Re: trojanhorse dialer
From: PA Bear (PABear_at_mvps.org)
Date: 08/19/04
- Next message: Jersey Gal: "Re: VIRUS"
- Previous message: PA Bear: "Re: Ad-Aware SE Pro v1.03"
- In reply to: Bill: "trojanhorse dialer"
- Next in thread: anonymous_at_discussions.microsoft.com: "trojanhorse dialer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 18 Aug 2004 21:15:30 -0400
Run an AVG scan per these instructions:
http://forum.aumha.org/viewtopic.php?t=5878
Check your system for "hijackware":
Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/Darnit.htm
CoolWebSearch Chronicles
http://www.spywareinfo.com/~merijn/cwschronicles.html
Run these tools in the following order with nothing else running in
background:
1. CWShredder (fix all found)
2. Ad-Aware (fix all found)
3. Spybot (RTFM but generally fix everything in red)
Important: You *must* seek updates for Ad-Aware, Spybot, etc., before each
and every use, even "right out of the box". But even they can't catch
everything, 24/7. When all else fails, HijackThis
(http://www.spywareinfo.com/~merijn/files/HijackThis.exe) is the preferred
tool to use. It will help you to both identify and remove any
hijackware/spyware. **Post your files to http://forums.spywareinfo.com/ or
http://forum.aumha.org/viewforum.php?f=30 for expert analysis, not here.**
[Alternate download pages for many of the above tools may be found at
http://aumha.org/a/parasite.htm.]
Also:
1. Download and run Stinger (http://vil.nai.com/vil/stinger/); then...
2. Update your virus definitions, enable Show Hidden Files
(http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2002092715262339)
and then run a full system scan in Safe Mode
(http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406)
with nothing else running in background. Note the files identified and
removed then find the corresponding page for the file at your AV maker's
online support pages (e.g.,
http://securityresponse.symantec.com/avcenter/venc/data/adware.winfavorites.html)
and follow all Removal steps.
WinXP Only (WinME similar): If this scan finds anything, create a new
Restore Point then Disk Cleanup > More options > Delete all but the most
recent Restore Point.
3. Check in at Windows Update.
So How Did I Get Infected Anyway?
http://boards.cexx.org/viewtopic.php?t=957
-- ~Robear Dyer (PA Bear) MS MVP-Windows (IE/OE), AH-VSOP Are You Ready for WinXP SP2? http://support.microsoft.com/default.aspx?pr=windowsxpsp2 What You Should Know About Spyware http://www.microsoft.com/athome/security/spyware/devioussoftware.mspx AumHa Forums http://forum.aumha.org Bill wrote: > Can anyone help me please? I have a trojan horse dialler I > cant get rid of it disconnects my connection and tries to > redial another number avg antivirus reports it as > C:\windows\temp\NLNG.dat trojan horse dialer.9.N and it > cant delete it or move it to the virus vault.It tries to > redial me to www.casinoplaza.com or something like that.I > am running w/98 any help would be greatly appreciated.I > have also ran the online scan from the housecall site but > with no success.Sorry for the long post but this thing is > driving me mad.Thanks in advance.
- Next message: Jersey Gal: "Re: VIRUS"
- Previous message: PA Bear: "Re: Ad-Aware SE Pro v1.03"
- In reply to: Bill: "trojanhorse dialer"
- Next in thread: anonymous_at_discussions.microsoft.com: "trojanhorse dialer"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
