http://imageshack.us/photo/my-images/715/picmx.png/
Hi there. My AVG detected the following trojans. What is the best method to properly identify, remove, and completely eliminate them? I am confused by the threats being located on my services and can't pin point what entries to delete because it does not give a specific folder name.
Please see attached screenshot.
Thank you so much in advance for the help.
Hello Alexpho,
AVG should give you an option to quarantine and remove the items. Do you get that option?
Please note that these infections are what are termed 'backdoor' infections. Thus, there exists a possibility that some personal information on your system has been compromised.
Please run the following on-line scan, note any infections that are found so you can post the details here, and then select to remove those infections.
ESET On-line Scanner
Regards,
Golden
Thanks for the quick reply Golden. The AVG interface quarantined the first two threats ( but does it remove??, could not find that option ). However, the 3rd threat in services was not removed because AVG identified the location of the threat as being in " Services " and can't delete it because it is a required part of Windows. I will soon run your online suggestions.
Regards
OK. The "Services" one will be tricky. Finish the ESET, lets see what it does.
Depending on what happens, we might have to run a scan from outside of the Windows boot environment - I'll explain more when the ESET scan is done.
Regards,
Golden
Ok. Looks like the problems were " supposedly " eliminated. I ran AVG again and it did not detect. What I did was force AVG to delete the 1st two thou it game me warnings. On the services, I went online and found out a solution. What I did was went into the CMD prompt and reset my services.
I tell you, how can people have time to sit around the computer with the intentions of messing with other people by developing spyware and viruses. Sick world.
Regards
hi
When i have virus prob. i download COMBOFIX here
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
ONLY IF YOUR MACHIN HAS NO SQL BASED APP. !!!
but avg anti virus resist combofix. thats why i dont like it
enjoy
Alexpho, AVG is showing a "Backdoor Trojan" infection. The first thing you should do is change all your passwords, using a known 'clean' machine (not the one that's been infected)
Flush the DNS cache and restore MS's Hosts file:
Copy and paste these lines in Note pad.
@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0
Save as flush.bat to your desktop.
Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.
Next, download (free version) Malwarebytes' Anti-Malware to your desktop
Malwarebytes Special Offer!
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. Copy and Paste that log into your next reply.
Quote