Solve : AVG won't get rid of 4 of my viruses?

1.	Solve : AVG won't get rid of 4 of my viruses?
Answer» Hi I am new to this forum I am trying to rid my computer (windows XP) of a virus that AVG just won't wipe out. I have four of the viruses: Trojan horse Downloader.Small.18.AH (I have three of these buggers) and a VBS/Psyme, whatever that is. My computer doesn't seem to be misbehaving though, I mean it's running ok from what I can gather but I hate the thought of having viruses lurking around! I did a search of previous threads on the same topic, and someone mentioned SPY SWEEPER, how do I download this? Do you think this will do the job? Thanks in advanceGet 'Ewido'.Hi Fed, Thanks for that, but where do I get them from? I am only interested in free programs at the moment!! -as i am skintAgreed ! After installing grab the online update first. Re-boot to safe MODE and run it. Then when you get the first alarm check both boxes you see "remove and quarintine" and "perform this for all infections" BTW your first scan should be a Complete System Scan. Hit Start then go grab a beer or a coffee. Hi Patio, Please excuse my ignorance, this is all relatively new to me. What is safe mode? How do I get into safe mode? I have downloaded Ewido now (I googled it), and it is scanning my system as we speak, though I am expecting it to ask me for money at any step now... Do you think it'll nab those viruses with this run or is there something I need to do firstWehn you restart your computer, and itloads RAM and stuff over a black screen. keep pressing F8 until you get to another menu, from there enter safe mode.Spedz is correct ...repeatedly tapping F8 gets you into safemode. Ewido won't ask for money...although the realtime protection runs out after 14 days but you can still go to the site weekly or so toupdate the definitions... When it finishes scanning save a log file for me and i'll have a looksee...If the virus is in the restore files, no AV software will get rid of them. Disable system restore, rerun your AV, reenable system restore when finished.You may want to google virus and trojans. Not exactly the same thing. A variety of solutions is REQUIRED on Windows machines.God almighty, it took four hours!! I don't know YET if it cleared up my viruses. I will run AVG tomorrow morning to see if they're still there. Patio, I don't know how to save a log file for you to see... Dummy= I don't know where my trojan horses are hiding, how do I find out where are they? Also, what do I do with the safe mode thing? Again, I apologize for my ignorance, this kind of thing is all new to me... Thanks guysFirst off don't apologise for not knowing something. We all started at the beginning at some point in time. The important thing is you are at the point now where you want to learn and want to find places that will give you good advice. That's what's important. As to your questions let's take them one at a time. Safe Mode is a function of Windows where you choose it upon booting. This is done by hitting the F8 key while it's booting but before Windows starts up. The advantage to safe mode is it only loads the minimal amount of drivers, services, and background processes for Windows to operate, which is what makes it ideal for troubleshooting and running your malware scans. So practice tapping F8 on start until you get it , it will be useful down the road. We don't know where the Trojans are either so that answer is moot. Most malware removal tools might give you that info...i.e. when they show what they've found usually the file is named and it will show a path to the file. This isn't cut in stone however as every tool works differently. As to the log file when Ewido, AVG, HijackThis and some others i won't list after the program has finished scanning/fixing your machine it will normally ask if you want to save a logfile...in future select yes, give it a filename relevant to the date of the scan and save it in My Documents. This is your homework assignment for the evening, Fed and Mac will be giving the test tomorrow.... Quote I have downloaded Ewido now (I googled it) You have passed the test and you get a little star from me. --------------------------------------------------------- ewido security suite - Scan report --------------------------------------------------------- + Created on: 00:31:10, 12/12/2005 + Report-Checksum: D343E834 + Scan RESULT: HKLM\SOFTWARE\MaxSpeed -> Spyware.Maxspeed : Cleaned with backup HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup HKU\S-1-5-21-1599196801-2106517767-3757435101-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{120E090D-9136-4B78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup C:\WINDOWS\system32\terabyte.exe -> Spyware.AdSrve : Cleaned with backup C:\WINDOWS\system32\аti2evxx.exe -> Spyware.PurityScan : Cleaned with backup C:\WINDOWS\system32\unwise56.exe -> Spyware.AdSrve : Cleaned with backup C:\WINDOWS\system32\winsrv85.exe -> Spyware.AdSrve : Cleaned with backup C:\WINDOWS\system32\wmvcore1.exe -> Spyware.AdSrve : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\update_1.exe -> Spyware.WinFetcher.c : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\p.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\!update.exe -> Spyware.PurityScan : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\Q9jmHtI.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr1DE2 -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\l.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr8874 -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\E3qoqChOA.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\Byno.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\wApVY.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr421B -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\Vu0Td9Q9K.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr1CA7 -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Local Settings\Temp\nqAG.dll -> Adware.MidADle : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][3].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Com : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][4].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup C:\Overpro-347.exe -> Spyware.AdSrve.b : Cleaned with backup C:\VVSN_STAT0641Inst.exe -> Adware.SaveNow : Cleaned with backup ::Report End Well, I did save the report-didn't know what the censored I was doing at the time but I mananged it and feeling quite proud of myself now! Tee Hee... I am running AVG now as we speak and it will tell me whether or not I have those viruses. As for the safe mode, I am still dead curious about that. Is it a black screen? How do i get out of it once I get into it, in case I mess up!? Cheersbugger! The viruses are still PRESENT! 2 of them are in the temporary Internet files, I think, it says that. So I don't know what else I can do... Well with the four hours you spent, plus the posting backand forth you could have reinstalled Windows, loaded all the drivers, defragmented, loaded preventative software for next time, and had a cup of coffee. A fresh reload will do it, too. Do you have a Windows CD there?

Answer»

Hi

I am new to this forum

I am trying to rid my computer (windows XP) of a virus that AVG just won't wipe out.

