PC Pals Forum
Technical Help & Discussion => Broadband, Networking, PC Security, Internet & ISPs => Topic started by: Michelle on April 15, 2006, 19:56
-
hmmmm I have this nasty beast on my puter, its being picked up and deleted/healed, but it keeps coming back.
I've used avg - spybot - microsoft antispy - and aol anti thing but its not clearing it, I think spyware blaster was on. I looked on hijack but didn't see anything that I thought was unusual.
I guess I'll have to turn off system restore and run some stuff, is that what you'd suggest or any idea's please?
Do I need to panic ? .....................................
-
id suggest you follow the whole off with system restore into safe mode option.
Oh and NEVER panic, not worth it.
-
You might want to try this, Michelle:-
F-Secure Online Virus Scan (http://support.f-secure.com/enu/home/ols.shtml)
-
Michelle, System Restore has to be the single most useless gimmick ever to come out of Microshaft. I have it turned off permanently for the very reason that it is totally useless as it backs up nasties, and who in their right mind would want to back up a nasty to their hard drive? The only time I ever enable it is if I am installing hardware and then I disable it again as soon as the job is done and everything is working correctly.
If the advice already given doesn't cure it, you might want to try Xoftspy (http://www.paretologic.com/xoftspy/lp/11/).
Let us know how you go on before downloading Xoftspy. :roll:
-
I've not turned off system restore yet ....... scared! :roll: :shock: :shock: :blush:
So I thought I'd try that simon but it keeps saying can't download something try again, so I checked the requirements and all fine, so I dunno, shame that cos I fancied trying that.
-
are you saying use Xoftspy as a last resort dave?
-
You have to use Internet Explorer, Michelle, and you need Java and ActiveX enabled, which it probably is by default, but if not, you'll get a yellow bar at the top of the IE window, asking if you want to install the F-Secure ActiveX. Say yes and you're on your way.
Don't worry about disabling System Restore, it hardly ever works anyway!
-
No, but the link only downloads a trial that finds nasties but won't remove them. ; I presume you can read between the lines- hint, hint. :roll:
-
oh okay simon..............ah I see dave :laugh:
cheers
-
You may get a yellow bar at the top of the IE window, asking if you want to install the F-Secure ActiveX. Say yes and you're on your way.
-
yeah it did it, and it said it found it but it didn't give me an option to do anything with it - I guess you have to pay for that ?
its in
C:\windows\system 32\winuns32.dll.trojan.win32.agent.gt.
Its still coming up saying do I want to heel it, so I say yes and then it comes again...it only pops up when I'm using IE ........ not if I use IE through AOL.
hmmmmmm what next ? System restore thingy
-
Do you use Norton System Works, Michelle? If so, disable the Norton Recycle Bin. It might be getting lodged in there - I had one do that some time ago.
Sorry about F-Secure, I thought it said it removed them as well. Anyway, at least you know what it is now. I was recommended Ewido (http://www.ewido.net/en/) on another forum, which is another trojan remover, and is available as a freeware trial version, but this is fully functioning for 30 days, so will also remove stuff it finds.
-
Do you use Norton System Works, Michelle? If so, disable the Norton Recycle Bin. It might be getting lodged in there - I had one do that some time ago.
Sorry about F-Secure, I thought it said it removed them as well. Anyway, at least you know what it is now. I was recommended Ewido (http://www.ewido.net/en/) on another forum, which is another trojan remover, and is available as a freeware trial version, but this is fully functioning for 30 days, so will also remove stuff it finds.
No I've not got Norton on it Simon. Thanks am scanning with that now, seems good - its not half way yet and its removed 19 things lol and thats after I've run everything else.
-
that first scan didn't find it ............ but then I saw some more scans to do.
And
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 00:46:29, 16/04/2006
+ Report-Checksum: 373A9980
+ Scan result:
[548] C:\WINDOWS\system32\winuns32.dll -> Trojan.Agent.qt : Cleaned with backup
::Report End
it looks like its got it..........unless it comes back.
Thanks Simon..... :wink:
-
I started to use Panda online AV (http://www.pandasoftware.com/products/activescan?NRMODE=Published&NRORIGINALURL=%2factivescan%2f%3fsitepanda%3dparticulares&NRNODEGUID=%7b3B202047-35D4-4DA2-B310-B1DBEC2971F2%7d&NRCACHEHINT=Guest) to remove the nasties (not that i get many :halo:) since AVG would only pick them up after a scan but couldn't repair half of them :roll:
At that point i said; AVG, your lightweight, your fired!!! :splat:
:mrgreen:
-
That's good news, Michelle. :thumb:
-
That's good news, Michelle. :thumb:
Yeah I like that programme Simon, good find, well done :)
That one only scans doesn't remove unless you buy Cammy, but it does do a thorough scan tho.
-
That one only scans doesn't remove unless you buy Cammy, but it does do a thorough scan tho.
It does remove some stuff Shell and has helped me out twice when AVG wouldn't remove it :bobby:
Good programme Si :thumb:
-
Yes, I almost considered purchasing Ewido myself, as there doesn't seem to be a *cough* alternative (the updates don't work!) :whistle: Just make sure you get rid of everything within the 30 day trial. ;) Of course, the program may be well worth the purchase, if it keeps you free from nasties..
-
umm interesting, I may need to look into that.
-
oh right sorry cammy, maybe I didn't look far enough.
Yes its a tempting buy that one Simon, shame about the "cough" you should get that seen too :wink: