 |
 |
I think the same as STeve Andre'. You are better off re-starting with a clean slate. Scrub the whole thing. I had too many cases where getting rid of a particular piece of malware took me long than reinstalling everything in the system. On 1/12/2012 9:33 AM, STeve Andre' wrote: > On 01/12/12 09:10, Al Puzzuoli wrote: >> >> Just wondering if anyone has seen this before. I'm working on a >> student's laptop. It had one of those rogue Antivirus Malware threats >> on it, which I removed using Malware Bytes. Now somehow, the laptop's >> track pad and keyboard have been disabled in XP. I initially thought >> there was a physical problem; but the internal keyboard works in the >> bios, and external keyboard and mouse work just fine in Windows. Has >> anyone ever seen the like before? At this point, I'm pretty much stumped. >> >> Thanks, >> >> Al >> > Unfortunately, you have not removed it. > > I had that about two months ago on a friends machine, and used > stuff to remove it, and it came back, all on its own. Manual digging > revealed that it hid a copy of itself in dllcache, such that it was > able to defend against things like MWB. > > Yes, I have seen the keyboard go, but not mouse. Kind neat, killing > all normal input. > > Some of this stuff is just brilliant programming. > > Me, I'd scrub the machine. I do not think it is possible to get some > of this stuff off machines. Or, it *is* but at an incredible cost in > terms of time. My department chair had a virus which emailed > copies of itself, a few years ago. He managed to get the virus part > off, but the little smtp engine was still there, flopping around like a > fish out of water, creating these tiny temp files for each smtp > session. It didn't send anything, but created thousands of files. I > decided to fight this thing myself, and kept track of my time. It > took 39 hours to do that. I won, but I think it was something of a > Pyrrhic victory. > > Sorry to be depressing, but I've come to the conclusion that there > are several viri which you just can't reasonably get rid of... > > --STeve Andre' > -- Oscar Castaņeda Global Observatory for Ecosystem Services Michigan State University