Exploit Js Mult AI

  useryfnf 09:17 12 Oct 2011
Locked
Answered

Hi. My virus scanner says I have Exploit Js Mult AI. It removes it, but on restart it comes back, even after a rollback to a previous system restore point. I have Vista SP1. Do I need to change passwords on my computer? Can anyone tell me more about this or suggest a way to permanently remove it?

  gengiscant 09:34 12 Oct 2011

What most people seem to forget that if you have a virus or malware on your PC for any length of time it will also bee in system restore somewhere, so unless you restore far enough back it will pop up again. It is better to shut system restore so that it wipes your restore points then attemt to remove the virus.

Also if the virus came with something you have downloaded etc unless you get rid of that you will get it back.

I have Googled your post header and it looks like a trojan which came with a multimedia file.

Try this: Malwarebytes and or Superantispy both free. In future if you are downloading media files scan them before opening.

  useryfnf 13:48 12 Oct 2011

Thanks for your reply. Essentials says the problem is in Program Data\Microsoft\Search\Data\Applications\Windows\tmp.edb

I scanned this file and the computer with those 2 programs you recommended but they said there's no problem. I can't delete the edb file - it says it's in use by another program. I turned off indexing in windows but that didn't do anything. Is it possibly a false positive in Essentials? How can I know for sure? Thanks so much for all responses!

  gengiscant 14:23 12 Oct 2011

Your Virus perhaps: Trojan

Try this to get rid of it: Miicrosoft

  useryfnf 15:00 12 Oct 2011

Thanks for your continued help!

I tried that, but the program found it, deleted it, and it's right back on reboot - tried it more than once...

  gengiscant 15:33 12 Oct 2011

Can you run all your anti programs in safe mode, see if that does the trick.

  gengiscant 15:38 12 Oct 2011

You might also want to try this: Combofix

  useryfnf 20:22 15 Oct 2011
Answer

Somehow, when I restarted the computer a couple days later, Microsoft Security Essentials had been uninstalled and in its place were the 2 Malware detectors recommended above. I uninstalled them and installed Essentials again, but couldn't update the virus definitions (because I'm keeping that computer off my network and internet until I'm sure it's clean...). I scanned the folder that Essentials said the virus was in before, and this time Essentials said it's clean. I scanned the folder again with Microsoft Safety Scanner and, unlike before, it said the folder is clean. Can I trust this? If both Essentials (albeit a slightly out of date version) and Microsoft safety scanner said it's clean, can I assume that the trojan/virus was removed and it just took time to 'get it out my system'? Thanks

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best phone camera 2017

Stunning new film posters by Hattie Stewart, Joe Cruz & more

iPad Pro 10.5in (2017) review

28 astuces pour profiter au mieux de votre iPhone