Virus & Spyware trouble

Archived from groups: microsoft.public.windowsme.general (More info?)

Problem with my daughter's Sony (ME) notebook, she used AOL, now the
computer is about useless. I ran AVG anti-virus, ad-aware, &
cwshredder. Each found and either deleted or quarntined a TON of
stuff. But this seems to have only aggravated the situation. At each
reboot, most of the junk in still there, regenerating I suppose.
Tried running the apps in safe mode, same results. With AVG, scan the
files, and each time comes up with:
Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
Trojan horse downloader.small.14.1f
Trojan horse downloader.agent.7.f
Ad-aware comes up with about 500 hits each run. (First run was
1,200!)
What to do! Thanks, Bonnie
7 answers Last reply
More about virus spyware trouble
  1. Archived from groups: microsoft.public.windowsme.general (More info?)

    1) Download the following three items...

    Trend Sysclean Package
    http://www.trendmicro.com/download/dcs.asp

    Latest Trend Pattern File.
    http://www.trendmicro.com/download/pattern.asp

    Adaware SE (free personal version v1.05)
    http://www.lavasoftusa.com/

    Create a directory.
    On drive "C:\"
    (e.g., "c:\New Folder")
    or the desktop
    (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

    Download Sysclean.com and place it in that directory.
    Download the Trend Pattern File by obtaining the ZIP file.
    For example; lpt383.zip

    Extract the contents of the ZIP file and place the contents in the same directory as
    sysclean.com.

    2) Update Adaware with the latest definitions.
    3) Disable System Restore
    http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    4) Reboot your PC into Safe Mode and shutdown as many applications as possible
    5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
    platform and clean/delete any infectors/parasites found.
    (a few cycles may be needed)
    6) Restart your PC and perform a "final" Full Scan of your platform using both the
    Trend Sysclean utility and Adaware
    7) Re-enable System Restore and re-apply any System Restore preferences,
    (e.g. HD space to use suggested 400 ~ 600MB),
    8) Reboot your PC.


    * * * Please report your results ! * * *


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html


    "Bonnie" <JECElect@optonline.net> wrote in message
    news:k1esv0123f602mqikrq6lnl2i1ib4dl01c@4ax.com...
    | Problem with my daughter's Sony (ME) notebook, she used AOL, now the
    | computer is about useless. I ran AVG anti-virus, ad-aware, &
    | cwshredder. Each found and either deleted or quarntined a TON of
    | stuff. But this seems to have only aggravated the situation. At each
    | reboot, most of the junk in still there, regenerating I suppose.
    | Tried running the apps in safe mode, same results. With AVG, scan the
    | files, and each time comes up with:
    | Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
    | Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
    | Trojan horse downloader.small.14.1f
    | Trojan horse downloader.agent.7.f
    | Ad-aware comes up with about 500 hits each run. (First run was
    | 1,200!)
    | What to do! Thanks, Bonnie
  2. Archived from groups: microsoft.public.windowsme.general (More info?)

    At this point ignore any hits in the system restore archive (C:\_RESTORE)
    and concentrate on hits elsewhere on the system. In addition are you
    booting to Safe Mode and running your various clean-up tools from there?
    If not try doing so. Once you've cleaned the system and all is OK then
    reset system restore and clear the archive but don't do that just yet in
    case in cleaning the system you cause further problems such as being
    unable to connect to the net where you might need to use system restore to
    back out of the problem.
    --
    Mike Maltby MS-MVP
    mike.maltby@gmail.com


    Bonnie <JECElect@optonline.net> wrote:

    > Problem with my daughter's Sony (ME) notebook, she used AOL, now the
    > computer is about useless. I ran AVG anti-virus, ad-aware, &
    > cwshredder. Each found and either deleted or quarntined a TON of
    > stuff. But this seems to have only aggravated the situation. At each
    > reboot, most of the junk in still there, regenerating I suppose.
    > Tried running the apps in safe mode, same results. With AVG, scan the
    > files, and each time comes up with:
    > Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
    > Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
    > Trojan horse downloader.small.14.1f
    > Trojan horse downloader.agent.7.f
    > Ad-aware comes up with about 500 hits each run. (First run was
    > 1,200!)
    > What to do! Thanks, Bonnie
  3. Archived from groups: microsoft.public.windowsme.general (More info?)

