Results 1 to 12 of 12

Thread: Cannot remove viruses

  1. #1
    Registered+
    Join Date
    Dec 2004
    Posts
    42
    Thanks
    0
    Thanked
    0 times in 0 posts

    Cannot remove viruses

    My next door neighbour recently scanned her h/d and found 42 viruses and trojans! We managed to remove most with AVG but some persisted. I've since bought her a copy of Norton AV 2005 and we've gotten rid of more but there are still some which I just can't get rid of. They all seem to be low threat and should be simple to remove but Quarantine and Deletion attempts by NAV don't work. After consulting the Symantec website I disabled System Restore and ran a test in Safe Mode - no joy. I've posted a screen shot below: any idea how we can get rid of the buggers? I should also mention that I've noticed that some Windows functions seem to have been interferred with eg. the Device Manager window closes as soon as it's opened.

    Cheers


  2. #2
    I eats food da_ging's Avatar
    Join Date
    Jul 2003
    Posts
    2,256
    Thanks
    10
    Thanked
    29 times in 24 posts
    • da_ging's system
      • CPU:
      • E5200 @ 3.75Ghz
      • Memory:
      • 4GB kingston HyperX 8500
      • Storage:
      • 2*WD640gb in Raid 0 +500gb 32mb seagate
      • Graphics card(s):
      • BFG GTX 260 Maxcore OC2
      • PSU:
      • Corsair 650w TX
      • Case:
      • Stacker 831 black
      • Operating System:
      • XP Pro
      • Monitor(s):
      • 23" fujitsu 3230t LCD 1920*1080
      • Internet:
      • 8mb
    find out where they are located and manually delete them (may need to do in safe mode)

  3. #3
    Going Retro!!! Ferral's Avatar
    Join Date
    Jul 2003
    Location
    North East
    Posts
    7,860
    Thanks
    561
    Thanked
    1,438 times in 876 posts
    • Ferral's system
      • Motherboard:
      • ASUS Z97-P
      • CPU:
      • Intel i7 4790K Haswell
      • Memory:
      • 12Gb Corsair XMS3 DDR3 1600 Mhz
      • Storage:
      • 120Gb Kingston SSD & 2 Tb Toshiba
      • Graphics card(s):
      • Sapphire Radeon R9 380 Nitro 4Gb
      • PSU:
      • Antec Truepower 750 Watt Modular
      • Case:
      • Fractal Design Focus G Mid Tower
      • Operating System:
      • Windows 10 64 bit
      • Monitor(s):
      • 28" iiyama Prolite 4K
      • Internet:
      • 80Mb BT Fiber
    Yeah, if you go onto the symantec site you can get the detailed virus info and instructions on how to remove them.

    I have also found that adaware (free download) can occasionally remove trojans.

    Just before that though, go to the run command and type msconfig then press return, go to the startup tab and check what is starting up with windows, if anything looks suspect uncheck them and then restart the pc (click apply before restrting ! ) and ignore the startup warning of having a selective startup. Then run the AV and adaware to see if they get removed. If there are still some remaining restart again in safemode and try the 2 things again (AV & adaware)

  4. #4
    Senior Member
    Join Date
    Aug 2003
    Posts
    326
    Thanks
    0
    Thanked
    0 times in 0 posts
    • Curly's system
      • Motherboard:
      • Asrock 939-Sata 2
      • CPU:
      • Opteron 165 @ 2.52
      • Memory:
      • 2gb Geil Value Ram
      • Storage:
      • 900gb in various HD's
      • Graphics card(s):
      • 7800 gtx
      • PSU:
      • Hiper Type-R 580W
      • Case:
      • Globalwin
      • Monitor(s):
      • Samsung syncMaster 205BW
      • Internet:
      • 4mb Virgin Media Cable

  5. #5
    Member
    Join Date
    Aug 2004
    Location
    Suffolk
    Posts
    82
    Thanks
    0
    Thanked
    0 times in 0 posts
    Stinger is a handy .exe file against trojans. Latest version can be got here

    also found the MS anti spyware to be useful, get it here. Currently still at beta stage, but I had no problems.
    AMD 3200XP, A7N8X-E Deluxe, X800XT PE, 1024m DDR400, 2xWD 74gb Raptors(Raid 0), USB2 IcyBox Maxtor 80g, Audigy + 5.1 creative, ThermalTake Tsunami Dream, Antec Neopower 480w, Icemat v.1, iiyama 22" VM pro 513, Saitek X52

  6. #6
    Banned
    Join Date
    Sep 2004
    Location
    Leeds, London
    Posts
    1,478
    Thanks
    0
    Thanked
    0 times in 0 posts
    You should also have an look at the virus descriptions and work out how the system has been compromised, what personal information has been sent out etc.

  7. #7
    Will work for beer... nichomach's Avatar
    Join Date
    Jul 2003
    Location
    Preston, Lancs
    Posts
    6,137
    Thanks
    564
    Thanked
    139 times in 100 posts
    • nichomach's system
      • Motherboard:
      • Gigabyte GA-870A-UD3
      • CPU:
      • AMD Phenom II X6 1055T 95W
      • Memory:
      • 16GB DR3
      • Storage:
      • 1x250GB Maxtor SATAII, 1x 400GB Hitachi SATAII
      • Graphics card(s):
      • Zotac GTX 1060 3GB
      • PSU:
      • Coolermaster 500W
      • Case:
      • Coolermaster Elite 430
      • Operating System:
      • Windows 10
      • Monitor(s):
      • Dell 20" TFT
      • Internet:
      • Virgin Media Cable
    I've also run into problems with viruses/spyware etc being buried in the system restore info; it can be worth getting Stinger, turning off system recovery, rebooting into safe mode and THEN running Stinger.

