Trojan Removal Procedure.
Malware is a general word for all form of Viruses, Spyware etc. This procedure works for all Malware. Replace the Ewido program with the appropriate program.
You might be unable to access the Internet after removing the Malware so you will need to run LSPfix or Winsockxpfix (as appropriate). Download one and save to desktop, run it later.
LSPfix: all Windows OS except 95.
http://www.cexx.org/lspfix.htm
Winsock XP Fix: Windows XP only.
http://www.spychecker.com/program/winsockxpfix.html
Download and Update Ewido (now called the AVG Antispyware):
http://www.ewido.net/en/download/
-- If you have problems updating see here:
http://www.ewido.net/en/download/updates/
Once the updates are installed do the following:
Let's get cleaning
Part 1
• Temporarily show hidden files.
For Windows XP:
1.
Click Start, and then click Control Panel.
2.
Click Appearance and Themes, and then click Folder Options.
3.
On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
For older systems:
1.
Double-click My Computer, click View, and then click Folder Options.
2.
On the View tab, under "Hidden files and folders", click "Show hidden files and folders", and clear (uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
Empty your Internet Explorer cache and your other temporary file folders:
1.
On the Internet Explorer Tools menu, click Internet Options.
2.
On the General tab, in the Temporary Internet Files section, click the Delete Files button. This will delete all the files that are currently stored in your cache.
3.
Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK.
4.
Click OK again.
Restart in Safe Mode:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
Start Scan and let Ewido scan the PC
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode.
If you are unable to access the Internet after removing Malware you will need to run LSPfix or Winsockxpfix (as appropriate).
If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem, removing the need to run Winsockxpfix. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the dialogue box that appears. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
The last steps
If you are running Windows XP or Windows ME, and your computer has been successfully cleaned of Malware, there is one more thing that needs to be done.
Delete any old restore points and then create a new restore one. The old ones may, of course, be infected with the Malware and cannot be used.
First, start and then stop the Restore Service. This is done differently depending on what operating system you are running.
Windows XP:
1.
Click Start, and then click Control Panel.
2.
Click Performance and Maintenance, click System, and then click on the System Restore tab.
3.
Select the Turn Off System Restore check box, click Apply, then restart your computer.
4.
Return to the System Restore Tab and turn System Restore back on.
Windows ME:
1.
Click Start, click Control Panel, click System.
2.
Click Performance, click File System, and then click Troubleshooting.
3.
Enable the option Disable System Restore, click Apply then restart your computer.
4.
Return to the Troubleshooting tab and turn System Restore back on.
To set a manual restore point complete the following steps:
1.
Click the Start button.
2.
Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3.
Choose Create a restore point, and then click Next.
4.
In the Restore point description box, type a name for your restore point, and then click Next.
5.
Click OK.
If ewido did not remove the Trojan then it means it is a Smitfraud Trojan. These type of Trojans require a specialized program to remove them. These two site have programs that remove Smitfraud Trojans.
http://www.internetinspiration.co.uk/roguefix.htm
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
2006-10-09 22:05:23
·
answer #1
·
answered by Anonymous
·
0⤊
0⤋
Try going to add and remove programs and see if you can UN install this from there.If not try going to tools on Internet explorer and go to Internet options/general and try changing your home page there. If this does not work hit me at yahoo and tell me what the name of the Malware is and i may can help you.
2006-10-09 21:17:10
·
answer #3
·
answered by tr2thhrt 5
·
0⤊
0⤋
hi, i recommand you to use a more powerful and easy to use security suite. CA eTrust Internet Security Suite
CA's eTrust Internet Security Suite R2 offers a powerful set of tools to thwart all kinds of online mayhem. Like its better-known competitors Symantec Norton Internet Security 2006 and McAfee Internet Security Suite 2006, eTrust Internet Security Suite blocks phishing attempts, criminal hacker intrusions, and pop-up ads; quarantines spam; stops spyware; and keeps the kids off objectionable Web sites. Its new interface is attractive and, despite a few minor quirks, easy to navigate. Best of all, its virus scans are fast and its full-system scans won't bring your PC to its knees.
You can get a detailed slidshow of CA eTrust Internet Security Suite in here:
http://network.sitesled.com/internet-security/
Best Wishes && Good Luck!
2006-10-11 02:15:36
·
answer #4
·
answered by Anonymous
·
0⤊
0⤋
try downloading a free programme called spybot make sure its updated and it should get rid of all that.or go to start and pick run command and type 'msconfig'.then start up application now the careful part! check the programme names of all your files example win.exe or sb.exe in list and type them into google and it will tell you wat it does or if its a trojan.when u find a trojan unclick the box beside it.When your finished restart comp and hey presto.Try the spybot first and be careful what box you click in start up.
Hope this helps Gareth.
2006-10-09 21:15:36
·
answer #5
·
answered by Anonymous
·
0⤊
0⤋