Running all the tools as they each suggest, generally run them in Standard mode to initially scan, then run them again or change to Safe mode to scan and/or correct the damage(s).MysteryFCM wrote:OOI, are you running these in normal, or safe mode?
.... and can you post the SFF report?
If nothings getting rid of it, chances are you also have a rootkit .... so might also want to run GMER (http://www.gmer.net) to track it down.
Lately, however, if I just KNOW that there's nasty materials in there, I skip Standard and go direct to Safe mode.
Hmm, yes... Rootkit is a possibility. (Hey, people, remember it took Sony to make those RootKits "famous"...)
I too had a few random bats in my belfry that whispered "root kit?" yesterday...perhaps time to see about it. Although most of the "infamous eight" protection products SAY that they can detect rootkit(s), and so far they have not reported any...
I am game to give GMER a try, at least scanning the system. Presuming that GMER itself is an otherwise safe-to-the-system product, I shall see what it says.
Thank you for the heads-up on it.
UPDATE 24 April 2007 - Webroot Spy Sweeper says that its latest update detected Vundo in the system. Unfortunately, the Full Scan that detects it takes an average 3 hours(!)...and that's on a normally fast system.
After letting it run, detect Vundo and reset the system, I again booted into Safe Mode and ran Spy Sweeper again -- another 3 hours Full Scan -- and so far so good...Vundo IS gone totally, and nothing else is detected.
I will run GMER just for the sake of completeness...then MAYBE trust my system again for a short while...