Member Avatar for Its.Obi

Hi Fellows,
Actually my PC is infected by virus. I downloaded and updated MBAM and performed quick scan (more then few times) and keep getting "6" detections which seems MBAM is not able to remove them (even after restarting on completion of scan every time).
I also tried "CCLEANER" "SUPERSPY REMOVAL" "MICROSOFT SECURITY ESSENTIALS" but still no luck.

Following are the details of MBAM detections that keeps on coming up ever time I scan the system.

Malware.Packer.Gen (Vendor)........... C:\iodq.exe
Virus.Sality (Vendor)........................... Registry key
Virus.Sality (Vendor)........................... Registry key
PUM.Disabled.SecurityCenter............ Registry Data
PUM.Disabled.SecurityCenter............ Registry Data
PUM.Disabled.SecurityCenter............ Registry Data

Please help out to remove torjan completely from my machine.

[P.S some programs are poping out this error (runtime error r6002 floating point) when I try to execute them]

Thanks,

  • 7 Contributors
  • 6 Replies
  • 343 Views
  • 1 Month Discussion Span
  • Latest Post Latest Post by RoyinForest

Recommended Answers

All 6 Replies

Member Avatar for rubberman

Personally, I only run Windows in a Linux virtual machine. I create a snapshot of the Windows "disc", and when I get a virus, I just restore the snapshot. Virus - gone!

Member Avatar for Reverend Jim

Personally, I only run Windows in a Linux virtual machine. I create a snapshot of the Windows "disc", and when I get a virus, I just restore the snapshot. Virus - gone!

Interesting but it hardly helps the OP. Have you tried downloading and running Trend Micro Housecall?

Member Avatar for gerbil

By now you have likely read up on Sality and know that you have some hard choices and work ahead of you. Yes, it is curable, but while protected system executables will not be infected, many other system files may be. Certainly the executables of other softwares will be infected as you run them [the virus gets their pathnames from the MUICache as they run]. The problem is that they may be damaged by bad infectors and recovery will not be possible, the result being the occurrence of continual errors, slowdowns etc necessitating ongoing repair jobs. The recommendation is generally to run a curative from one of the major AV vendors, then save pure data files to another drive, watching for the appearance on that drive of any executable [.exe, .pif, .cmd] or autorun.inf file. Next you wipe and reinstall the OS and all your softwares from original sources, scan your data drive and reload your data.

Edited by gerbil
Member Avatar for caperjack

download and run this virus removal program from bleepingcomputer.com use it a few time now on customers computers with great success .
Click Here

Edited by caperjack
Member Avatar for alexalbert

Install another antivirus on your system and run a full system scan again try to remove infected files. you can also get help from the " Antivirus Service " team of your antivirus.

Member Avatar for RoyinForest

When normal scanning and removal techniques fail to remove malware, try these escalation tips:
1. boot in SAFE mode with Networking (so you can download updates, etc)

  1. try to run removal tools (sometimes malware disables them) and also try to download updated virus signature files before scanning)
    I have good experience with these: Malwarebytes, Superantispyware, EMSISOFT, COMODO CCE

  2. It is not usually possible to "install" programs in SAFE mode so you may have to choose between existing installed tools, or using a run-time version that doesn't require install - eg SAS.COM

  3. next step in escalation if this doesn't remove the malware, is to boot from a different system that is not infected. There are 2 ways of doing this:
    (a) boot from a recovery CD (UBCD4WIN, WIN7PE, Kaspersky Rescue CD, etc
    (b) remove the infected hard drive and connect to another system via USB connection (or install as 2nd drive) ( don't do it on your best production system however as there is a good chance the malware will be able to spread - less with the USB cable connection approach)

  4. Once connected to a fully working system you can go back to step 2 and run fully-operational tools.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.