| Other > Viruses and worms |
| MSN virus/several trojans help?!? |
| << < (3/15) > >> |
| Spiritsongs:
:) Hi Pandammonia : Your brother's computer should have the guidance of "Malware Experts" that are usually found on antiSPYWARE Support forums. They are volunteers who are very experienced in dealing with an "infected" computer. I recommend the one at www.landzdown.com because they are little known, resulting in fast turnaround times. IF you have NOT already put the "HijackThis" program on your brother's computer, download HijackThis (© Merijn) from: www.thespykiller.co.uk/files/HJTsetup.exe . Note: This is a complete installer that installs HijackThis to your computer at C:\Program Files\HijackThis, making an entry in the start menu and also providing a desktop shortcut. If HijackThis is used from a temp folder, it is in danger of being accidentally deleted by clean up tools. At the download prompt, choose "Save". After the download is complete, navigate to the C:\Program Files\HijackThis folder and double-click it to complete the installation. |
| galooma:
It doesn`t matter how much energy you put in with AVG , you are still going to get some left on the system when its finished that Avast! will detect. As soon as Avast! is installed you will be prompted to run a boot scan and this is where you will find and deal with the leftovers. Try to move as much to chest as you can but some may be delete only. try to stay off the net until the system is clean and has a firewall and AV installed so have those programs loaded onto disks or flashdrive for easy access. good luck and by all means post HJT log if you need any help :) |
| pandammonia:
spiritsongz- Yeah i know. Total of 133 items in his vault. Will check out landzdown, cheers. One question for u though... i have read on other forums that if HJT is installed in C:\ some trojans/viruses can hide from it, also if you label it HiJackThis this can happen? Clossau- hey fellow aussie.! I know, AVG anti-virus blows big time. As i said earlier i want it off so i can work with avast!. Got him to run ewido again- kept detecting same file,(c:\windows\system32\dxdlib303562752.dll) no matter how many times it was cleaned and sent to vault.Also "project1" has shown up under running programs, and whenever he logs on, a firefox window pops-up saying 'powerzip self extractor is extracting files. Please wait...'. I have searched google and numerous forums for answers but am now so oerwhelmed with conflicting information i'm getting addled, befuddled, bemused, confused, cranky,and irritable.His system is a mess! Would i be right in this method; Restore all files from AVG vault to disk/flash. Uninstall AVG, install AVAST! Boot time scan. Turn off system restore. Run CCleaner. Run in safe mode- adaware, spybot s&d, AVG anti-spyware (ewido). Run HJT (should this be done in safe mode?) Post log! |
| FreewheelinFrank:
Hi Pandammonia, I'm a little surprised that AVG is suddenly finding all this stuff: did he disable the anti-virus, I wonder, or did some malware disable it for him? If you want to use the tools at hand to clean the system, make sure you run scans in safe mode where possible: http://www.pchell.com/support/safemode.shtml Run a scan in safe mode with AVG and AVG anti-spyware and Spybot, and also Ad-Aware and a-Squared free if you don't have these already. AVG have a rootkit scanner, which I'd recommend you run before all these scans: http://www.freewarefiles.com/downloads_counter.php?programid=22524 If your brother is relying on the Windows firewall, the malware has probably brought it down: I'd recommend downloading a good third-party firewall like Zone Alarm of Kerio and installing that. If you update all your programs, go off line and chugg through all the scans, install the firewall, come back on line and post a HijackThis! log, we can clean up anything remaining and you can uninstall AVG and install avast! if you want to. As your brother has had similar problems in the past, it may be a good idea to make yourself the computer administrator and give him a limited user account with locked-down security. At the very least, you need to educate him about how he is getting infected. New viruses appear on MSN/Yahoo messenger hourly, and nothing is guaranteed to catch all of them, so if he doesn't learn some caution, he's going to undo all your good work in about five minutes once you let him loose again. http://blog.washingtonpost.com/securityfix/2006/05/the_importance_of_the_limited.html http://www.castlecops.com/article-6112-nested-0-0.html http://www.castlecops.com/postlite7736-.html |
| pandammonia:
Frank- Thanks for prompt reply.( Thats why i use avast forums rather than others, so quick on the ball). I'm not too sure as to why AVG didn't catch it as it came in. It is possible he disabled it manually, he does stupid stuff like that. He just doesn't read things properly before he clicks. Is a-squared the old name for AVG anti-spyware/ewido? Will do the rootkit scan tomorrow and run all in safe mode. Do i do HJT in safe mode too? Your advice re the administrator thing is something i didnt know. Will do that one once were clean. |
| Navigation |
| Message Index |
| Next page |
| Previous page |