Author Topic:  (Read 9435 times)

0 Members and 1 Guest are viewing this topic.

Offline Muni70

  • Newbie
  • *
  • Posts: 2
« on: December 23, 2008, 12:13:40 PM »
Hi! when I run AgentNetstat I see: remote adress hxxp:// conected. I would like to know how can I kill this malware.

I tryed: ccleaner, shutdown system restore, start in safe mode, run malwarebytes, ccleaner again, restart and antivirus online...
But nothing 007guard is still there. ???
I have the free avast home version.
Thank you a lot.
« Last Edit: December 23, 2008, 03:36:27 PM by kubecj »

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67145
« Reply #1 on: December 23, 2008, 12:20:35 PM »
I suggest:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
6. Disable System Restore and then reenable it again.
7. Immunize your system with SpywareBlaster.
8. Check if you have insecure applications with Secunia Software Inspector.

The best things in life are free.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4863
  • I'm a GNU
    • Don't Surf in the Nude!
« Reply #2 on: December 23, 2008, 12:54:52 PM »
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Muni70

  • Newbie
  • *
  • Posts: 2
« Reply #3 on: December 23, 2008, 01:56:15 PM »

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 78557
  • No support PMs thanks
« Reply #4 on: December 23, 2008, 03:10:54 PM »
Can you please modify your first post and edit the URL so it isn't active to avoid accidental exposure. Change the www for wXw, e.g.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 17.6.2308beta/ Outpost Firewall Pro9.3/ Firefox 52.3.0 ESR, uBlock Origin, RequestPolicy/ MailWasher Pro7.8.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security