Hi I recently downloaded something which seemed like a virus but I still clicked on it. I have bitdefender 2010 total security running. It detected the virus and stopped it. Then the next day my internet went down, I was getting cannot get DNS address on that computer only. All wifi connection were working fine. I resolved it by putting in static DNS address that i found as a solution on a random website where people were getting DNS errors. When I ran the virus scan it found 8 instances of trojan.nsis.agent.a virus which it quarantined. Now everytime I restart windows bitdefender it finds two instances of trojan.nsis.agent.a in searchprotocolhost.exe in the windows temp directory. It blocks and quarantines the files. It happens each time. So the source is still somewhere on the computer. Bitdefender and malware bytes find no viruses or trojans. Any suggestions of what else I can do? btw running windows 7 64 bit prof. Below is the log for Hijackthis Below is the address for Hijackthis pastebin.com/A2341nkF
It is hard to say for sure, it appears that by your Hijackthis log that there is no virus file running but the AV is unable to kill it completely so it revives at reboot. What I would suggest is to start your computer in safemode and run the virus scan. Hopefully that will remove the remainings that it cannot remove normally. If that still does not work then temporarily remove BitDefender and install another AV like Kaspersky to scan with that. I am sure though that most likely BitDefender will be able to remove this once and for all when you reboot your computer. Also click start and type "msconfig" without the quotes, then go to the startup tab and disable any entries that look strange to you if any.
You may have a rootkit lurking, but definitely something that Bitdefender isn't capable of handling very well. Make a search for GMER and you can check for rootkits. Also, you can try a pass with Combofix (which uses GMER) and see if it will get rid of it. Otherwise, you can also boot into a third party environment. I've got website detailing how you can get rid of some nasty malware, but I don't want to spam it here. However, here's some tools you can try: MalwareBytes SuperAntispyware Hitman PRO 3.5 - Don't install this program, just run it portably. It does an excellent job at detecting rootkits. However, it's glitchy if you leave it running in the background. It crashes Explorer sometimes. Combofix - May pork your system if it removes a system file, so be careful. and you can also check out "Autoruns" from Microsoft to see a more detailed list on start up items. Download ProcessExplorer, open it, and go to View->Lower Pane View->Show DLLs. Select each process and see if there's anything loaded that shouldn't be (may have to research). Also, sometimes "sfc /scannow" in a CMD prompt will correct system files that have been modified, but don't count on it. Open CMD and type "netsh winsock reset" and reboot and see if your connection issues are fixed. Oh, and you may wanna uninstall your AV before you do all of this. This is usually the first thing I would do and then stick the AV back on there afterwards clean.
You should have known the consequences from doing this from the very beginning, but I feel sorry for you so here's what I recommend: Search Google for "Active Killdisk" it's a very good tool for deleting all data on an HDD make sure to get the ISO file and burn it because it's an startupdisk when you boot the computer, follow the on screen instructions, basically what it does is to write zeros, there is other methods but this one is the freeware version and after that your HDD vill be empty. Restart after that and then reinstall Windows 7. This will probably with 99.99% chance remove the virus for you but make sure to backup all data before deleting the HDD.
Ya maybe but don't say that for sure dude, some rootkits are very sufisticated and hard as hell to remove, Even MBAM could not detect the one that I had and SpyHunder I cannot say cause I never used it. I would still say using some live boot disk with either the Kaspersky AV or the ESET AV so nothing runs other then the programs on the disk, that is the best way to detect viruses but you need to get ahold of those disks. Both ESET SS and Kaspersky lets you create them from their software suite options. They are very useful in tight situations.
You guys really trust all these Spyware/AV/Malware scanners out there? I mean some scanners can pick up a threat one moment while the others can't yet it's the same threat which should be recognized by all of them (In theory) I for sure don't trust them enough to have my HDD filthed with it and I think all you really need is a strong and solid firewall setuped correctly *Don't know if to raise flame shield or not* Then again it's all about common sense when surfing the web, some sites should not be visited, somethings should not be clicked or downloaded no matter what.