Re: Dis-infecting Trojan

From: Malke <notreally@xxxxxxxxxxxxxxx>
Date: Mon, 26 Nov 2007 05:48:44 -0800

John wrote:

Greetings:

The trojan "downloader.gen.9" has infected a system file on an XP computer.

How can this be removed?

Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html - download site

The site is in German but David's tool is in English so don't let that worry you. Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". You'll see "Download von www pctipp.ch" and the live link to download Multi_AV.

You can also check to see if there are targeted removal steps for your malware here:
Bleeping Computer removal how-to's - http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the specialty forums listed at the first link above (not here, please).

Standard caveat: If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop (not your local version of BigComputerStore/GeekSquad). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. Have all your data backed up before you take the machine into a shop.

Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
.

References:
- Dis-infecting Trojan
  - From: John

Prev by Date: CHEAP juicy chloe fendi gucci Purse Handbags china manufacturers,china wholesaler,china supplier (www.globnikesneakers.com)
Next by Date: How effective is a Limited User Account?
Previous by thread: Dis-infecting Trojan
Next by thread: CHEAP juicy chloe fendi gucci Purse Handbags china manufacturers,china wholesaler,china supplier (www.globnikesneakers.com)
Index(es):
- Date
- Thread

Relevant Pages

Re: Trojan Win32/Kvol.H
... Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". ... Not all tools used will work in Vista and you will need to run them elevated. ... If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop. ...
(microsoft.public.security.virus)
Re: C drive doesnt open when we double click
... Did you take the precaution of scanning your backed up data files with a current version antivirus using updated virus definitions? ... Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. ... Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". ... If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop. ...
(microsoft.public.windowsxp.basics)
Re: I cannot open property settings and add/remove programs.
... Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". ... You can also check to see if there are targeted removal steps for your malware here: ... If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop. ...
(microsoft.public.security.virus)
Re: Need help With CMD
... Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. ... Scroll all the way down to almost the bottom of the page and you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool". ... If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop. ...
(microsoft.public.windowsxp.general)
Re: I have a virus that uses "anti virus software" downloads as a cover up
... download new internet security programs and everything. ... Without knowing the name of the "security programs", I can't be sure if you have a variant of Smitfraud or Winfixer. ... If the procedures look too complex - and there is no shame in admitting this isn't your cup of tea - take the machine to a professional computer repair shop. ... MS-MVP Windows - Shell/User ...
(microsoft.public.security.virus)