Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#257540 - 02/06/2005 00:34 Annoying Viruses and Adware
burdell1
old hand

Registered: 14/01/2002
Posts: 931
Loc: Minnetonka, MN
Lately I have been getting a virus warning from my AVG software several times a day. It usually says "Trojan Downoader Horse Small 27.K" and it is always in my Local Settings/Temp folder. No matter how many times I delete them they always come back...any idea on another way to get rid of it? also, on the spyware side of things, I keep getting a spyware ad for "Access_Control" and can't seem to get rid of that either...When every i delete it or quarantine it, it keeps coming back....any else dealt with that one?

Top
#257541 - 02/06/2005 00:53 Re: Annoying Viruses and Adware [Re: burdell1]
ineedcolor
addict

Registered: 10/01/2001
Posts: 630
Loc: Windsor, Ontario Canada
Some of these programs are very insidious; they will replicate themselves endlessly within your system and hide in many different places deep within your Windows registry. The last time I was infected that bad (courtesy of a Romanian crack site), I gave up trying to clean it out and ended up just formatting my HDD and reloading Windows as a fresh install...
_________________________
01001010 01101111 01101000 01101110

Top
#257542 - 02/06/2005 02:05 Re: Annoying Viruses and Adware [Re: burdell1]
FireFox31
pooh-bah

Registered: 19/09/2002
Posts: 2494
Loc: East Coast, USA
- Boot to safe mode without networking

- Delete all of your temporary files, temporary internet files C:\Documents and Settings\<user>\Local Settings\ temp folders, C:\Windows\Temp folders, etc

- Delete anything suspicious in C:\Windows and C:\Windows\System32 that was modified in the last month or so (after researching to find what's legitimate and not)

- Clean anything suspicious in the registry HKLM\Software\Microsoft\Windows\Current Version\Run and its corresponding HKCU entry, and find and delete any files they reference

- View the registry HKLM\Software\Microsoft\Windows\Current Version\Explorer\Browser Helper Objects, copying each key name and running a search on the reg for them, deleting both the CLSID entries, coresponding files, and BHO entries

- Delete anything suspicious in HKLM\Software and HKCU\Software in the registry

- Delete anything suspicious in C:\Program Files

- Delete anything hiding in the Startup folder of the start menu

- On a seperate machine, download Webroot's Spy Sweeper and install it on the infected machine

- Reboot to safe mode with networking, launch Spy Sweeper, get the latest updates, and run a full scan, quarantining then deleting anything that it finds

- Reboot your machine as normal, watching the Task Manager process list during as much of the boot process as you can, watching for anything suspicious

- Subscribe to Spy Sweeper updates for a year or more and activate them

- Download the MVPS Host List and apply that per its instructions

- Download Mozilla Fire Fox and register it as the default handler for web related files

- Download some alternative media player(s) and avoid Windows Media Player (which spyware constantly hijacks)


Anti-spyware is long since a 100% necessity just like than anti-virus. I'll take my own advice one of these days, but until I do, you should. Good luck.
_________________________
-
FireFox31
110gig MKIIa (30+80), Eutronix lights, 32 meg stacked RAM, Filener orange gel lens, Greenlights Lit Buttons green set

Top
#257543 - 02/06/2005 02:10 Re: Annoying Viruses and Adware [Re: burdell1]
Robotic
pooh-bah

Registered: 06/04/2005
Posts: 2026
Loc: Seattle transplant
Perhaps something like this would help?
http://www.x-raypc.com/
Quote:
Xblock Systems is pleased to announce a new freeware product to help technical users regain control of their machines and to assist spyware researchers doing log analysis.

This tool is not meant to replace your standard anti-spyware scanner, but serve as diagnostic tool to help identify questionable processes on a machine.
_________________________
10101311 (20GB- backup empeg)
10101466 (2x60GB, Eutronix/GreenLights Blue) (Stolen!)

Top
#257544 - 02/06/2005 03:54 Re: Annoying Viruses and Adware [Re: FireFox31]
andy
carpal tunnel

Registered: 10/06/1999
Posts: 5916
Loc: Wivenhoe, Essex, UK
When I had this problem I found that just emptying IE's temporary files was enough to get rid of it.
_________________________
Remind me to change my signature to something more interesting someday

Top
#257545 - 02/06/2005 08:29 Re: Annoying Viruses and Adware [Re: burdell1]
Ladmo
addict

Registered: 04/09/2004
Posts: 527
Loc: Oklahoma
Be sure to turn OFF system restore when clearing out that kind of crap. Otherwise, your system will sometimes try to 'rebuild' itself using that same bum file....It took me a whole day to figure that simple thing out one time.....just a thought...

Top
#257546 - 02/06/2005 08:52 Re: Annoying Viruses and Adware [Re: Ladmo]
andy
carpal tunnel

Registered: 10/06/1999
Posts: 5916
Loc: Wivenhoe, Essex, UK
Ah yes, forgot about that. I had to turn off system restore, clear the temporary files and then turn system restore back on.
_________________________
Remind me to change my signature to something more interesting someday

Top
#257547 - 02/06/2005 10:21 Re: Annoying Viruses and Adware [Re: burdell1]
SteveH
new poster

Registered: 06/07/2003
Posts: 19
Loc: Manchester, UK
Have you tried Lavasoft's Ad-Aware ( http://www.lavasoft.com/ ). The free ed available at Download.com is very good and even performs registry scanning.

They update it fairly regularly and you can schedule it to check automatically if you want.

Good luck!
_________________________
There are 10 types of people in the world: Those who understand binary, and those who don't.

Top
#257548 - 02/06/2005 11:54 Re: Annoying Viruses and Adware [Re: burdell1]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14496
Loc: Canada

Top