Avast WEBforum
Other => Viruses and worms => Topic started by: ZStorm on April 12, 2008, 10:10:14 PM
-
Hiya
My pc went crazy almost a week ago. At first I thought it was a Windows issue but things went ugly here and so far I found out the following malware:
- Trojan.Downloader.Bagle.fg.2
- Trojan.Toosrrr.SRR
- Win32:Adloader_MT [trj]
- Win32:Banload-DRE [trj]
- Win32:Trat-D [Drp]
- Win32:Rootkit-gen [Rtk]
- Win32:Beagle-AWW [trj]
- Win32:Adware-gen [Adw]
Details of how all happened and tools/tasks used and perfomed as well as the logs are on my thread:
http://forum.avast.com/index.php?topic=34581.0
From all I heard and read, I should perform scans and tools on SAFE MODE. Thing is... SAFE MODE IS NOT FUNCTIONAL. Last attempt on changing settings on MSCONFIG resulted in system to not start up at any mode. I had to perfom manual set up on DOS to get boot back running on normal.
Can you please please please tell me what to do? ??? ??? ???
I dunno which tools more I can or should run, if I should have System Restore on or off, if Im compromising even more my pc for using internet to post here, search for information, download tools etc. In addition, I have no idea if sensitive data would be compromised as I use home banking too. :'(
Tks a bunch for any help.
-
Beagle virus disable and destroys avast files...
You need to install the latest 4.8 version (or better the latest beta).
I also suggest:
1. Disable System Restore and reenable it after step 3.
2. Clean your temporary files.
3. Schedule a boot time scanning with avast with archive scanning turned on.
4. Use SUPERantispyware (http://www.superantispyware.com) and/or Spyware Terminator (http://www.spywareterminator.com/) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
5. Test your machine with anti-rootkit applications (http://www.antirootkit.com/software/index.htm). I suggest avast! antirootkit (http://files.avast.com/files/beta/aswar.exe) or Trend Micro RootkitBuster (http://www.trendmicro.com/download/rbuster.asp).
6. Make a HijackThis (http://www.bleepingcomputer.com/files/hijackthis.php) log to post here or, better, submit the RunScanner (http://www.runscanner.net/) log to to on-line analysis.
7. Immunize your system with SpywareBlaster (http://www.javacoolsoftware.com/spywareblaster.html) or Windows Advanced Care (http://www.iobit.com/AdvancedWindowsCarePersonal/index.html).
8. Check if you have insecure applications with Secunia Software Inspector (http://secunia.com/software_inspector/).
-
Please stick with your original topic (http://forum.avast.com/index.php?topic=34581.0 (http://forum.avast.com/index.php?topic=34581.0)) as surely these are all related and you were given info on the restoration of safe mode. Not to mention oldman has put a lot of time into helping you in that topic and all this does is duplicate effort for those trying to help.
-
I got to run in safe mode, I managed to install Avast 4.8 days before and has been running it updated and Im following Techs instructions since I got them from him on here yesterday. Ive performed steps 1 to 3 by now. Thanks a lot for your suggestions, Tech.
Please stick with your original topic (http://forum.avast.com/index.php?topic=34581.0 (http://forum.avast.com/index.php?topic=34581.0)) as surely these are all related and you were given info on the restoration of safe mode. Not to mention oldman has put a lot of time into helping you in that topic and all this does is duplicate effort for those trying to help.
Im gonna stick with my original thread as you suggest David but Id like to clear up I only created this post when I didnt have managed yet to recover safe mode (you posted me the links for fixing tools on original thread hours after this thread here was created) and in addition from having had information from before I was dealing, amongst other threats, with Beagle I had absolutely no idea of what to do next. I was toll stucked and thought as theres a space to deal with only with viruses & worms, it would have a point into getting the matter here. I had no intention to duplicate efforts what so ever. Im terribly sorry if it looked or ended that way.
You said something I guess Im missing... I had no help from oldman (unless he used another profile to post on my original thread), actually he only posted on my thread yesterday confirming your good suggestion for fixing safe mode. I dont wanna sound ungrateful at all or anything like that but maybe you got mistaken or misplaced me for somebody else when you said he had inputed lot of time in helping me.
Anyway, Im back to my original thread and posting there whats new on my end.
Thank you Tech and David for your attention and great help.
-
Hi. you're right, I only replied yesterday. The first time I saw this post. Honest mistake on DavidR's part, I do seem to get around. I wasn't aware of your problem, I don't get to the home/pro forum much, stuck in the basement so to speak. I'll look in on your other thread now.
-
Tks a bunch, oldman. Im following you on my original thread.