    David,

    Move 3) down to 6). Disabling system restore before cleaning pre-supposes
    that the user will not so damage their system during cleaning as to make
    it unusable. One simple example being the removal of a malicious Layered
    Service File that prevents them from accessing the net. Unless the user
    knows how to repair winsock errors and has to hand a tool such as LSPfix
    they are stuck up a gum tree and unable to proceed other than to clean
    install. Leaving system restore enabled allows them to at least get back
    on line, report their problem to a suitable help forum and get advice on
    how best to proceed. I can give you countless other examples of where
    injudicious use of cleaning tools can leave the user with a system dead in
    the water.

    Think it through - not everyone has your experience or knows how to
    recover from a problem such as I have outlined. Disabling system restore
    prior to cleaning serves no purpose whatsoever, it's not as if any
    malicious files located there are going to cause any problems whereas by
    disabling system restore you have removed the user's parachute. Clean the
    store certainly but only once the system is otherwise clean and working
    correctly.
    --
    Mike Maltby MS-MVP
    mike.maltby@gmail.com


    David H. Lipman <DLipman~nospam~@Verizon.Net> wrote:

    > 1) Download the following three items...
    >
    > Trend Sysclean Package
    > http://www.trendmicro.com/download/dcs.asp
    >
    > Latest Trend Pattern File.
    > http://www.trendmicro.com/download/pattern.asp
    >
    > Adaware SE (free personal version v1.05)
    > http://www.lavasoftusa.com/
    >
    > Create a directory.
    > On drive "C:\"
    > (e.g., "c:\New Folder")
    > or the desktop
    > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
    >
    > Download Sysclean.com and place it in that directory.
    > Download the Trend Pattern File by obtaining the ZIP file.
    > For example; lpt383.zip
    >
    > Extract the contents of the ZIP file and place the contents in the
    > same directory as sysclean.com.
    >
    > 2) Update Adaware with the latest definitions.
    > 3) Disable System Restore
    > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    > 4) Reboot your PC into Safe Mode and shutdown as many
    > applications as possible 5) Using both the Trend Sysclean utility
    > and Adaware, perform a Full Scan of your platform and
    > clean/delete any infectors/parasites found. (a few cycles may
    > be needed) 6) Restart your PC and perform a "final" Full Scan of
    > your platform using both the Trend Sysclean utility and Adaware
    > 7) Re-enable System Restore and re-apply any System Restore
    > preferences, (e.g. HD space to use suggested 400 ~ 600MB),
    > 8) Reboot your PC.
    >
  4. Archived from groups: microsoft.public.windowsme.general (More info?)

    I will give your feedback due consideration... Thank you.
    It is valuable information.

