Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

plz help. win32.trojan

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Elrond » August 8th, 2007, 12:59 pm

AVG reported that the Trojan never managed to infect your computer. All the scans show the same thing. They all come up clean except for a few traces of something that is all removed.

There is a bit more housekeeping to be done.


Open HijackThis and click "Do a System Scan Only" or "Scan". Put a check mark by the items that are listed below.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

Close all open windows except HijackThis and then click the "Fix checked" button.


Now can you tell me what of any problems you have with the computer.
Does AVG still tell you that the Trojan is there?
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove

trojan

Unread postby deemon » August 8th, 2007, 2:21 pm

i done what you said and hijack this didnt find anything
im doing a scan with avg but i dont think it will find anything else as ive done a few scans. theres still a trojan in the virus vault which cant be removed i took a copy of the details which ill post below. i am also getting about 40 junkmail posts a day shud i change my email address.

object name: trojanhorsesetup.exe
object path: c:\docume~1\admin~1\temp\rar$ex06.609\..
discovery : trojan horse dropper.agent.efr
date of detection 02/08/2007 23:10:39
source computer: user
finder: administrator
file size: 13mb (13652585 bytes)
healable: no
source: backup copy
status: infected
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

avg scan

Unread postby deemon » August 8th, 2007, 2:54 pm

avg scan found nothing.
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

Unread postby Elrond » August 8th, 2007, 3:41 pm

This should get rid of theat pesky but safely locked up trojan.

This is what AVG says about how to get rid of the stuff in the Virus-Vault.
You can do it selectively from AVG Virus Vault program -> select files -> delete. Or you can delete all AVG Virus Vault contents in one go: - Open the AVG Control Center program -> right click on "AVG Virus Vault" tab -> choose "Empty vault".

Let me know if you had any problems with it.


As your computer seems clean I would like you to clean up some of the tools we have used during the cleanup. They are not suitable for day to day use and can be dangerous if misused.

Delete the following folders (most of them are probably on your desktop.):
Combofix
Sysclean


and the following files
C:\ComboFix-quarantined-files.txt
C:\ComboFix.txt(if it exists)
C:\ComboFix2.txt
C:\ComboFix3.txt
and any other possible files in C:\ that start with Combofix.

Also delete logs that you have on your desktop and that are the result of the scans we ran. They are not dangerous but they clutter up your desktop.


This is a good time to clear your existing system restore points and establish a new clean restore point:

  • Go to Start > All Programs > Accessories > System Tools > System Restore
  • Select Create a restore point, and Ok it.
  • Next, go to Start > Run and type in cleanmgr
  • Select drive will open. Click OK
  • Either a scan will open up and take a few minutes or it will go directly to Disk Cleanup for ...
  • Select the More options tab
  • Find System Restore. Click Clean up
Next Set correct settings for files that should be hidden in Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
  • If unchecked please checkHide protected operating system files (Recommended)
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
  • Click OK

Your computer now seems to be clean. Therefore please

  1. Clean out Temporary Files etc. Download System Security Suite from http://www.igorshpak.net/software/3ssetup104.zip. Extract it from the zip file into a folder and double click on sss.exe. Please check the following check-boxes under the Items to Clear tab:
    1. Under Internet Explorer
      • History
      • Temporary Files
    2. Under My Computer
      • Recycle Bin
      • Run (Menu)
      • Search History
      • Temporary Files
    Next click 'Clear Selected Items'. Reboot when prompted. It is a good idea to do this every few weeks as a lot of junk collects there over time.
  2. if you are using Intrnet Explorer v. 6
    Make your Internet Explorer more secure - This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
      1. Change the Download signed ActiveX controls to Prompt
      2. Change the Download unsigned ActiveX controls to Disable
      3. Change the Initialise and script ActiveX controls not marked as safe to Disable
      4. Change the Installation of desktop items to Prompt
      5. Change the Launching programs and files in an IFRAME to Prompt
      6. Change the Navigate sub-frames across different domains to Prompt
      7. When all these settings have been made, click on the OK button.
      8. If it prompts you as to whether or not you want to save the settings, press the Yes button.
    5. Next press the Apply button and then the OK to exit the Internet Properties page.
    There are good reasons to upgrade to Internet Explorer v. 7. Do look into this. You can find a lot of information about it on Microsofts website.
  3. Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.
  4. Update your Anti Virus Software - It is imperitive that you update your Anti virus software at least once a week (Once a day is a good idea). If you do not update your anti virus software it will not be able to catch new variants that come out.
  5. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. Windows Firewall is not recomended.
    Be restrictive with granting access to the internet. If you are unsure if the program really needs the access, test it by denying the access and see if this has any negative effects. If not, make the block permanent.
  6. Never run two Antivirus programs or two Firewalls at the same time. They can interfere with each other and cause problems.
  7. Visit Microsoft's Windows Update Site Frequently or better yet set computer for automatic updates.
  8. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
  9. Read and follow the sugestions given at this web site by Miekiemoes http://users.telenet.be/bluepatchy/miek ... ntion.html that will give you more information on some of the points above.

Follow this list and your potential for being infected again will reduce dramatically.


Let me know how things are running. Any problems.


Good luck and clean computing. :D

If I have been able to help you I am happy :) E
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

thank you, thank you, thank you.

Unread postby deemon » August 8th, 2007, 5:51 pm

thank you very much for all your help.
everything seems fine and trojan deleted from avg.
your a star,
just 1 more thing, will i delete the avg anti spyware program i downloaded earlier and also 3ss. and hijackthis.
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

Unread postby Elrond » August 9th, 2007, 12:48 am

You can delete HijackThis.

AVG Antispyware is useful and if you keep it it will be a free program after 30 days.
It is useful as you can be keep it manually updated and it is a good idea to do a scan of the computer every week or so. It will remove the unwanted cookies and look for possible spyware.

The same thing is true for SSS except that it does not need a update. It removes a lot of junk that has a tendency to collect on the computer.

Hope this is of help.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 304 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware