RE: help! Think I've got virus
- From: Malke <malke@xxxxxxxxxxxxxxx>
- Date: Tue, 27 May 2008 04:43:34 -0700
hidecote wrote:
sorry forgot to say I have used my anti virus to scan my computer for
threats. It shows ok. Can I assume my computer has kept the virus out?
"hidecote" wrote:
on 5/25/08, suddenly got lots of threat alerts, checked anti virus etc
think
it may have been disabled, don't know why. But system logs etc, now
warnings, e.g. rule "default block Bla Trojan horse" blocked (my
address).
"your address has disappeared no longer protected" "port block allow
Netbios changed" Tried Netstat showing 7-8 no waiting. Looking at logs
first strange entries around 5/15/08
I am novice, never seen this before,need advice, scared.
thanks, hidecote,
Your post is very confusing since you didn't say from where you're getting
the threat alerts, which antivirus you're using, and what makes you think
it has been disabled. You should definitely make sure the machine is clean
by going through some scanning. I'll give you the steps below but since you
say you're a computer novice a better choice might be to take the machine
to a professional computer repair shop. Don't use your local equivalent of
BigComputerStore/GeekSquad. Get recommendations from family, friends, and
colleagues instead.
Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware
Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.
http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions
When all else fails, get guided help. Choose one of the specialty forums
listed at the first link. Register and read its posting FAQ. You will
generally be asked to:
1. Download and execute HiJack This! (HJT) -
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
2. Disable Notepad's word wrap - In Notepad.exe; Format --> uncheck; "Word
wrap"
3. Download/run Deckard's System Scanner -
http://www.techsupportforum.com/sectools/Deckard/dss.exe
4. Save the scan results (Main.txt and Extra.txt)
5. And then post the contents of Main.txt and Extra.txt in your post at the
forum you chose. DO NOT POST LOGS IN THE MS NEWSGROUPS.
Standard disclaimer: I can't see and test your computer myself, so these are
just suggestions based on many years of being a professional computer tech;
suggestions based on what you've written. You should not take my
suggestions as a definitive diagnosis. If you can't do the work yourself
(and there is no shame in admitting this isn't your cup of tea), take the
machine to a professional computer repair shop (not your local equivalent
of BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may be
so infested that Windows will need to be clean-installed. If possible, have
all your data backed up before you take the machine into a shop.
Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!
.
- Follow-Ups:
- RE: help! Think I've got virus
- From: hidecote
- RE: help! Think I've got virus
- References:
- help! Think I've got virus
- From: hidecote
- help! Think I've got virus
- Prev by Date: Re: Whitch Anti-Virus should i use ?
- Next by Date: Security problem - Limited user can access administrator file with Adobe Photoshop Album?
- Previous by thread: help! Think I've got virus
- Next by thread: RE: help! Think I've got virus
- Index(es):
Relevant Pages
|
