Virus! Peernet?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Argh, I feel like a n00b. While trying to fix a wireless connection
problem, I must have left my machine wide open to attack. First I knew
of it, it slows down, and a red "Infected" icon appeared in my task

I disconnected the internet connection and rebooted. Windows Explorer
refuses to start and, when I tried to start it from the Task Manager,
it immediates dies/is killed.

Using the command line, I ran AVG anti-virus - it found one file
infected, but I don't think it was to do with the problem. When I
rebooted, same problem as above.

I tried a repair installation. No luck, Explorer _still_ dies.

I looked at my Windows directory to see if there was anything obvious
added there. There was a new directory in there called PeerNet, which
didn't ring a bell. Doing a google says something about printer
drivers, it's a product I definitely haven't installed. Anyone know if
it might be the problem? Any idea how to resurrect Explorer at least?




"I was raised in the Jewish tradition, taught never to marry a
Gentile woman, shave on a Saturday night and, most especially,
never to shave a Gentile woman on a Saturday night."

Re: Virus! Peernet?

Paul Moloney wrote:

Quoted text here. Click to load it
I've seen Peernet on lots of clean machines so I don't think that's your
problem. I'm guessing that "trying to fix" meant you disabled your av
and firewall.

You can start by scanning for viruses with either Sysclean (see link
below) or Dave Lipman's Multi-AV. Then continue cleaning with the
non-viral malware removal steps on my website. Make sure you follow the
directions to disconnect the machine from all networks. If you have
more than one machine (it sounds like you do), it would be smart to run
scans on all machines. Don't bring up the network until you know all
the machines are clean. - Dave Lipman's Multi-AV

It is very dark. You are likely to be eaten by a grue.

Re: Virus! Peernet?

I've performed a number of scans/cleans from the command line now with
multiple tools, including:

* F-Proc
* Spy Sweeper
* Ad Aware
* Spybot
* AVG command line
* CoolWebSearch Shredder

All in all, the following were found:

* CoolWebSearch
* cws_tiny0
* alyon

However, even when I do an XP repair, I still find that Windows
closes when I try to run it.

Visually scanning the Windows directory, I've just found two  files
that no spyware/virus
scanner picked up on:

* mssearchnet.exe - /
* nvctrl.exe - /

Not sure why none of the scanners used missed these. I deleted it, but
Explorer still doesn't start up. Looks like I'm going to have to do a
full reinstall.

Any idea why none of the scanners I used picked up on the above files?


Re: Virus! Peernet?


Quoted text here. Click to load it

Both those files are suspect. Upload them to Virus Total:

You should use a better av than what you've tried. Try KASFX from my
web site. It's based on the Kaspersky scan engine.


Site Timeline