Sign in with
Sign up | Sign in
Your question

Virus & Spyware trouble

Tags:
  • Trojan
  • Windows
Last response: in Windows 95/98/ME
Share
January 31, 2005 12:06:52 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

Problem with my daughter's Sony (ME) notebook, she used AOL, now the
computer is about useless. I ran AVG anti-virus, ad-aware, &
cwshredder. Each found and either deleted or quarntined a TON of
stuff. But this seems to have only aggravated the situation. At each
reboot, most of the junk in still there, regenerating I suppose.
Tried running the apps in safe mode, same results. With AVG, scan the
files, and each time comes up with:
Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
Trojan horse downloader.small.14.1f
Trojan horse downloader.agent.7.f
Ad-aware comes up with about 500 hits each run. (First run was
1,200!)
What to do! Thanks, Bonnie

More about : virus spyware trouble

Anonymous
January 31, 2005 4:41:38 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt383.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.


* * * Please report your results ! * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html




"Bonnie" <JECElect@optonline.net> wrote in message
news:k1esv0123f602mqikrq6lnl2i1ib4dl01c@4ax.com...
| Problem with my daughter's Sony (ME) notebook, she used AOL, now the
| computer is about useless. I ran AVG anti-virus, ad-aware, &
| cwshredder. Each found and either deleted or quarntined a TON of
| stuff. But this seems to have only aggravated the situation. At each
| reboot, most of the junk in still there, regenerating I suppose.
| Tried running the apps in safe mode, same results. With AVG, scan the
| files, and each time comes up with:
| Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
| Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
| Trojan horse downloader.small.14.1f
| Trojan horse downloader.agent.7.f
| Ad-aware comes up with about 500 hits each run. (First run was
| 1,200!)
| What to do! Thanks, Bonnie
Anonymous
January 31, 2005 5:26:19 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

At this point ignore any hits in the system restore archive (C:\_RESTORE)
and concentrate on hits elsewhere on the system. In addition are you
booting to Safe Mode and running your various clean-up tools from there?
If not try doing so. Once you've cleaned the system and all is OK then
reset system restore and clear the archive but don't do that just yet in
case in cleaning the system you cause further problems such as being
unable to connect to the net where you might need to use system restore to
back out of the problem.
--
Mike Maltby MS-MVP
mike.maltby@gmail.com


Bonnie <JECElect@optonline.net> wrote:

> Problem with my daughter's Sony (ME) notebook, she used AOL, now the
> computer is about useless. I ran AVG anti-virus, ad-aware, &
> cwshredder. Each found and either deleted or quarntined a TON of
> stuff. But this seems to have only aggravated the situation. At each
> reboot, most of the junk in still there, regenerating I suppose.
> Tried running the apps in safe mode, same results. With AVG, scan the
> files, and each time comes up with:
> Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
> Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
> Trojan horse downloader.small.14.1f
> Trojan horse downloader.agent.7.f
> Ad-aware comes up with about 500 hits each run. (First run was
> 1,200!)
> What to do! Thanks, Bonnie
Related resources
Anonymous
January 31, 2005 10:00:15 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

David,

Move 3) down to 6). Disabling system restore before cleaning pre-supposes
that the user will not so damage their system during cleaning as to make
it unusable. One simple example being the removal of a malicious Layered
Service File that prevents them from accessing the net. Unless the user
knows how to repair winsock errors and has to hand a tool such as LSPfix
they are stuck up a gum tree and unable to proceed other than to clean
install. Leaving system restore enabled allows them to at least get back
on line, report their problem to a suitable help forum and get advice on
how best to proceed. I can give you countless other examples of where
injudicious use of cleaning tools can leave the user with a system dead in
the water.

Think it through - not everyone has your experience or knows how to
recover from a problem such as I have outlined. Disabling system restore
prior to cleaning serves no purpose whatsoever, it's not as if any
malicious files located there are going to cause any problems whereas by
disabling system restore you have removed the user's parachute. Clean the
store certainly but only once the system is otherwise clean and working
correctly.
--
Mike Maltby MS-MVP
mike.maltby@gmail.com


David H. Lipman <DLipman~nospam~@Verizon.Net> wrote:

