Malware That Recreates Itself | Virus/Malware Removal Assistance

naren

Comodo's Hero

Offline

Posts: 3861

Malware That Recreates Itself

« on: April 12, 2012, 08:22:00 AM »

During my testing I come accross malware which I cannot cleanup with anything. They recreate themselves.

I try to delete them through CCE autorun, regedit, MBAM, Hitman, etc but they recreate themselves.

Atlast I have to do CTM restore which has been always successful here.

How to delete those malware?


	Logged

SivaSuresh

Star Group
Comodo's Hero

Offline

Posts: 1336

Avert the danger that has not yet come

Re: Malware That Recreates Itself

« Reply #1 on: April 12, 2012, 10:39:01 AM »

Dear,

You just described your problem but gave absolutely no useful information .

Please provide required information like the malware name, it's position, possible source, nature of infection. How do you know that it is a malware ? Did any of the above tools named it as malware ? What was the name given ?

Did you try a bootable rescue disk like Kaspersky Rescue Disk or Dr. Web CureIt or Comodo Rescue disk ?


	Logged

with love Siva Suresh
|| Windows8 x64 | CIS 6 | Waterfox | Comodo Dragon x86 | Thunderbird | CCleaner | Evernote | PStart | SuperCopier | Dropbox | TeamViewer | Screenshot Captor ||
|| AMD Phenom II x4 955B | ASUS M4A88TD | 8GB DDR3 RAM | 240GB Sandisk SSD || 3TB SATA II HDD 6Gb/s

naren

Comodo's Hero

Offline

Posts: 3861

Re: Malware That Recreates Itself

« Reply #2 on: April 12, 2012, 11:20:34 AM »

I know I can clean/delete many malware by downloading specific removal tools, etc. And since its a test system I restore with CTM instead of trying rescue discs.

What I meant was manual removal. Like HitmanPro found the malware & asked to reboot to remove it completely but after reboot the malware created itself again & HitmanPro again founds it if the scan is run again. So I can download specific tools for the malware if available & remove it.

But I meant scanners, cce, etc shows the malware location, etc so how to remove it manually. Coz even after going to the location & deleting it recreates itself.


	Logged

Grosbébé

Comodo Member

Offline

Posts: 48

Re: Malware That Recreates Itself

« Reply #3 on: April 12, 2012, 01:36:21 PM »

Hello

Quote from: SivaSuresh on April 12, 2012, 10:39:01 AM

You just described your problem but gave absolutely no useful information .

Please provide required information like the malware name, it's position, possible source, nature of infection. How do you know that it is a malware ? Did any of the above tools named it as malware ? What was the name given ?

If you want to manually remove a malware, you need to follow a specific strategy. This strategy is not the same if you want to remove a file infector or if you want to remove something like ZAccess.
So we can't answer your question if we don't know which malware is detected.

Regards


	Logged

naren

Comodo's Hero

Offline

Posts: 3861

Re: Malware That Recreates Itself

« Reply #4 on: April 13, 2012, 04:37:51 AM »

OK. Understood. Thanxx Replying.

Regards
Naren


	Logged

EricJH

Global Moderator
Comodo's Hero

Offline

Posts: 16722

Re: Malware That Recreates Itself

« Reply #5 on: April 28, 2012, 06:08:40 PM »

It sounds like the malware has one or more helpers. Does the malware file show up in Killswitch and does it have parents or siblings? Try suspending the file(s) before terminating and erasing them.

Are there suspicious drivers or services?


	Logged

Please read: Introduction to the 5.x Sandbox
With CIS v4 my p2p client (uTorrent, e Mule...) is not working properly anymore

Tags:

Pages: [1]

« previous next »

Jump to:

SSL Certificate

Free Virus Removal

Firewall

Page created in 0.04 seconds with 20 queries.

Design by 7dana.com