You should find this and the info below of use:
User's FAQHTH David
General Virus Removal Help - courtesy of whocares
What WIN do you have? Are all ServicePacks and Windowsupdates applied?
Have you managed to repair/reinstqll avast? so that the resident protection is working again?
-> test with harmless testfile EICAR.COM from
www.eicar.comWhat were the exact names avast gives the trojans?
Sometimes it's enough to
- clear all TEMP-folders (via drive CleanUp AND best also manually)
- empty Temporary Internet Files folder(s) (via IE->Tools > Options > General - Temporary
Internet files ->Delete files, including OFFLINE files) and
- empty java-Cache or
- disable
System Restore on Win ME/XP INCLUDING a REBOOT!! to get rid of it..
Test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name (you need to temporarily pause AV-Resident Shield/Monitor/Guard to be able to scan the file online)
(If they all don't show it as infected, please send it in a password-protected zip-file to virus (at) asw (dot) cz Include the Zip-password and a link to this posting in the mailtext)
Spybot, Ad-Aware and CWshredder might also help see
www.lurkhere.com ->nicefiles and
www.lavasoft.de-remove the Virus/Malware and it's system modifications according to VirusInfos from Avast,
VGREP,
TrendMicro,
Kaspersky,
AV-Boot-Disks; you might also try searching for the virus name or filename with google, see link in signature below.
General removal procedure:
- disable system restore on Win ME/XP
- kill respective Backdoor/Trojan process with task manager
- search for the file/process names in the registry; remove the malware's startup entries in
The Registry
- disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot
If you still can't remove it, you could post a logfile of Hijackthis here:
http//hjt.klaffke.de/en & read this first:
http://www.spywareinfo.com/%7Emerijn/htlogtutorial.html- Secure your system:
Change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - and better use a secure browser like Opera or Mozilla
- Scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro/RAV to check whether your PC is clean
- If needed, reenable system restore on Win ME/XP
Further Details and Links via the Forum Search