Other > Viruses and worms
MSN virus/several trojans help?!?
pandammonia:
Thanks again Tech and DavidR. Hope to fix this thing in the next few days. Have been investigating other peoples problems with this one and it seems Hijack This comes in quite handy. I've been studying up alot on how to use it and what everything means and such but i do realise it's still quite in depth and can cause some damage if used incorrectly, are you guys able to help with that if it has to go that far?
essexboy:
Possibly although I am running one at the moment, However you could mosey over to http://www.geekstogo.com/forum/You_Must_Read_This_Before_Posting_A_Hijackthis_Log-t2852.html to get started
DavidR:
Program & Tutorial - Also useful as a diagnostic tool - Download HiJackThis.zip - HJT Information HiJackThis Tutorial 1 or HiJackThis Tutorial 2 or HiJackThis Tutorial 3
There are a number of people that can help with hijackthis log analysis, there are also on-line analysis sites that give reasonable advice, but nothing is ever 100%. They give indications of Nasty, Possibly Nasty, Unknown, etc, these are the ones that need further investigation (google search on file name, etc.) before committing to a fix.
On-line analysis - HiJackThis Log file - On-line Analysis OR HiJackThis Log file - On-line Analysis 2 The first of these also has a means of uploading the suspect files for AV scanning.
But you can also seek advice here there are other places that specialise in this advice (as essexboy mentions).
pandammonia:
Cheers! A most helpful site. Will check out the others too. Will keep u posted on progress!
Thanks heaps guys. Honestly can't praise you enough for your help !
pandammonia:
Hey guys! Hows it going? Got some updates on this for you...
Upon further inspection of his computer, i ran AVG anti-virus and it detected over 110 worms and trojans, in all manner of place scattered about his pc. Not having the time or the patience to sit and write details of each i just moved them all to chest. I then went to 'restore files as' to try and copy them in case something goes wrong, but i couldn't send them to D: drive to burn, so left in the chest. That was a week ago, and he said everything is running ok, so should i clean all files or just delete? I don't want to remove avg and install avast until system is clean.
Also there were several dodgy as processes running that i shut down prior to scanning.As i said, there were soo man6y trojans n stuff i didnt grab all names n stuff, but a few of the infected files look like such; c:\kybrdff_e54.exe ( as well as 50.exe, 47.exe, 41.exe, 40.exe ); c:\dfndrff_e54.exe ( and 51.exe, 50.exe, 47.exe, 44.exe, 43.exe) ; c:\\mte3nd160d6xgnew.exe; plus some in sys restore. Whenever you open 'My Computer' a blank google window pops up and the only way to close it is to go through alt+ctrl+del.
I then ran ccleaner, adaware, spybot s&d, and am yet to run ewido/avg, (after turning off system restore). One of these (cant remember which) detected smitfraud-c , amitfraud-c.Toolbar888, and coolwwwsearch among others.
As you can see his system is severely infected. He's had problems like this before and mum won't pay to get it fixed anymore, so i'm his only hope. And as i'm just starting out in this sort of stuff, you guys are my only hope!
So my main question here is, what to do now? Clean or delete files in avg chest? Should i just run hijackthis now, or are there any other steps i should follow first?
Is this even going to be possible to fix?
Eagerly awaiting your reply AND thanking you in advance.
Cheers.
(oh btw- i 4get what kind of puter he has, i know it's an acer, running winXP sp2, pretty sure he uses firefox/mozilla browser)
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version