> 1) Download the following three items...
>
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend Pattern File.
> http://www.trendmicro.com/download/pattern.asp
>
> Adaware SE (free personal version v1.05)
> http://www.lavasoftusa.com/
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\New Folder")
> or the desktop
> (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
>
> Download Sysclean.com and place it in that directory.
> Download the Trend Pattern File by obtaining the ZIP file.
> For example; lpt383.zip
>
> Extract the contents of the ZIP file and place the contents in the
> same directory as sysclean.com.
>
> 2) Update Adaware with the latest definitions.
> 3) Disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
> 4) Reboot your PC into Safe Mode and shutdown as many
> applications as possible 5) Using both the Trend Sysclean utility
> and Adaware, perform a Full Scan of your platform and
> clean/delete any infectors/parasites found. (a few cycles may
> be needed) 6) Restart your PC and perform a "final" Full Scan of
> your platform using both the Trend Sysclean utility and Adaware
> 7) Re-enable System Restore and re-apply any System Restore
> preferences, (e.g. HD space to use suggested 400 ~ 600MB),
> 8) Reboot your PC.
>
Anonymous
January 31, 2005 10:00:16 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

I will give your feedback due consideration... Thank you.
It is valuable information.

--
Dave




"Mike M" <No_Spam@Corned_Beef.Only> wrote in message
news:o z5zac8BFHA.3708@TK2MSFTNGP14.phx.gbl...
| David,
|
| Move 3) down to 6). Disabling system restore before cleaning pre-supposes
| that the user will not so damage their system during cleaning as to make
| it unusable. One simple example being the removal of a malicious Layered
| Service File that prevents them from accessing the net. Unless the user
| knows how to repair winsock errors and has to hand a tool such as LSPfix
| they are stuck up a gum tree and unable to proceed other than to clean
| install. Leaving system restore enabled allows them to at least get back
| on line, report their problem to a suitable help forum and get advice on
| how best to proceed. I can give you countless other examples of where
| injudicious use of cleaning tools can leave the user with a system dead in
| the water.
|
| Think it through - not everyone has your experience or knows how to
| recover from a problem such as I have outlined. Disabling system restore
| prior to cleaning serves no purpose whatsoever, it's not as if any
| malicious files located there are going to cause any problems whereas by
| disabling system restore you have removed the user's parachute. Clean the
| store certainly but only once the system is otherwise clean and working
| correctly.
| --
| Mike Maltby MS-MVP
| mike.maltby@gmail.com
|
|
| David H. Lipman <DLipman~nospam~@Verizon.Net> wrote:
|
| > 1) Download the following three items...
| >
| > Trend Sysclean Package
| > http://www.trendmicro.com/download/dcs.asp
| >
| > Latest Trend Pattern File.
| > http://www.trendmicro.com/download/pattern.asp
| >
| > Adaware SE (free personal version v1.05)
| > http://www.lavasoftusa.com/
| >
| > Create a directory.
| > On drive "C:\"
| > (e.g., "c:\New Folder")
| > or the desktop
| > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
| >
| > Download Sysclean.com and place it in that directory.
| > Download the Trend Pattern File by obtaining the ZIP file.
| > For example; lpt383.zip
| >
| > Extract the contents of the ZIP file and place the contents in the
| > same directory as sysclean.com.
| >
| > 2) Update Adaware with the latest definitions.
| > 3) Disable System Restore
| > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
| > 4) Reboot your PC into Safe Mode and shutdown as many
| > applications as possible 5) Using both the Trend Sysclean utility
| > and Adaware, perform a Full Scan of your platform and
| > clean/delete any infectors/parasites found. (a few cycles may
| > be needed) 6) Restart your PC and perform a "final" Full Scan of
| > your platform using both the Trend Sysclean utility and Adaware
| > 7) Re-enable System Restore and re-apply any System Restore
| > preferences, (e.g. HD space to use suggested 400 ~ 600MB),
| > 8) Reboot your PC.
| >
|
Anonymous
January 31, 2005 10:09:56 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

http://rgharper.mvps.org/cleanit.htm

See my guide to cleaning infected computers as above.

--
Richard G. Harper [MVP Shell/User] rgharper@gmail.com
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm


"Bonnie" <JECElect@optonline.net> wrote in message
news:k1esv0123f602mqikrq6lnl2i1ib4dl01c@4ax.com...
> Problem with my daughter's Sony (ME) notebook, she used AOL, now the
> computer is about useless. I ran AVG anti-virus, ad-aware, &
> cwshredder. Each found and either deleted or quarntined a TON of
> stuff. But this seems to have only aggravated the situation. At each
> reboot, most of the junk in still there, regenerating I suppose.
> Tried running the apps in safe mode, same results. With AVG, scan the
> files, and each time comes up with:
> Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
> Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
> Trojan horse downloader.small.14.1f
> Trojan horse downloader.agent.7.f
> Ad-aware comes up with about 500 hits each run. (First run was
> 1,200!)
> What to do! Thanks, Bonnie
Anonymous
February 1, 2005 8:03:06 AM

Archived from groups: microsoft.public.windowsme.general (More info?)