I have four of the viruses:
Trojan horse Downloader.Small.18.AH (I have three of these buggers)
and a VBS/Psyme, whatever that is.

My computer doesn't seem to be misbehaving though, I mean it's running ok from what I can gather but I hate the thought of having viruses lurking around!

I did a search of previous threads on the same topic, and someone mentioned SPY SWEEPER, how do I download this? Do you think this will do the job?

Thanks in advanceGet 'Ewido'.Hi Fed,
Thanks for that, but where do I get them from? I am only interested in free programs at the moment!! -as i am skintAgreed !
After installing grab the online update first.
Re-boot to safe MODE and run it.
Then when you get the first alarm check both boxes you see "remove and quarintine" and "perform this for all infections"

BTW your first scan should be a Complete System Scan. Hit Start then go grab a beer or a coffee.

Hi Patio,
Please excuse my ignorance, this is all relatively new to me. What is safe mode? How do I get into safe mode?

I have downloaded Ewido now (I googled it), and it is scanning my system as we speak, though I am expecting it to ask me for money at any step now...

Do you think it'll nab those viruses with this run or is there something I need to do firstWehn you restart your computer, and itloads RAM and stuff over a black screen. keep pressing F8 until you get to another menu, from there enter safe mode.Spedz is correct ...repeatedly tapping F8 gets you into safemode.
Ewido won't ask for money...although the realtime protection runs out after 14 days but you can still go to the site weekly or so toupdate the definitions...
When it finishes scanning save a log file for me and i'll have a looksee...If the virus is in the restore files, no AV software will get rid of them. Disable system restore, rerun your AV, reenable system restore when finished.You may want to google virus and trojans. Not exactly the same thing. A variety of solutions is REQUIRED on Windows machines.God almighty, it took four hours!!

I don't know YET if it cleared up my viruses. I will run AVG tomorrow morning to see if they're still there.

Patio, I don't know how to save a log file for you to see...

Dummy= I don't know where my trojan horses are hiding, how do I find out where are they?

Also, what do I do with the safe mode thing?

Again, I apologize for my ignorance, this kind of thing is all new to me...

Thanks guysFirst off don't apologise for not knowing something. We all started at the beginning at some point in time.

The important thing is you are at the point now where you want to learn and want to find places that will give you good advice. That's what's important.

As to your questions let's take them one at a time.
Safe Mode is a function of Windows where you choose it upon booting. This is done by hitting the F8 key while it's booting but before Windows starts up.
The advantage to safe mode is it only loads the minimal amount of drivers, services, and background processes for Windows to operate, which is what makes it ideal for troubleshooting and running your malware scans.
So practice tapping F8 on start until you get it , it will be useful down the road.

We don't know where the Trojans are either so that answer is moot. Most malware removal tools might give you that info...i.e. when they show what they've found usually the file is named and it will show a path to the file. This isn't cut in stone however as every tool works differently.

As to the log file when Ewido, AVG, HijackThis and some others i won't list after the program has finished scanning/fixing your machine it will normally ask if you want to save a logfile...in future select yes, give it a filename relevant to the date of the scan and save it in My Documents.

This is your homework assignment for the evening, Fed and Mac will be giving the test tomorrow.... Quote

I have downloaded Ewido now (I googled it)

You have passed the test and you get a little star from me. ---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 00:31:10, 12/12/2005
+ Report-Checksum: D343E834

+ Scan RESULT:

HKLM\SOFTWARE\MaxSpeed -> Spyware.Maxspeed : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{120E090D-9136-4b78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup
HKU\S-1-5-21-1599196801-2106517767-3757435101-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{120E090D-9136-4B78-8258-F0B44B4BD2AC} -> Spyware.Maxspeed : Cleaned with backup
C:\WINDOWS\system32\terabyte.exe -> Spyware.AdSrve : Cleaned with backup
C:\WINDOWS\system32\аti2evxx.exe -> Spyware.PurityScan : Cleaned with backup
C:\WINDOWS\system32\unwise56.exe -> Spyware.AdSrve : Cleaned with backup
C:\WINDOWS\system32\winsrv85.exe -> Spyware.AdSrve : Cleaned with backup
C:\WINDOWS\system32\wmvcore1.exe -> Spyware.AdSrve : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\update_1.exe -> Spyware.WinFetcher.c : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\p.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\!update.exe -> Spyware.PurityScan : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\Q9jmHtI.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr1DE2 -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\l.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr8874 -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\E3qoqChOA.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\Byno.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\wApVY.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr421B -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\Vu0Td9Q9K.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\temp.fr1CA7 -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Local Settings\Temp\nqAG.dll -> Adware.MidADle : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][3].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][4].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\daflip\Cookies\[email protected][2].txt -> Spyware.Cookie.Esomniture : Cleaned with backup
C:\Overpro-347.exe -> Spyware.AdSrve.b : Cleaned with backup
C:\VVSN_STAT0641Inst.exe -> Adware.SaveNow : Cleaned with backup

::Report End

Well, I did save the report-didn't know what the *censored* I was doing at the time but I mananged it and feeling quite proud of myself now! Tee Hee...

I am running AVG now as we speak and it will tell me whether or not I have those viruses.

As for the safe mode, I am still dead curious about that. Is it a black screen? How do i get out of it once I get into it, in case I mess up!?

Cheersbugger!

The viruses are still PRESENT!

2 of them are in the temporary Internet files, I think, it says that.

So I don't know what else I can do...

Well with the four hours you spent, plus the posting backand forth you could have reinstalled Windows, loaded all the drivers, defragmented, loaded preventative software for next time, and had a cup of coffee. A fresh reload will do it, too. Do you have a Windows CD there?

Solve : AVG won't get rid of 4 of my viruses?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment