Possible virus?

Hi all,

There was some funny behavior on my son's machine - e.g. problems with downloads, Windows Explorer, etc. Also, there was a folder called anti-shizzle which had icons for most of the AVs, ATs, ASs, that I had on the machine. I went through a cleaning expedition. TDS-3 found and occurrence of MiniBugTransporter. CWShredded indicated that there may be an infected file in the Windows directory which I cleaned.

Things are relatively stable now, but there are still problems. When I pull up the Windows Search program, there are no search fields displayed on the left-hand menu area.

Does this sound symptomatic of CoolWebSearch or any other virus anyone has run into? I am thinking about taking some backups of vital data and just reloading XP. What do you guys think?

Thanks for the help.

Rich

 

Rich there is a new CWS downloader/exploit out, BOClean detects it. Whether it's related to your problem.... No idea, personally i would panic reformat/reinstall. But perhaps Blackspear's GENERAL Virus and Trojan removal Instructions can help you.

 

Hi Don,

Thanks for the help.

This is what I have run all with the latest update:

1) Kav 4.5.104 with latest updates scan - found nothing
2) NOD32 (trial) scan - found nothing
3) TDS-3 - found trace of minibugtransport dll
4) Giant Anti-spyware - found trace of minibuttransporter in registry
5) Ewido - found an ad cookie
6) Ad-ware SE - found an ad cookie
7) Spybot - found nothing
Stinger - found nothing
9) Hijackthis - a couple of BHO files (I didn't recognize) so I deleted
10) BOClean is running, but didn't detect anything
11) TrojanHunter 4 - found nothing

There is also other nasty behaviors which I am discovering. Windows Updates doesn't work and certain buttons, as when I am trying to install Noron Systemswords, don't work.

I am not going to panic, because it is my son's machine and the most he is going to lose is some "images" as well as some past homework. Of the two, I think you can guess which is more important to him.

I think that if I take a backup of some of the non-executables at this point and restore them after I re-install, I should be alright. But I am hoping to definitively identify the virus in some way so I know what else may be infected.

Thanks again for the help.

Rich

 

Hi Rich, you may want to try the following:

Place your Windows CD in the CDROM drive, click start > run, type in CMD, when the black window opens type in "sfc /scannow"

SFC (System File Checker, a part of Windows File Protection) will replace any changed/damaged system files with a clean copy. SFC may not solve every problem, but it's a good start that anyone can do.

Hope this helps...

Let us know how you go...

Cheers