Author Topic: need some help removing TR/s.bzc Trojan  (Read 8635 times)

0 Members and 1 Guest are viewing this topic.

jpmartin

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #15 on: June 23, 2009, 01:24:36 AM »
when i tried to deleted or sent to quarantine is give a report said "Quarantine failed: deleteFile failed with error code 1381."
I'm scanning with Malwarebytes' Anti-Malware and it's reported

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: need some help removing TR/s.bzc Trojan
« Reply #16 on: June 23, 2009, 03:23:40 AM »
But dont run a scan in Safe Mode.

Quote
Boot into Safe Mode. Load avast into Program Files.
Start avast and set boot-time scan rather than run simple user interface scanner.
Restart computer.

Just use Safe Mode to uninstall all - install clean avast and then set boot time scan in Safe Mode and Restart computer - scan is then run after restart before programs need to load.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

jpmartin

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #17 on: June 23, 2009, 03:37:48 AM »
Like i said it before installed avast and let it scan itself. after completed start with windows but the screen turn black and freeze it self. try restart again and again, but the windows keep FREEZE in a black screen. So i have to uninstall avast in safe mode and the windows back to normal but the trojans is coming back as well... :-\


Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: need some help removing TR/s.bzc Trojan
« Reply #18 on: June 23, 2009, 04:11:31 AM »
Okay I read back through all the posts in this thread. I can only offer same advice because I think where your situation is at the moment is that with so much activity, infections have been mutating, making detection by clear definition unstable. Viruses (=malcode) rely on activity to mutate. Not so in Safe Mode but this would not mean (mal)scripts were not in place to jam or disable or confuse or whatever else - scanner in Safe Mode cannot untangle a mess, despite that viruses are kept from actioning any further for the time being.

In your case, given previous levels of activity running on the computer, Safe Mode may be best for preparing your attack on the virus. Set up a boot-time scan - use thorough and check archive if you want.

The value in the boot-time scan is that it should engage before the windows keep FREEZE in a black screen. In fact, it must. Though I admit that only doing will be proof and I'm not there with you.

The sequence is important - you have do each step in the right order so that boot-time scan can strike with full impact and comprehensively cover your directories. Virus detection should come early in scan.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

jpmartin

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #19 on: June 23, 2009, 08:10:00 AM »
I think i have an ideas of removing it, but is going to take a long times of finding it. this stepts below works right? i found it but wasn't sure. asking an expert before doing it. i suspecting is this keys but wasn't sure.

"WaitToKillAppTimeOut"
WaitToKillServiceTimeout"



"root viruses infect your system files
so it cannot be removed without a tough manuever
but they can be disabled by deleting the .dl key form
your registry (which most of the root virii use)
you can edit your registry by typing "regedit" in the "run" app.
from start menu"

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: need some help removing TR/s.bzc Trojan
« Reply #20 on: June 23, 2009, 08:41:43 AM »

If you kill your system, well yes, you will definitely also kill the virus.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1618
Re: need some help removing TR/s.bzc Trojan
« Reply #21 on: June 23, 2009, 02:11:13 PM »
Hey there jpmartin.

I spent a lot of time last winter detecting and removing viruses from computers. These viruses I came to learn later on were mostly variants of the malware that came to be accorded the conficker tag(s), and not really rightly so, but mainly through Microsoft desperately needing to operationalise a defence plan for its software range, particularly for Internet Explorer. Microsoft needed an all-encompassing criterion for malware in general, and over time conficker type effects of various sorts provided as useful sounding board for the many viral like infections that have customarily been identified as malware. This included categories identified as not conficker (example Gumblar can be categorised by what it is not, Conficker). Microsoft was not alone in setting a criterion against which type effects could be measured, and must bear in mind that they were mostly applauded for their effort. We are now in a position where we are far more knowing and practiced about malware, but the situations that we face with viral type infections are still difficult to deal with. And they are even more difficult to put into writing (as opposed to being there with all sensory abilities at work). There are no sure-fire situations, and no sure-fire solutions, until after a job has been satisfactorily completed, when it becomes easy to say that it was this, that, or the other, or whatever.

