Help:
I can not remove a rootkit infection “queazie.exe” on 2 external hard drives which folders (not the files contained therein) have the attribute “hidden” always active and therefore can not be obscured and clear. Avast Antivirus Pro would remove the rootkit after a scan but the situation remains the same even after software used anti-rootikit. Please help me!
I suggest:
- Clean your temporary files.
- Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
- Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, it is better and safer to send the infected file(s) to quarantine (Chest), rather than simply deleting them.
- Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
- Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
- Clean your Hosts file (replacing it) with HostsMan tool.
- Disable System Restore and then reenable it again.
- Immunize your system with SpywareBlaster.
- Check if you have insecure applications with Secunia Software Inspector.
If it does not clean, I suggest you visit this page http://www.antirootkit.com/software/index.htm for antirootkit detection, removal & protection. Comparison test here: http://www.informationweek.com/software/showArticle.jhtml?articleID=196901062&pgno=1&queryText=