Cable Forum - View Single Post - Friend's computer is virused up to the max

ADd · 14-09-2006, 00:50

Hi McGraw, you mention backdoor trojams, which is by far one of the worst infections a user could have. This is because of their backdoor capabilities, which means the attacker could have installed almost anything on the sysytem, indeed many backdoor trojans/worms allow the attack to have so much control they could be sitting at the desk using the computer in question, thus you are never really able to trust that system fully again. So the decision to re-format and reinstall depends upon the infection, and also what the pc is used for.
The w32.myzor infection isn't a real problem, you should be able to remove it using the info at this link:
http://www.bleepingcomputer.com/forums/topic63896.html

Good tools are as follows:
Anti-Spyware/Adware
Adaware SE Personnal:
http://www.lavasoft.de/software/adaware/
(Free, manual update)

Anti-Malware:
Ewido Anti-spyware:
http://www.ewido.net/en/download/
14 day full trial then on demand scanner have to update manually after trial(very good piece of software!) download setup files for ewido, and the separate full signature manual update to cd.

Trojan Hunter:
http://www.misec.net/
another free trial thinks it's 30 days.

It is best to run all these scans in safe mode, as many malware files will not be deleted in normal mode, and [b]disconnect the infected PC from the internet [b](pull the plug)

CCleaner:
http://www.ccleaner.com/ccdownload.asp (I would run this first)

Very good, but be careful of using the 'Issues' part of program, as it has been known to delete needed registry entries. The 'Cleaner' section which you need is completely safe, however it will remove cookies from your system so make sure you have all your passwords for forums hotmail etc witten down before using, and perhaps bookmarked (in Firefox,or put in favourites if you use IE) pages you visit regularily.

Without knowing exactly what infections you have, I cannot help more, but I would strongly advise you to visit one of these ASAP forums:

http://www.malwareremoval.com/a-sap.html

and post a HijackThis log. This link may help you decide if a reformat is necessary:

http://www.dslreports.com/faq/10063

In addition if you have been infected by backdoor trojans, there is the possibility of rootkit infected, which are often very hard to detect and remove, hence the previous reply to boot with a linux cd is a good idea, as most modern rootkits hide at the kernel level.

Above all goodluck

14-09-2006, 00:50	#15
ADd Inactive Join Date: Apr 2006 Location: Land of the free Posts: 308	Re: Friend's computer is virused up to the max Hi McGraw, you mention backdoor trojams, which is by far one of the worst infections a user could have. This is because of their backdoor capabilities, which means the attacker could have installed almost anything on the sysytem, indeed many backdoor trojans/worms allow the attack to have so much control they could be sitting at the desk using the computer in question, thus you are never really able to trust that system fully again. So the decision to re-format and reinstall depends upon the infection, and also what the pc is used for. The w32.myzor infection isn't a real problem, you should be able to remove it using the info at this link: http://www.bleepingcomputer.com/forums/topic63896.html Good tools are as follows: Anti-Spyware/Adware Adaware SE Personnal: http://www.lavasoft.de/software/adaware/ (Free, manual update) Anti-Malware: Ewido Anti-spyware: http://www.ewido.net/en/download/ 14 day full trial then on demand scanner have to update manually after trial(very good piece of software!) download setup files for ewido, and the separate full signature manual update to cd. Trojan Hunter: http://www.misec.net/ another free trial thinks it's 30 days. It is best to run all these scans in safe mode, as many malware files will not be deleted in normal mode, and [b]disconnect the infected PC from the internet [b](pull the plug) CCleaner: http://www.ccleaner.com/ccdownload.asp (I would run this first) Very good, but be careful of using the 'Issues' part of program, as it has been known to delete needed registry entries. The 'Cleaner' section which you need is completely safe, however it will remove cookies from your system so make sure you have all your passwords for forums hotmail etc witten down before using, and perhaps bookmarked (in Firefox,or put in favourites if you use IE) pages you visit regularily. Without knowing exactly what infections you have, I cannot help more, but I would strongly advise you to visit one of these ASAP forums: http://www.malwareremoval.com/a-sap.html and post a HijackThis log. This link may help you decide if a reformat is necessary: http://www.dslreports.com/faq/10063 In addition if you have been infected by backdoor trojans, there is the possibility of rootkit infected, which are often very hard to detect and remove, hence the previous reply to boot with a linux cd is a good idea, as most modern rootkits hide at the kernel level. Above all goodluck