might want to try is manually killing your temp files... all of them. The temp files stored in windows, the ones under your profile, and the ones stored by your browser, including the objects(note this may affect flash shockwave players and similar)
one thing you might want to try is manually killing your temp files... all of them. The temp files stored in windows, the ones under your profile, and the ones stored by your browser, including the objects(note this may affect flash shockwave players and similar)
Another scan you could try is blacklight by fsecure [google it] ... I think it was one of the members of AO that pointed this program out... [can't remember for sure] ... but it is a rootkit detector
Another scan you could try is blacklight by fsecure [google it] ... I think it was one of the members of AO that pointed this program out... [can't remember for sure] ... but it is a rootkit detector
Hmmmm,
This is a guess but you are running AdWatch and Symantec. Norton is not noted for its compatibility with other products and both would have been running interactively
My suspicion is that the two programs might have gotten into a "deadly" embrace, and were repetitively discovering the same malware. I note that you were in "normal mode" when you tried to delete the file, so adwatch and Norton would both have been running?
As I said, that is a guess, but I did manage to provoke a similar situation a few years back when I loaded several AVs and showed them a CD of "nasties"
:D
Hmmmm,
This is a guess but you are running AdWatch and Symantec. Norton is not noted for its compatibility with other products and both would have been running interactively
My suspicion is that the two programs might have gotten into a "deadly" embrace, and were repetitively discovering the same malware. I note that you were in "normal mode" when you tried to delete the file, so adwatch and Norton would both have been running?
As I said, that is a guess, but I did manage to provoke a similar situation a few years back when I loaded several AVs and showed them a CD of "nasties"
:D