Author Topic: BIG Problem  (Read 5436 times)

0 Members and 1 Guest are viewing this topic.

MassMama

  • Guest
BIG Problem
« on: Mar 09, 2008, 07:35:36 PM »
I did a scan on my good friends comp today ... 4 hours later the scan was still going ... :rolleyes1:
374 trojan/Virus' is there a good program that will remove these .. can anyone help me help them .. they have NO computer skills at all ..  :mad2:

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #1 on: Mar 09, 2008, 07:41:16 PM »
AVG Free Edition will take care of that without a problem.  You may have to run it a number of times.  Megan's computer had at least that many when I started on it and after several days of running AVG with Spybot Search & Destroy, it was clean.
Former SMF Support Specialist

MassMama

  • Guest
Re: BIG Problem
« Reply #2 on: Mar 09, 2008, 08:09:26 PM »
Thanks Jim that was the first thing I ran after I uninstalled NORTON which wa popping up every 2-3 mins..
I sure was hoping to have it fixed before I had to leave but it was still running the scan after 4 hrs.
I will go check up on it again tomarrow. I will have to log in and get the other Search and destroy I sure hope to get it cleaned up for them .. I warned them about Norton and they still had it  :rolleyes1:

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #3 on: Mar 10, 2008, 10:47:03 PM »
Well Rita, how did this situation turn out?  Did the AVG clear it up?
Former SMF Support Specialist

MassMama

  • Guest
Re: BIG Problem
« Reply #4 on: Mar 11, 2008, 06:18:14 AM »
I didn't hear anything bad from them yet so it must of worked.  :waiting: Although I am sure everything is not gone yet and I will have to do it all over again :cringe: They didn't know how to even run spy/virus protection ::)
I ran it on mine too and it worked well .. must have some good coverage cause nothing was found on mine :ThumbUp:

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #5 on: Mar 11, 2008, 08:26:04 AM »
I have had a Generic Trojan downloader that keeps coming back again, and again...Any ideas on how to permanently get the little buggar GONE??

:yikes: Holy Cow!! That's a LOT of viruses!! :SmileyFear: Hope you can get it right for them!!

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #6 on: Mar 11, 2008, 10:15:32 AM »
I have had a Generic Trojan downloader that keeps coming back again, and again...Any ideas on how to permanently get the little buggar GONE??

Tonya, which virus program are you using?  AVG took care of one that Dianna contacted one night when she was browsing for graphics.  It also took care of hundreds of this type on Megan's computer when I cleaned it up.

If you can take a screen shot of the message that tells you that it is a Generic Trojan downloader, I may be able to help get rid of it this time. 
Former SMF Support Specialist

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #7 on: Mar 11, 2008, 11:27:40 AM »
I use AVG and the Spybot Search and destroy thing. Next time it pops up- I'll C&P the message and let you know! :ThumbUp:

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #8 on: Mar 11, 2008, 12:59:37 PM »
Another thing you can check is the control panel for AVG.  See if there is anything in the Virus Vault. 

Also do you have a 100% scan scheduled every day.  I find that helps to keep things "clean" as well. 
Former SMF Support Specialist

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #9 on: Mar 11, 2008, 01:58:19 PM »
I had a BUNCH of stuff in the vault and deleted them all(removed??) and AVG does a full scan every morning at 3am. I haven't had the pop up thing today, but sometimes I get it about 3 times or more a day....

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #10 on: Mar 11, 2008, 03:32:28 PM »
OK, Jim here's the error I get...



Any Ideas??

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #11 on: Mar 11, 2008, 07:28:59 PM »
Yuk! That's a nasty little bug.  So I bet you click Heal, then go to your Virus Vault and delete it, right?  The next time you turn on your computer, you see it again.  Is this right so far?

Does it show up if you do a 100% scan?

Open your control panel > Add/Remove programs and look to see if there are things there you didn't install.  Believe it or not some malware installs there and unless you look, you will never know it.  Look for something that may seem legitimate but you didn't install it.

Rita, we didn't mean to hijack your topic but there may be something in here that you can use when and if you have to go back and help out the friends you mentioned in the opening post of the topic.

I'll wait to see how you answer the questions above before I tell you the next step.  :SmileyQmarks:
Former SMF Support Specialist

Offline sunsoaker

  • Elite Member
  • *
  • Posts: 22,747
  • Sunny Sylph
Re: BIG Problem
« Reply #12 on: Mar 11, 2008, 08:01:24 PM »
Jim is far more knowledgeable than me in this area, bbuuuutttt...  I do note that the file is in a "temp" directory. Wouldn't it work to just drive down to the "temp" directory and dump its contents (and the to be sure to empty the recycle bin)? :SmileyNailbiting:  Please, Jim, speak up if this is not a smart way to get rid of this.
Dear Lord, On this day, please wrap your arm around my shoulder and keep your hand over my mouth.  Amen

MassMama

  • Guest
Re: BIG Problem
« Reply #13 on: Mar 11, 2008, 08:08:24 PM »
No Jim these are all the things that would show up on Julies computer as well
Trojan Horse Dropper
Virus (I forget)

I actually had to start using Foxfire.. even thought there is nothing showing up on my computer there is somethin out of wack .. It would take forever to get to this page and then I would get stuck and couldn't get in or out ..  :rolleyes1: I am sooo starting to not like computers!  :mad2: I couldn't even check my email for 2 days  :razberry: not that I get anything but jokes but hey sometimes it makes ya laugh and thats good  :laughmao:

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #14 on: Mar 11, 2008, 11:15:40 PM »
Well the file that is in the Temp directory probably doesn't reside there except when the computer starts up.  The Trojan Downloader is attached to that file, once it runs, you are probably not going to find it there.