What I have generally settled on, and mostly as a result of work last winter, is to make sure things are always as much as possible in my favor and against the virus. I don't mess with my system and that includes Window Registry, which I regard as being balanced in my favor (despite whatever shortcomings it may have - let's say, for example, its reliance on .dll dependencies). I try as much as possible not to have programs running, because viral infections(=malicious code) feed off programs running. You may notice if you let a computer sit for a while (say, a few days), then return and switch on, the system runs okay, then progressively gets worse, until locks up. I try to set up for good runs at the malware - prepare in Safe Mode, load up my attack, then try to hit hard and fast, try to catch malware unawares with clean sweep. Much can be achieved this way, even by 'accidental' catches, luck on your side. So take the ground when you gain it, and always keep virus on back foot, securing your achievements, don't wilfully run programs that aren't anti-malware tools, keep at the job. Let computer sit again, then back with whammy hard and fast, gain more ground. I know this all sounds a bit dramatic, but because I have to put it in writing, I make it more like a battleground (and really, as far as I'm concerned, there is no computer game as exciting as fighting it out tooth and nail with a virus, and winning).

 I have to put it in writing, unfortunatly, so it cannot be perfect as being there doing it, so I can make errors also how I might put it. Can't be helped. What you will find, however, is that you will pick up yourself what to do, through your own good sense. And that also can't be helped. You will start to pick up a good practice, that no matter all the words I use, I cannot do for you. That is why I always come back to the clean the slate again (uninstall / re-install in Safe Mode - secure ground gained), prepare next step (set up the next whammy - again in Safe Mode if need be), hit hard and fast with boot-time scan (before programs start running), and then secure ground gained once again (don't wilfully run programs). But should most of the time gain real good ground with first good run at the malware.

I also think that a first run with MBAM (in Safe Mode if want), then remove any infections found, can be a good start point before bringing in your avast AV, which really should always be relied upon to do the heavy work. Last winter, before November reworking by Microsoft, I was doing all my detection and removal using only avast AV - granted that by November difficulties were probably rising (with USBs anyway - reformat was no longer adequate defence). But now it is necessary to have a layered, more arrayed, defence plan.

Also. I go to Registry to remove all leftover remnants of programs that I have uninstalled. I have a routine that I use, which people who know the Registry will also know. But I say this with some reserve, I have not said it in the forum before, and I would not recommend to anyone at all, and then if only necessary. The Registry is a no-go zone. I have time in years under my belt with Registry allows me to go there.

And finally. When you get the better of your infection and clean up your system to your satisfaction, then set up your layered defence plan for reason that one ounce of prevention is worth a pound of cure.

Regards, and sorry for being so long winded, but I would really like to see people get the better of the infections that can plague their computers.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.

jpmartin

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #22 on: June 24, 2009, 01:25:10 AM »
ok, I'm out of ideas of removing this viruses, can anyone help me out of removing this viruses.  :'( :'(

i'm still waiting from Avira support to help me out...

Mike Buxton

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #23 on: June 24, 2009, 04:04:53 AM »
Hi,

I suggest you might go to [details of a competitor of Avast withdrawn as jpm not interested].
My regards





 
« Last Edit: June 24, 2009, 10:29:02 AM by Mike Buxton »

jpmartin

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #24 on: June 24, 2009, 05:48:33 AM »
Last questions let's just said if i deleted everything include my OS and reformated hard drive and reinstall all back again since this computer was builted. Does this going to work back normally? yhis is the last resort......... :'( :'( :'(

Spiritsongs

  • Guest
Re: need some help removing TR/s.bzc Trojan
« Reply #25 on: June 24, 2009, 07:59:10 PM »
 :)  Hi :

 It appears time for you to ask for help from experienced, trained, certified,
 Volunteer "Malware Removal Specialist(s)" found on many Advanced malware
 removal forums, such as http://aumha.net, which is staffed by "Microsoft
 Most Valuable Professional(s)" .