Not that it's very important, or adds much to this conversation, but I
strongly concur with Mike.
--
Jack E. Martinelli 2002-05 MS MVP for Shell/User / DTS
Help us help you: http://www.dts-L.org/goodpost.htm

http://www.microsoft.com/athome/security/protect/defaul...
Your cooperation is very appreciated.
------
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:ej9uAE9BFHA.1408@TK2MSFTNGP10.phx.gbl...
> I will give your feedback due consideration... Thank you.
> It is valuable information.
>
> --
> Dave
>
>
>
>
> "Mike M" <No_Spam@Corned_Beef.Only> wrote in message
> news:o z5zac8BFHA.3708@TK2MSFTNGP14.phx.gbl...
> | David,
> |
> | Move 3) down to 6). Disabling system restore before cleaning
pre-supposes
> | that the user will not so damage their system during cleaning as to make
> | it unusable. One simple example being the removal of a malicious
Layered
> | Service File that prevents them from accessing the net. Unless the user
> | knows how to repair winsock errors and has to hand a tool such as LSPfix
> | they are stuck up a gum tree and unable to proceed other than to clean
> | install. Leaving system restore enabled allows them to at least get
back
> | on line, report their problem to a suitable help forum and get advice on
> | how best to proceed. I can give you countless other examples of where
> | injudicious use of cleaning tools can leave the user with a system dead
in
> | the water.
> |
> | Think it through - not everyone has your experience or knows how to
> | recover from a problem such as I have outlined. Disabling system
restore
> | prior to cleaning serves no purpose whatsoever, it's not as if any
> | malicious files located there are going to cause any problems whereas by
> | disabling system restore you have removed the user's parachute. Clean
the
> | store certainly but only once the system is otherwise clean and working
> | correctly.
> | --
> | Mike Maltby MS-MVP
> | mike.maltby@gmail.com
> |
> |
> | David H. Lipman <DLipman~nospam~@Verizon.Net> wrote:
> |
> | > 1) Download the following three items...
> | >
> | > Trend Sysclean Package
> | > http://www.trendmicro.com/download/dcs.asp
> | >
> | > Latest Trend Pattern File.
> | > http://www.trendmicro.com/download/pattern.asp
> | >
> | > Adaware SE (free personal version v1.05)
> | > http://www.lavasoftusa.com/
> | >
> | > Create a directory.
> | > On drive "C:\"
> | > (e.g., "c:\New Folder")
> | > or the desktop
> | > (e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
> | >
> | > Download Sysclean.com and place it in that directory.
> | > Download the Trend Pattern File by obtaining the ZIP file.
> | > For example; lpt383.zip
> | >
> | > Extract the contents of the ZIP file and place the contents in the
> | > same directory as sysclean.com.
> | >
> | > 2) Update Adaware with the latest definitions.
> | > 3) Disable System Restore
> | > http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore...
> | > 4) Reboot your PC into Safe Mode and shutdown as many
> | > applications as possible 5) Using both the Trend Sysclean utility
> | > and Adaware, perform a Full Scan of your platform and
> | > clean/delete any infectors/parasites found. (a few cycles may
> | > be needed) 6) Restart your PC and perform a "final" Full Scan of
> | > your platform using both the Trend Sysclean utility and Adaware
> | > 7) Re-enable System Restore and re-apply any System Restore
> | > preferences, (e.g. HD space to use suggested 400 ~ 600MB),
> | > 8) Reboot your PC.
> | >
> |
>
>
February 1, 2005 12:24:31 PM

Archived from groups: microsoft.public.windowsme.general (More info?)

Thanks gang. I'll give that a try tonight, if the "broadband gods"
are with me, the Cable connection here in NJ has been more off than on
over the past weekend, and today. And I'll certainly report....
hopefully with success. Thanks again, Bonnie
***************************

On Mon, 31 Jan 2005 09:06:52 -0500, Bonnie
<JECElectNospam@optonline.net> wrote:

>Problem with my daughter's Sony (ME) notebook, she used AOL, now the
>computer is about useless. I ran AVG anti-virus, ad-aware, &
>cwshredder. Each found and either deleted or quarntined a TON of
>stuff. But this seems to have only aggravated the situation. At each
>reboot, most of the junk in still there, regenerating I suppose.
>Tried running the apps in safe mode, same results. With AVG, scan the
>files, and each time comes up with:
>Trojan horse downloader.dyfica.2.ba (and 4 more, different #s)
>Trojan horse downloader.istbar.5.E ( and 3 more, different #s)
>Trojan horse downloader.small.14.1f
>Trojan horse downloader.agent.7.f
>Ad-aware comes up with about 500 hits each run. (First run was
>1,200!)
>What to do! Thanks, Bonnie
!