Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Boot sector Virus removal: CIDOX


07 Nov 2013   #1

Windows 7 32 bit
 
 
Boot sector Virus removal: CIDOX

I'm helping a friend who is having a problem removing a boot virus on her Windows 7 system. She bought Norton360, installed it and worked with their support team to remove this virus. They found and removed other viruses, but they were unable to remove this particular virus. She utilizes my network to access the Internet and my ISP indicated that they were receiving spam generating traffic from my network. Here's the message they sent me:

This malicious traffic has been determined to be an instance of the "Zero Access" rootkit (also known as "Sireref").

Norton gives an indication on her computer that she has a boot trojan with the name: CIDOX.

Does anyone have a suggestion on how to clean her computer completely and removal all instances of virus and malware? She does have a Recovery set of disks that she created when she first activated her computer.

Thanks for any help that you can give.


My System SpecsSystem Spec
.

07 Nov 2013   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Follow instructions here for a clean re-install Clean Reinstall - Factory OEM Windows 7
My System SpecsSystem Spec
07 Nov 2013   #3

Windows 7 Home Premium
 
 

...or, we can take a good shot at it...


Please download the Farbar Recovery Scan Tool:
Link:Farbar Recovery Scan Tool Download
Select the version that applies to your system.
Save it to your Desktop.

Double-click the downloaded file to run it.
When the tool opens click Yes to the disclaimer.

Press the Scan button.

The tool makes a log (FRST.txt) in the same directory from which the tool is run (Desktop).
Please provide the FRST.txt in your reply.

The first time the tool is run, it also makes another log: Addition.txt
Also post the Addition.txt in your reply.
My System SpecsSystem Spec
.


07 Nov 2013   #4

Windows 7 Home Premium (64 bit)
 
 

ya, you could try and tackle it, but my experience with these kind of rootkits says do a full reinstall. It will absolutely kill that virus. You will have to save all important data/files etc first, when doing a full install as all data will be lost. Just my thoughts.
My System SpecsSystem Spec
08 Nov 2013   #5

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1 Pro
 
 

You could also run TDSSKiller, which removes most rootkits.

TDSSKiller Rootkit Removal Utility Free Download | Kaspersky Lab US

However, malware tends to invite others to the table & if you want to be sure it's gone, a clean re-install is the way to go.

Be sure to format/wipe the disk before doing the reinstall as some rootkits have been known to survive a reinstall. Rootkits are known to write hidden boot partitions, so these must be eliminated from the disk.
My System SpecsSystem Spec
08 Nov 2013   #6

Windows 7 Home Premium
 
 

Quote   Quote: Originally Posted by Borg 386 View Post
Rootkits are known to write hidden boot partitions, so these must be eliminated from the disk.
True!

...and there are tools that target these:

Quote:
This malicious traffic has been determined to be an instance of the "Zero Access" rootkit (also known as "Sirefef").

Norton gives an indication on her computer that she has a boot trojan with the name: CIDOX.
However, at this point, we may have lost the OP!!
My System SpecsSystem Spec
Reply

 Boot sector Virus removal: CIDOX




Thread Tools



Similar help and support threads for2: Boot sector Virus removal: CIDOX
Thread Forum
Want ideas for Virus removal if virus shows up in safemode CMD System Security
Virus Removal System Security
bad sector removal using win7 ? Performance & Maintenance
Boot Sector Virus Help For Win98 Chillout Room
After Virus Removal System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:55 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33