G
Gareth
Somehow I managed to infect a XP laptop with all sorts of malware and
viruses simply by accessing a website: McAfee resident scan was useless
despite being up to date.
I suspect that the "security" lock down on the laptop prevented Windows
Update from installing fixes for security flaws. Also McAfee, which I would
never select as an AV
It took me 13 hours to clean the infection - none of the rescue disks
(including Kaspersky) cleared all of the infections and ultimately only
Combofix, Malwarebytes, Spybot and Windows Defender resident protection
managed to remove all of the infections (I needed to use all of them).
Anyway, an alert popped up which looked the same as the malware false alert
but was in fact a genuine Windows Defender alert which I managed to
"ignore". The scan history now shows that the following item was "ignored":
globalroot\device\Ide\iastore0\bcimqnbv\tdlwsp.dll
It is identified as: Trojan:Win32/Alureon.gen!U
I can't seem to force Windows Defender to identify it again and other
anti-malware isn't identifying it.
How would I remove this virus? The dll doesn't seem to be present in a
Windows accessible path - it almost looks like an Unix path.
If it is just a dll and other executable files are not - or do not seem to
be - present is there anything to worry about?
I also think an SD card was infected which subsequently infected a Windows
Mobile device (which can be cleaned via a rom reflash).
How could I safely connect the SD card to a PC in order to clean it? Is
disabling autoplay enough?
viruses simply by accessing a website: McAfee resident scan was useless
despite being up to date.
I suspect that the "security" lock down on the laptop prevented Windows
Update from installing fixes for security flaws. Also McAfee, which I would
never select as an AV
It took me 13 hours to clean the infection - none of the rescue disks
(including Kaspersky) cleared all of the infections and ultimately only
Combofix, Malwarebytes, Spybot and Windows Defender resident protection
managed to remove all of the infections (I needed to use all of them).
Anyway, an alert popped up which looked the same as the malware false alert
but was in fact a genuine Windows Defender alert which I managed to
"ignore". The scan history now shows that the following item was "ignored":
globalroot\device\Ide\iastore0\bcimqnbv\tdlwsp.dll
It is identified as: Trojan:Win32/Alureon.gen!U
I can't seem to force Windows Defender to identify it again and other
anti-malware isn't identifying it.
How would I remove this virus? The dll doesn't seem to be present in a
Windows accessible path - it almost looks like an Unix path.
If it is just a dll and other executable files are not - or do not seem to
be - present is there anything to worry about?
I also think an SD card was infected which subsequently infected a Windows
Mobile device (which can be cleaned via a rom reflash).
How could I safely connect the SD card to a PC in order to clean it? Is
disabling autoplay enough?