It has been four consecutive nights now that my McAfee has detected and deleted this virus. Where is it coming from? How come it doesn't go away after virus scanning and deletion? It's relentless! And the location it is found in varies. It pops out in different locations.
2006-11-02 02:00:15 · 12 answers · asked by Squeaks 3 in Computers & Internet ➔ Security
I have ran the Norton Spyware Scan provided by the Yahoo toolbar and teh Lavasoft Ad-aware. nothing was traced. prior to this Mcafee deleted teh virus, but I'm pretty sure it'll detect it again tomorrow nigth as it has been for the last few nights.
2006-11-02 02:10:57 · update #1
it is a trojan not a virus
Kaspersky Anti-Virus 6.0
lets get that out of ur pc ur some antivirus will miss key keylogger and trojans . frist of all you need to download avg antispyware this is verry good in getting all kinda bad files . then you need to download Adaware
a-squared< is verry good in picking up traking software files that is on the pc and it will find them . then download antispyware blocker that will find any type of virus . trojans files with antispyware blocker when you run that at the top of the box ur see
C:\ WINDOWS
remove the word windows and just leave in
C:\
then hit scan it will search all of the pc every file for virus or trojans and this will not have any problem with ur antivirus you have i have this my self .
then download spyware doctor that will search the pc for even more spyware adaware . just having 1 or 2 antispyware dont cut any ice at all you neeed what i said to download . when you have them run ur pc in safemode and scan the pc with then 1 at a time . this way from safemode the trojan and keylogger cant hide them self coz there is not internet access on in safe mode all the software i said to download will get the trojans and keylogger
if they say some are in the registry you watch what path there in and get in the registry and right hit on that folder and hit remove dont worry when the pc restart up win xp will creat a new clean folder for you
2006-11-02 02:05:03 · answer #1 · answered by ? 4 · 0⤊ 0⤋
Hi there,
I honestly wouldn't waste your time with programs such as AVG, Spybot and Adaware.
The number of people who have AVG, adaware and Spybot installed but then get confused as to why they have been infected is increasing by the day. In all seriousness, these programs (especially spybot and adaware) are no longer good enough to be your only protection against viruses, spyware and adware (as well as trojans, rootkits and other nasties). They used to be great programs a couple of years ago, but have now been overtaken by programs with next-generation approaches.
Everyone thinks AVG is amazing because it's free, but if you take a look at the latest protection figures you will find AVG comes virtually last - a LONG way behind the rest.
http://www.av-comparatives.org/seiten/ergebnisse_2006_08.php
Anyway, back to the question in hand.
Unfortunately you have been infected with the Generic Backdoor infection:
http://virusinfo.prevx.com/pxparall.asp?PXC=f57c227979
The best and easiest way to remove this infection is by installing the Free Trial of Prevx1. This will scan your PC and remove this and any other infections free of charge.
http://www.prevx.com
2006-11-02 02:49:22 · answer #2 · answered by Secure Expert 5 · 0⤊ 0⤋
Perhaps you need to check your filter and put it on the highest for scanning emails, and make sure your pop up blocker is working. I think you have the cookie embedded...so get rid of your temporary files, and your cookies!
Do you have spybot ...and ad aware, two very good virus detectors? sorry but the mcAfee didn't stop or remove them for me.....I got most of my downloads from the site, and microsoft.
Those problems are real, and good luck in getting rid of them.
2006-11-02 02:10:07 · answer #3 · answered by May I help You? 6 · 0⤊ 0⤋
Hi I recently submitted this to another person who asked the same question and it won best answer but the others who posted here have brilliant answers also :-)
Go to this site and you can get the free software to help remove it.
http://www.freewebs.com/year2006/freesoftware.htm
I am looking at that page now as I type this and you should go to this page and click on the 4th software program on the list. It will download free for you and you won't have to pay anything ever. It will remove it for you for sure.
2006-11-03 11:09:08 · answer #4 · answered by gotoourconference 2 · 0⤊ 0⤋
The reason is it not removing it is because parts of it are in hidden files, folders and maybe restore point files. As soon as you finish running McAfee it dowloads the parts you removed and reinstalls those parts. Use this procedure and it should be removed completely.
VIRUS and SPYWARE REMOVAL PROCEDURE FOR WINDOWS XP
Removing infections from your computer is never as easy as aquiring them. Malware infections are not meant to be removed, so, it takes TIME and PATIENCE to get rid of them. ONLY RESORT TO A REFORMAT AFTER ALL ELSE FAILS TO REMOVE THE INFECTION.
