3 Replies Latest reply on Sep 19, 2010 2:12 PM by vinoo

    Virus suspected and assistance with removal

      Hello McAfee community

       

      Please find below as much information as possible on my problem:

       

      For a week now I have been trying to remove a virus, our pc started behaving strangely when you searched in google. It would bring up recommended sites as always but the connection would always take you to the Gomeo site.

       

      First I checked my quarantined files and the following items were noted:-

       

      ADWARE-180SA    file location C:\SystemVolumeInforation\_restore{44589CEE-F80B-4E67-B848-F38844E34B4D}\RP1328 \A0407537.sys

       

      ADWARE-HOTBAR file location lots of items on the c drive under Zango(which I have now deleted)

       

      GENERIC PUP-x!bh files located at C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY DOCUMENTS\SCHOOL\EVID4226PATCH223D-EN.ZIP and C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\MY VIDEOS\SCHOOL\EVID4226PATCH223D-EN.ZIP(which I have now deleted).

       

      I found the virus information library on McAfee and ran the stinger tool. A trojan was found and deleted, see report attached for Mon Sep 13th.

       

      I then found the McAfee forum and was reading a post about using the GetSusp Scan, which I downloaded and ran. My apologies if I haven't attached the correct file for this but 3 trojans were found. If the report cannot be seen I'll note what was found.

       

      Next, I read through the required reading on the forum and I have ran through steps 1-3 as requested.

       

      Whilst completing step 2, stinger tool and scan in safe mode nothing was found. However, since then McAfee informs me that my pc is not fully protected and could not be fixed.

       

      I'm just wondering what to do next, so if anybody could shed any light on the matter I would be very grateful.

       

      Hopefully I've posted enough info and not waffled on to much.

       

      Regards

       

      Marc