    --
    Dave


    "Mike M" <No_Spam@Corned_Beef.Only> wrote in message
    news:Oz5zac8BFHA.3708@TK2MSFTNGP14.phx.gbl...
    | David,
    |
    | Move 3) down to 6). Disabling system restore before cleaning pre-supposes
    | that the user will not so damage their system during cleaning as to make
    | it unusable. One simple example being the removal of a malicious Layered
    | Service File that prevents them from accessing the net. Unless the user
    | knows how to repair winsock errors and has to hand a tool such as LSPfix
    | they are stuck up a gum tree and unable to proceed other than to clean
    | install. Leaving system restore enabled allows them to at least get back
    | on line, report their problem to a suitable help forum and get advice on
    | how best to proceed. I can give you countless other examples of where
    | injudicious use of cleaning tools can leave the user with a system dead in
    | the water.
    |
    | Think it through - not everyone has your experience or knows how to
    | recover from a problem such as I have outlined. Disabling system restore
    | prior to cleaning serves no purpose whatsoever, it's not as if any
    | malicious files located there are going to cause any problems whereas by
    | disabling system restore you have removed the user's parachute. Clean the
    | store certainly but only once the system is otherwise clean and working
    | correctly.
    | --
    | Mike Maltby MS-MVP
    | mike.maltby@gmail.com
    |
    |
    | David H. Lipman <DLipman~nospam~@Verizon.Net> wrote:
    |
    | > 1) Download the following three items...
    | >
    | > Trend Sysclean Package
    | > http://www.trendmicro.com/download/dcs.asp
    | >
    | > Latest Trend Pattern File.
    | > http://www.trendmicro.com/download/pattern.asp
    | >
    | > Adaware SE (free personal version v1.05)
    | > http://www.lavasoftusa.com/
    | >
    | > Create a directory.
    | > On drive "C:\"
    | > (e.g., "c:\New Folder")
    | > or the desktop
    | > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
    | >
    | > Download Sysclean.com and place it in that directory.
    | > Download the Trend Pattern File by obtaining the ZIP file.
    | > For example; lpt383.zip
    | >
    | > Extract the contents of the ZIP file and place the contents in the
    | > same directory as sysclean.com.
    | >
    | > 2) Update Adaware with the latest definitions.
    | > 3) Disable System Restore
    | > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    | > 4) Reboot your PC into Safe Mode and shutdown as many
    | > applications as possible 5) Using both the Trend Sysclean utility
    | > and Adaware, perform a Full Scan of your platform and
    | > clean/delete any infectors/parasites found. (a few cycles may
    | > be needed) 6) Restart your PC and perform a "final" Full Scan of
    | > your platform using both the Trend Sysclean utility and Adaware
    | > 7) Re-enable System Restore and re-apply any System Restore
    | > preferences, (e.g. HD space to use suggested 400 ~ 600MB),
    | > 8) Reboot your PC.
    | >
    |
  5. Archived from groups: microsoft.public.windowsme.general (More info?)

    http://rgharper.mvps.org/cleanit.htm

    See my guide to cleaning infected computers as above.

    --
    Richard G. Harper [MVP Shell/User] rgharper@gmail.com
    * PLEASE post all messages and replies in the newsgroups
    * for the benefit of all. Private mail is usually not replied to.
    * My website, such as it is ... http://rgharper.mvps.org/
    * HELP us help YOU ... http://www.dts-l.org/goodpost.htm


    "Bonnie" <JECElect@optonline.net> wrote in message
    news:k1esv0123f602mqikrq6lnl2i1ib4dl01c@4ax.com...
    > Problem with my daughter's Sony (ME) notebook, she used AOL, now the
    > computer is about useless. I ran AVG anti-virus, ad-aware, &
    > cwshredder. Each found and either deleted or quarntined a TON of
    > stuff. But this seems to have only aggravated the situation. At each
    > reboot, most of the junk in still there, regenerating I suppose.
    > Tried running the apps in safe mode, same results. With AVG, scan the
    > files, and each time comes up with:
    > Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
    > Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
    > Trojan horse downloader.small.14.1f
    > Trojan horse downloader.agent.7.f
    > Ad-aware comes up with about 500 hits each run. (First run was
    > 1,200!)
    > What to do! Thanks, Bonnie
  6. Archived from groups: microsoft.public.windowsme.general (More info?)

    Not that it's very important, or adds much to this conversation, but I
    strongly concur with Mike.
    --
    Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS
    Help us help you: http://www.dts-L.org/goodpost.htm

