How can I be certain that rovnix.w is not on my computer anymore?
I got rovnix.w on my computer. (I was using antivirus software that was not Mcafee. I was getting odd error messages, my buddy says he opened an attachment to an email from some law firm for a notice to appear in some court in Texas, I googled and away I went.) I downloaded Microsoft Security Essentials and that's how I discovered the name of the virus. (MSE said it couldn't remove it.) I then installed Mcafee Internet Security 2014, and it did not detect the presence of rovnix.w. I tried all the suggestions on the internet and I think I might have successfully removed it. The last step I took was running malwarebytes and rescanning until nothing showed up. That's where I am now.
Moved this to Malware Discussion > Home User Assistance for better attention.
Maybe MSE removed it after all. I see that it is listed in their database. If that's the case then it will be gone.
I see a reputable malware removal forum has dealt with a few stubborn case of this. If you wish to be totally sure it's gone I would run DDS (see lower down the last link in my signature below) and
then post its log on this forum with the appropriate message.
Rovnix variants are evolving fast. This latest, if reported correctly ("rovnix.w") matches a variant for which there is no technical information and very few reports elsewhere. Also odd that Microsoft would class it as a DOS variant. Some of the other variants are said to be rootkits/bootkits and/or primarily targetting mobile platforms. I would be wary of assuming that MSE or Malwarebytes has removed it completely, as no technical information is yet available.
I did some background digging and came up with a few notes from researchers (see below); none of them mention the ".w" variant. Also note that according to VirusTotal reports detection by the major players is patchy at best so this implies code obfuscation and rapid evolution to bypass detection.
Only read these if you're interested in the minutiae of detection and analysis ....Message was edited by: Hayton on 22/01/14 13:21:14 GMT
Microsoft published some technical information on January 22, 2014.
After I read that, I again ran MSE (with updates,) did a full scan, no items were detected.
Is there something more I should do to be confident that my computer is clean?
Yes I uninstalled Mcafee Internet Security 2014 before I downloaded MSE and rescanned my computer.
Based on what I've posted, is my computer now clean?
You are probably OK but as I said you could always ask for an independent opinion using DDS or Hiajckthis as suggested in the last link ion my signature below.