Re: Trojan horse
From: Malke (malke_at_nospoonnotreally.com)
Date: 10/08/04
- Next message: Malke: "Re: New Virus?"
- Previous message: Johnny: "Trojan horse"
- In reply to: Johnny: "Trojan horse"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 08 Oct 2004 11:06:42 -0700
Johnny wrote:
> Installed AVG anti virus on a laptop today. It identified
> 3 viruses 1st called PSW SmallD Didn't get the name of the
> second, third called Backdoor.Wootbot.D. The files could
> not be removed (File C:/Windows\System32\Winstr32.exe.).
> Please help a beginner. Problems encountered before this;
> could not shut down PC would go into hibernation and
> various files had changed colour. What can I do?
> Johnny
You will be able to delete those files in Safe Mode. Get to Safe Mode by
repeatedly tapping the F8 key as the computer is starting up. Then run
your scan again and manually delete files if AVG doesn't do it for you.
You should also scan for other malware, again in Safe Mode, as follows:
Remove spyware with Spybot Search & Destroy from
www.safer-networking.org and Ad-aware from www.lavasoftusa.com. Be sure
to update these programs before running them. These programs are free,
so run them both since they complement each other. It is best to run
antivirus and spyware removal tools in Safe Mode. You may also want to
run CWShredder and HijackThis from http://aumha.org/freeware.htm.
Although CWShredder is no longer being updated, it will still clean
older variants of the CoolWebSearch malware. A combination of
HijackThis and About:Buster (http://www.majorgeeks.com) works well in
removing homepage hijackers. Please read the instructions carefully.
Make sure you are able to see all hidden files and extensions (View tab
in Folder Options). Also, make sure you've visited Windows Update and
applied all security patches. Do not install driver updates from
Windows Update. Make sure you are running a firewall.
If you have Windows ME or XP, you should also disable System Restore.
Here's how to do that in ME:
http://support.microsoft.com/default.aspx?kbid=264887
In XP, you do it from the System Restore tab in the Control Panel System
applet. In XP, you can also delete all but the most recent System
Restore point by using the Advanced feature of Disk Cleanup.
If you need more help, please post back to this thread.
Malke
-- MS MVP - Windows Shell/User Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!"
- Next message: Malke: "Re: New Virus?"
- Previous message: Johnny: "Trojan horse"
- In reply to: Johnny: "Trojan horse"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