    http://www.microsoft.com/athome/security/protect/default.aspx
    Your cooperation is very appreciated.
    ------
    "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
    news:ej9uAE9BFHA.1408@TK2MSFTNGP10.phx.gbl...
    > I will give your feedback due consideration... Thank you.
    > It is valuable information.
    >
    > --
    > Dave
    >
    >
    >
    >
    > "Mike M" <No_Spam@Corned_Beef.Only> wrote in message
    > news:Oz5zac8BFHA.3708@TK2MSFTNGP14.phx.gbl...
    > | David,
    > |
    > | Move 3) down to 6). Disabling system restore before cleaning
    pre-supposes
    > | that the user will not so damage their system during cleaning as to make
    > | it unusable. One simple example being the removal of a malicious
    Layered
    > | Service File that prevents them from accessing the net. Unless the user
    > | knows how to repair winsock errors and has to hand a tool such as LSPfix
    > | they are stuck up a gum tree and unable to proceed other than to clean
    > | install. Leaving system restore enabled allows them to at least get
    back
    > | on line, report their problem to a suitable help forum and get advice on
    > | how best to proceed. I can give you countless other examples of where
    > | injudicious use of cleaning tools can leave the user with a system dead
    in
    > | the water.
    > |
    > | Think it through - not everyone has your experience or knows how to
    > | recover from a problem such as I have outlined. Disabling system
    restore
    > | prior to cleaning serves no purpose whatsoever, it's not as if any
    > | malicious files located there are going to cause any problems whereas by
    > | disabling system restore you have removed the user's parachute. Clean
    the
    > | store certainly but only once the system is otherwise clean and working
    > | correctly.
    > | --
    > | Mike Maltby MS-MVP
    > | mike.maltby@gmail.com
    > |
    > |
    > | David H. Lipman <DLipman~nospam~@Verizon.Net> wrote:
    > |
    > | > 1) Download the following three items...
    > | >
    > | > Trend Sysclean Package
    > | > http://www.trendmicro.com/download/dcs.asp
    > | >
    > | > Latest Trend Pattern File.
    > | > http://www.trendmicro.com/download/pattern.asp
    > | >
    > | > Adaware SE (free personal version v1.05)
    > | > http://www.lavasoftusa.com/
    > | >
    > | > Create a directory.
    > | > On drive "C:\"
    > | > (e.g., "c:\New Folder")
    > | > or the desktop
    > | > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
    > | >
    > | > Download Sysclean.com and place it in that directory.
    > | > Download the Trend Pattern File by obtaining the ZIP file.
    > | > For example; lpt383.zip
    > | >
    > | > Extract the contents of the ZIP file and place the contents in the
    > | > same directory as sysclean.com.
    > | >
    > | > 2) Update Adaware with the latest definitions.
    > | > 3) Disable System Restore
    > | > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
    > | > 4) Reboot your PC into Safe Mode and shutdown as many
    > | > applications as possible 5) Using both the Trend Sysclean utility
    > | > and Adaware, perform a Full Scan of your platform and
    > | > clean/delete any infectors/parasites found. (a few cycles may
    > | > be needed) 6) Restart your PC and perform a "final" Full Scan of
    > | > your platform using both the Trend Sysclean utility and Adaware
    > | > 7) Re-enable System Restore and re-apply any System Restore
    > | > preferences, (e.g. HD space to use suggested 400 ~ 600MB),
    > | > 8) Reboot your PC.
    > | >
    > |
    >
    >
  7. Archived from groups: microsoft.public.windowsme.general (More info?)

    Thanks gang. I'll give that a try tonight, if the "broadband gods"
    are with me, the Cable connection here in NJ has been more off than on
    over the past weekend, and today. And I'll certainly report....
    hopefully with success. Thanks again, Bonnie
    ***************************

    On Mon, 31 Jan 2005 09:06:52 -0500, Bonnie
    <JECElectNospam@optonline.net> wrote:

    >Problem with my daughter's Sony (ME) notebook, she used AOL, now the
    >computer is about useless. I ran AVG anti-virus, ad-aware, &
    >cwshredder. Each found and either deleted or quarntined a TON of
    >stuff. But this seems to have only aggravated the situation. At each
    >reboot, most of the junk in still there, regenerating I suppose.
    >Tried running the apps in safe mode, same results. With AVG, scan the
    >files, and each time comes up with:
    >Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
    >Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
    >Trojan horse downloader.small.14.1f
    >Trojan horse downloader.agent.7.f
    >Ad-aware comes up with about 500 hits each run. (First run was
    >1,200!)
    >What to do! Thanks, Bonnie
Ask a new question

Read More

Trojan Windows