General Virus Removal Help courtesy of whocares.What WIN do you have? Are all ServicePacks and Windowsupdates applied?
Have you managed to repair/reinstqll avast? so that the resident protection is working again?
-> test with harmless testfile EICAR.COM from
www.eicar.comWhat were the exact names avast gives the trojans?
Sometimes it's enough to
- clear all TEMP-folders (via drive CleanUp AND best also manually)
- empty Temporary Internet Files folder(s) (via IE->Tools > Options > General - Temporary Internet files ->Delete files, including OFFLINE files) and
- empty java-Cache or
- disable system restore on Win ME/XP INCLUDING a REBOOT!! (
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm )
to get rid of it..
Test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name (you need to temporarily pause AV-Resident Shield/Monitor/Guard to be able to scan the file online)
(If they all don't show it as infected, please send it in a password-protected zip-file to
virus (at) asw (dot) cz
Include the Zip-password and a link to this posting in the mailtext)
spybot, ad-aware and cwshredder might also help
see
www.lurkhere.com ->nicefiles and
www.lavasoft.de-remove the Virus/Malware and it's system modifications according to VirusInfos
from Avast,
VGREP,
TrendMicro,
Kaspersky,
AV-Boot-Disks;
you might also try searching for the virus name or filename with google
General removal procedure:
- disable system restore on Win ME/XP
- kill respective Backdoor/Trojan process with task manager
- search for the file/process names in the registry; remove the malware's startup entries in the registry
- disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot
If you still can't remove it, you could post a logfile of Hijackthis here:
http//hjt.klaffke.de/en & read this first:
http://www.spywareinfo.com/%7Emerijn/htlogtutorial.html- Secure your system:
Change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - and better use a secure browser like Opera or Mozilla
- Scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro/RAV to check whether your PC is clean
- If needed, reenable system restore on Win ME/XP
HTH David