|
Posted by Steve/Aus on June 18, 2007, 10:57 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> You are coming to conclusion that is NOT backed up by any facts. Even if
> "Hacked by VJ" in
> the titlebar was caused by malware, I truly doubt that a viryus has caused
> it.
>
>
> For non-viral malware...
>
> Please download, install and update the following software...
>
> * Ad-aware SE 2007
> http://www.lavasoft.de/
> http://www.lavasoftusa.com/
> http://www.lavasoft.de/ms/index.htm
>
> * SpyBot Search and Destroy v1.4
> http://security.kolla.de/
> http://www.safer-networking.org/microsoft.en.html
>
> * SuperAntiSpyware
> http://www.superantispyware.com/superantispywarefreevspro.html
>
> After the software is updated, I suggest scanning the system in Safe Mode.
>
> I also suggest downloading, installing and updating BHODemon for any
> Browser Helper Objects
> that may be on the PC.
>
> * BHODemon
>
>
http://www.majorgeeks.com/downloadget.php?id=3550&file=11&evp=245a87539eea8ed6904332b4b8b8442d
>
> For viral malware...
>
> * Download MULTI_AV.EXE from the URL --
> http://www.pctipp.ch/downloads/dl/35905.asp
>
> To use this utility, perform the following...
> Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
> Choose; Unzip
> Choose; Close
>
> Execute; C:\AV-CLS\StartMenu.BAT
> { or Double-click on 'Start Menu' in C:\AV-CLS }
>
> NOTE: You may have to disable your software FireWall or allow WGET.EXE to
> go through your
> FireWall to allow it to download the needed AV vendor related files.
>
> C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
> This will bring up the initial menu of choices and should be executed in
> Normal Mode.
> This way all the components can be downloaded from each AV vendor's web
> site.
> The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
> Reboot the PC.
>
> You can choose to go to each menu item and just download the needed files
> or you can
> download the files and perform a scan in Normal Mode. Once you have
> downloaded the files
> needed for each scanner you want to use, you should reboot the PC into
> Safe Mode [F8 key
> during boot] and re-run the menu again and choose which scanner you want
> to run in Safe
> Mode. It is suggested to run the scanners in both Safe Mode and Normal
> Mode.
>
> When the menu is displayed hitting 'H' or 'h' will bring up a more
> comprehensive PDF help
> file. http://www.ik-cs.com/multi-av.htm
>
> Additional Instructions:
> http://pcdid.com/Multi_AV.htm
>
>
> * * * Please report back your results * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
Thanks for your input Dave. I will do as suggested and report back.
In the meantime the file MS32DLL.dll.vbs has been located on the computer
which seems to suggest a trojan. From what little knowledge that the 'net
has given up, it can stop access to disc drives by double clicking but not
using the 'explore' option and can also prevent users accessing the registry
(regedit command). At this stage there is one physical hard drive we can not
access but that may be caused by another problem.
Steve W (in Aus)
| 
XML site map