However, when attempting to clean these things, it doesn't hurt to try anything you can think of. 
Former SMF Support Specialist

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #15 on: Mar 12, 2008, 08:22:33 AM »
Yuk! That's a nasty little bug.  So I bet you click Heal, then go to your Virus Vault and delete it, right?  The next time you turn on your computer, you see it again.  Is this right so far?

Yup!

Quote
Does it show up if you do a 100% scan?
Not usually, but sometimes it does....

Quote
Open your control panel > Add/Remove programs and look to see if there are things there you didn't install.  Believe it or not some malware installs there and unless you look, you will never know it.  Look for something that may seem legitimate but you didn't install it.

There are a few things in there that I don't know about, but I will ask Doug when I talk to him to please go there and look to see what can be deleted(Uninstalled).

Quote
Rita, we didn't mean to hijack your topic but there may be something in here that you can use when and if you have to go back and help out the friends you mentioned in the opening post of the topic.

I'll wait to see how you answer the questions above before I tell you the next step.  :SmileyQmarks:

Thanks Jim! A couple of the things in the add/remove area I think I will remove anyway. For some reason we have an Apple Mobile device thing in there and we have NO Apple stuff.....

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #16 on: Mar 12, 2008, 08:04:50 PM »
OK, Tonya, next thing is to run a 100% scan using AVG.  Does that report anything?
Former SMF Support Specialist

Hillhound

  • Guest
Re: BIG Problem
« Reply #17 on: Mar 13, 2008, 07:18:25 AM »
Quote:
For some reason we have an Apple Mobile device thing in there and
we have NO Apple stuff.....

That could well be related to itunes if you've got that installed.
  



Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #18 on: Mar 13, 2008, 07:39:29 AM »
Thanks Hillhound- We did install iTunes(Why- I will never know- we don't use it...) Wonder if I can uninstall it without a problem. I never got around to it yesterday because Summer had a half day at school....

Hillhound

  • Guest
Re: BIG Problem
« Reply #19 on: Mar 13, 2008, 08:41:59 AM »
You should be able to uninstall itunes no problem, just use Add/Remove in control panel.
Check the "Show Updates" box so that you get it all.
 :ThumbUp:

Pharmerphil

  • Guest
Re: BIG Problem
« Reply #20 on: Mar 14, 2008, 05:51:29 AM »
whenever I get any thing found, wich is rare with AVG, I don't let avg put it in the vault IF, it is in my Temps.
I simply follow the path to the file, and as Sunsoaker said, remove it. I have been doing this for 8 1/2 years and never had anything  "re-appear"
just don't open that file.

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #21 on: Mar 14, 2008, 07:38:01 AM »
I ran a scan yesterday and found the same d@#* virus. Next time I'll try what you said Phil. If I can figure out how to follow the path.

Jim- What was your next suggestion??

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #22 on: Mar 14, 2008, 08:51:39 AM »
The easiest thing at this point would be to do as Phil and Barb suggested and try and delete the file.  The file path appears to be:

C:\Documents and Settings\Doug\Local Settings\Temp

Delete the file '!update.exe'

Once you have done that, empty the recycle bin, restart the computer and open AVG.  Run a 100% scan and see what you get. 

If this doesn't work, we will go to the next step.
Former SMF Support Specialist

Offline Tonya

  • Sr. Member
  • *
  • Posts: 1,857
Re: BIG Problem
« Reply #23 on: Mar 14, 2008, 10:44:03 AM »
I couldn't find it.... I followed the path to Local Settings, and Temp, but there was no file name !update.exe I'll look the next time i get the error message. :ThumbUp: Thanks you all!!

Offline Jim

  • Administrator
  • *
  • Posts: 4,318
  • What have I gotten myself into?
    • KT4JK Amateur Radio Web Page
Re: BIG Problem
« Reply #24 on: Mar 14, 2008, 02:01:52 PM »
OK, here is what I would do next.

Download a program (FREE) called RogueRemover

This software removes some of the nasty stuff out there that you usually have to manually remove.  You should also already have the programs I mentioned in the spyware topic, Ad-Aware and Spybot S&D.

1) Turn off System Restore

2) Run RogueRemover.  As with all the anti-spyware programs, be sure and update prior to running so that you will have the latest definitions.

3) Run Ad-Aware next.

4) Run Spybot S&D

After running all these programs and fixing all the problems they detect, restart you computer.

Run AVG and do a 100% scan.  The nasty bugger should be gone, but if it's not, we still got a few more bullets to shoot at it.  Let me know what you find.
Former SMF Support Specialist

 

SimplePortal 2.3.7 © 2008-2024, SimplePortal