This procedure works for all Malware. Use any AntiVirus or AntiSpy program you choose.
UPDATE YOUR ANTI-VIRUS PROGRAM.
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH YOUR ANTI-VIRUS PROGRAM.
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode. DON'T FORGET TO RESET HIDDEN FILES AND FOLDERS.
NEW RESTORE POINT.
The RESTORE POINTS may be infected with the Malware and cannot be used.
HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
2006-11-02 02:18:23 · answer #5 · answered by Anonymous · 1⤊ 0⤋
I can give a few links that offer free virus and spyware removers...!You may be having a virus or spyware installed on your PC. Norton, AVG , Avast are free antivirus software. Ad-aware, Ewido are free spyware removers. You can download free softwares at
http://fixit.in/antivirus.html and http://fixit.in/spywareremover.html
2006-11-04 18:24:03 · answer #6 · answered by Anonymous · 0⤊ 0⤋
This all is bad and this is a link that should take care of this,It sounds like it is in with virus burst and pest trap just download and install and scan Good Luck
2006-11-02 03:01:32 · answer #7 · answered by tr2thhrt 5 · 0⤊ 0⤋
First off, download ATF Cleaner and delete all temporary files where malware can hide. Make sure you set your Windows Explorer to show all hidden system files before you run ATF.
Update your antivirus. If you do not have one, download and install AVG or Avast!. They are free.
Also install and update:
1. Ad-Aware SE
2. Spybot Search and Destroy
3. Windows Defender (free from Microsoft)
4. Microsoft Malware Remover (free also)
5. SpywareBlaster
6. Ewido
7. Google Toolbar
8. McAfee SiteAdvisor
9. Firewall like Comodo Personal Firewall or Sygate Personal Firewall
10. CWShredder - there are 2 versions. Make sure you install both the last Merijn version and the latest version from TrendMicro.
11. About:Buster
12. HijackThis
13. EMCO
14. SUPERAntispyware
Update them RIGHT AFTER YOU INSTALL THEM.
All the above are FREEWARE. All of them are easily Googleble.
Reboot to Safe Mode and run your antivirus, #1-4, 6, 10 (both versions)13, 14 & 11.
Reboot in Normal Mode. Run HijackThis (or HJT for short). DO NOT REPAIR OR FIX anything that it will list in its scan log. Just copy the whole log.
Register for free at MCH Forums:
http://mycomputerheadaches.tz4.com
After you register, post your HJT scan log at the above site, specifically at the System Security Forum. Precede your posting with a detailed description of your problem. And use a descriptive subject line. For example:
WinXP: Yahoo Messenger infection
Be patient. OJ, our resident HJT expert, has a life outside of his cyberlife. So just wait until he responds. Do read all the postings at the Announcements Forum to follow what you need to do as an MCH member.
I strongly recommend that you back up the registry before making any changes to your Registry. Incorrect changes to the registry can result in permanent data loss or corrupted files. Modify the specified subkeys only. For instructions on how to make a backup of the Windows registry:
How to back up Windows Registry
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/199762382617?OpenDocument&src=sec_doc_nam
Note: If the Registry Editor does not open, the worm has made changes to the registry that prevent it from running. To fix this, download and run the Tool to reset shell\open\command registry keys, which also fixes this problem:
http://www.symantec.com/security_response/writeup.jsp?docid=2004-050614-0532-99
Click Start > Run.
Type regedit
Click OK.
Navigate to the subkeys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServices
In the right pane, delete the value:
"Windows Messenger Messenger" = "winmsg.exe"
Navigate to the subkeys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
In the right pane, delete the values:
"DisableRegistryTools" = "Invalid dword value"
"DisableTaskManager" = "Invalid dword value"
Close the Registry Editor.
Our sister Yahoogroup is:
MCH Yahoogroup
http://mch.tz4.com
2006-11-02 02:06:42 · answer #8 · answered by Reston 4 · 0⤊ 0⤋
Try some more scans, here's a good list to try.http://www.basicspywaretips.com/getridofspyware.html
2006-11-02 03:18:12 · answer #9 · answered by Mark 4 · 0⤊ 0⤋
Give up using Windows, and install Linux on your computer. Linux is immune to all viruses, malware, spyware and adware.
Go to www.distrowatch.com to find out how to get all the popular flavors of Linux...
...then do an image search for Linux screen grabs on Google.
BE COOL - GET LINUX
DC :)
2006-11-06 06:03:58 · answer #10 · answered by Anonymous · 0⤊ 0⤋