he got a virus and he says he thinks its a trojan horse. it apparently attacked his anti spyware and antivirus program first, then spread and has shut down all his other programs. is there anything he can do?
2007-10-07 16:55:03 · 8 answers · asked by oranges311 2 in Computers & Internet ➔ Security
i just found out the virus is called trog/Dloadr-BDZ or BCZ. does that help?
2007-10-08 10:35:50 · update #1
He should go into Safe Mode and run his antivirus program from there. Windows will not be loaded and hopefully he will catch any self executable files.
Safe Mode:
>>>Power on - as soon as you see the system working, checking memory, etc. - and before Windows begins to load - press and hold the F8 key. Continue to hold until you see a black and white DOS menu -
>>>I think Safe Mode is F3, press it
>>>run the AV program
When you select EXIT to quit Safe Mode, your desktop icons will probably be out of order.
Just drag them back.
If you don't have Ad-aware and/or Spybot - you can download them and run them in Safe Mode, also.
You can download a free, personal copy of Ad-aware here
http://www.adawareresource.com/co/adawareresource/?sid=M2AG0002cGC
**********************
Freeware - Spybot
http://spywarebot.com/?hop=howgood&p=2&gid=1067367105&oid=&aid=&yid=1L5MRJ2CAJ89TDHK8ALP8FCKUC0&OVRAW=free%20spybot&OVKEY=free%20spybot&OVMTC=standard&OVADID=7514776522&OVKWID=73334631522
2007-10-07 17:09:01 · answer #1 · answered by TheHumbleOne 7 · 0⤊ 0⤋
The longer you wait after infection - the worse it will be.
At this point it might be too late to get this computer back. However, I would try anyway.
It would help if we knew just what is the name of the trojan horse. Then he could find a removal tool.
Perhaps if he booted into safe mode (restarting and tapping the F8 key) - choosing safe mode - ran the virus scan from there - even if the scan could not remove, heal or quarantine - you could get a name.
All this takes a significant amount of time that could better be used in reinstallation of the operating system.
2007-10-07 17:06:10 · answer #2 · answered by sosguy 7 · 0⤊ 0⤋
1. Download and run firefox to protect your from future spyware attacks and pop ups which are coming in through internet explorer (Trojan downloaders, win32 ) .Then update your windows through firefox
http://securitynewsfromthenet.blogspot.com/2007/05/spyware-fighter-essentials.html
Also install internet explorer 7 which is now free for everyone oct2007
http://securitynewsfromthenet.blogspot.com/2007/10/internet-explorer-7-available-now-to.html
This should stop 50% of the spyware and popups attacking your computer
2. Run the vundo and combo fix
http://securitynewsfromthenet.blogspot.com/2007/05/vundofix-and-combo-fix.html
3. Run the anti spyware remove programs spybot
http://securitynewsfromthenet.blogspot.com/2007/03/spybot-search-and-destroy-spyware-and.html
and superantispyware
http://securitynewsfromthenet.blogspot.com/2007/04/superantispyware-home-edition-free.html
to get rid of the nasties
4. Run a free online virus scan to be sure you computer is virus and spyware free.
http://securitynewsfromthenet.blogspot.com/2007/03/online-virus-scan.html
5. Get the clean up tools to clean up the spyware from your temp folder (the place they are stored when downloaded by internet explorer)
http://securitynewsfromthenet.blogspot.com/2007/03/clean-up-tools-to-prevent-people-from.html
WHAT DO YOU DO IF EVERYTHING FAILS TO REMOVE THE SPYWARE?
If everything fails to get the nasty spyware removed let the experts take a look at whats happening on your computer.Visit the HijackThis Logs and Analysis forum.
http://www.bleepingcomputer.com/forums/forum22.html
Wiping your computer clean is NOT the solution.
Asking /paying someone else to fix the problem is NOT the solution .
TAKE A STAND NOW!IT's YOUR COMPUTER !!
2007-10-07 18:09:50 · answer #3 · answered by Dell techies 2 · 0⤊ 0⤋
If its as bad as you describe the only way I've found to get rid of something that horrible is to remove the hard drive itself and hook it up to another computer with antivirus programming on it and run a scan on it (do not run anything from the infected drive) and remove the virus/malware. If its turned off your programs then it wont allow the computer to run antivirus on the new computer and will infect the new computer as well.
2007-10-07 17:02:13 · answer #4 · answered by daylateblue 2 · 1⤊ 1⤋
If possible..
He would need to go on line to the home page of the "anti-virus" Web-site [that he has installed]... And download the removal file to remove whatever caused his computer to be infected.
If this can not be done. It's probably "reformat time"...
2007-10-07 17:14:04 · answer #5 · answered by Old Dawg 5 · 0⤊ 0⤋
thehumbleone has great advice.....
if your uncle cannot get on to the internet from safe mode, then download spybot (or something else.... i just have had great luck with spyobt) onto a flashdrive or floppy and install it on his machine from there. run the anti-spyware/antivirus in safe mode......
if you catch any virus in time, it can be defeated........ just be patient and keep trying......
2007-10-07 17:28:10 · answer #6 · answered by rratherbeflying 2 · 0⤊ 1⤋
Download XoftSpy Se from http://www.geeksjunction.com
2007-10-07 17:19:57 · answer #7 · answered by Anonymous · 0⤊ 1⤋
If it has shut down ALL of his programs then it's reformat time.
2007-10-07 16:59:35 · answer #8 · answered by Anonymous · 0⤊ 1⤋