Re: 4Kn3VpR.exe

From: Malke (malke_at_nospoonnotreally.com)
Date: 09/04/04

Next message: Angel: "about:blank"
Previous message: Malke: "Re: Israfel worm"
In reply to: David Kleinendorst: "4Kn3VpR.exe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 04 Sep 2004 07:34:48 -0700

David Kleinendorst wrote:

> I've been having trouble with Trojan viruses lately. When I shut down
> my
> computer this "program" is not responding. After I clean my computer
> of
> viruses, I can't find this file with the usual system file search. Is
> it something I need for a useful purpose?

No. It is a trojan or other malware. Your machine is still not clean.
Since you didn't say what av you have or what exactly you've done, here
are general troubleshooting directions:

Scan with a current antivirus program (meaning a version not earlier
than 2002 and using updated virus definitions). Also, remove spyware
with Spybot Search & Destroy from www.safer-networking.org and Ad-aware
from www.lavasoftusa.com. Be sure to update these programs before
running them. These programs are free, so run them both since they
complement each other. It is best to run antivirus and spyware removal
tools in Safe Mode. You may also want to run CWShredder and HijackThis
from http://aumha.org/freeware.htm. Although CWShredder is no longer
being updated, it will still clean older variants of the CoolWebSearch
malware. Please read the instructions carefully. Also, make sure
you've visited Windows Update and applied all security patches. Do not
install driver updates from Windows Update. Make sure you are running a
firewall.

It is *crucial* that you update all av and spyware removal programs and
run all scans in Safe Mode. Some malware will still run in Safe Mode,
but most does not. You can't delete or change a file for a program that
is running - that is why you want to be in Safe Mode where only the
minimum drivers and processes are loaded.

Malke

-- 
MS MVP - Windows Shell/User
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"

Next message: Angel: "about:blank"
Previous message: Malke: "Re: Israfel worm"
In reply to: David Kleinendorst: "4Kn3VpR.exe"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Trojan Horse
... Your computer is infested with malware. ... Scan in Safe Mode with a current antivirus program (meaning a version ... Do not install driver updates from Windows Update. ...
(microsoft.public.security.virus)
Re: Possible Trojan or spyware?
... CoolWebSearch malware can be removed by following the instructions at ... and it is a good idea to do virus/spyware scans in Safe Mode. ... the most recent System Restore point from the More ... Do not install driver updates from Windows Update; ...
(microsoft.public.security.virus)
Re: Sidebar/Task manager not working
... You're probably right in your suspicions, it's likely malware. ... Task Manager is the biggest clue. ... I would suggest that you start be booting to Safe mode to do some formal scanning with the anit-malware products of your choice. ... perform a windows update or any adobe updates, ...
(microsoft.public.windows.vista.performance_maintenance)
Re: Virus Troj.agent .BN and Troj.agent.bf
... > windows update, it says it can not be cleaned because the ... it is malware. ... than 2002 and using updated virus definitions) in Safe Mode*. ... Although CWShredder is no longer being updated, ...
(microsoft.public.security.virus)
Re: Homepage keeps resetting itself
... > Is there some sort of idiots method, i.e. download an *.exe, run it, ... >>>difficult CWS parasite variants to remove. ... >>>using a malware provider's uninstall, ... >>>All of these removal tools should be run from Safe mode when possible. ...
(microsoft.public.windows.inetexplorer.ie6.browser)