  8. #8
    Studmuffin Flibb's Avatar
    Join Date
    Jul 2003
    Location
    Kent
    Posts
    4,904
    Thanks
    31
    Thanked
    324 times in 277 posts
    • Flibb's system
      • Motherboard:
      • Gigabyte GA-970A-UD3
      • CPU:
      • AMD FX-6300
      • Memory:
      • 16GB Crucial Ballistix DDR3 PC3-12800
      • Storage:
      • Samsung SSD 840 EVO 250G
      • Graphics card(s):
      • 3GB MSI Radeon HD 7950 Twin Frozr
      • PSU:
      • FSP
      • Operating System:
      • Win7 64bit
      • Monitor(s):
      • Deffl TFT thing
    Another option, get avast antivirus. Update it then set it to scan on next boot. It does the scan before windows loads up, gets to files other scanners cannot reach. Also turn off system restore before running it.

  9. #9
    Registered+
    Join Date
    Dec 2004
    Posts
    42
    Thanks
    0
    Thanked
    0 times in 0 posts
    Wow thanks for all the help guys. I followed the instructions on the Symantec website however to no sucess - in fact all should have been removed by a regular scan. Next I'll try doing it manually with MSCONFIG amended, then I'll try Ad-Aware. I'll prolly be back to ask more questions before I try some of the other options.

    Thanks very much!

  10. #10
    Studmuffin Flibb's Avatar
    Join Date
    Jul 2003
    Location
    Kent
    Posts
    4,904
    Thanks
    31
    Thanked
    324 times in 277 posts
    • Flibb's system
      • Motherboard:
      • Gigabyte GA-970A-UD3
      • CPU:
      • AMD FX-6300
      • Memory:
      • 16GB Crucial Ballistix DDR3 PC3-12800
      • Storage:
      • Samsung SSD 840 EVO 250G
      • Graphics card(s):
      • 3GB MSI Radeon HD 7950 Twin Frozr
      • PSU:
      • FSP
      • Operating System:
      • Win7 64bit
      • Monitor(s):
      • Deffl TFT thing
    If its a trojan dont think adaware will shift it. Also is he running a firewall? My parents had an infection (oooerrrr), cleared it , i camee back, etc. They were on dialup and still kept getting a worm / trojan, firewall and avast shifted it.

  11. #11
    No-one's Fanboi Thorsson's Avatar
    Join Date
    Nov 2004
    Location
    Neverneverland
    Posts
    2,750
    Thanks
    46
    Thanked
    93 times in 92 posts
    • Thorsson's system
      • Motherboard:
      • ASUS P8Z77-V PRO
      • CPU:
      • i5 3570k
      • Memory:
      • 2x8Gb Corsair Vengeance PC1866
      • Storage:
      • 256M4 SSD; 2Tb 7200RPM Barracuda; 2Tb Linkstation
      • Graphics card(s):
      • EVGA GTX970 SC
      • PSU:
      • Corsair HX650
      • Case:
      • Antec 300
      • Operating System:
      • Win10 64
      • Monitor(s):
      • Dell 2515H
      • Internet:
      • Fibre Optic 30Mb
    Remember to turn off system restore!

    There are several Sasser removal tools. Use one in safe mode.

    The others you can mostly delete by doing a search on the name and then manually deleting - make sure you can see hidden files on the system before doing the search!

    Also use Spybot, this may remove some malware that NAV misses. And before going online again make sure some sort of Firewall protection is in place.

  12. #12
    Registered+
    Join Date
    Jan 2005
    Posts
    23
    Thanks
    0
    Thanked
    0 times in 0 posts
    You have trojans in your log. To scan for and remove them, go here: http://www.misec.net/trojanhunter/ and download your free trial copy of TrojanHunter. Before running, please update, then perform a full scan. Also, because many trojans and viruses hide in the temporary internet files, please delete them. Do so using Cleanup from here: http://stevengould.org/ Set it to your liking -standard clean should be fine- then run and reboot.

    If any problems persist, you may need expert help in cleaning up your system. If you do, go here: http://hijackthislogs.com/index.php for fast, friendly malware removal. I recommend this site, for spyware/malware removal is my thing, and this place is good and quick, too.

    Regards

    mariner

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Web graphics used to spread viruses through IE
    By Dave_07 in forum General Discussion
    Replies: 11
    Last Post: 27-06-2004, 09:46 PM
  2. Replies: 4
    Last Post: 28-03-2004, 10:33 PM
  3. Inbox hit by MANY viruses
    By Lowe in forum Software
    Replies: 5
    Last Post: 22-08-2003, 10:59 AM
  4. Replies: 1
    Last Post: 14-08-2003, 03:32 PM
  5. how to remove a molex connector?
    By PanzerKnight in forum Chassis and Mods
    Replies: 11
    Last Post: 08-08-2003, 10:52 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •