We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Real hassle from virus/spyware

Options
Hello, I posted yesterday about avg not getting rid of Trojans. I managed with the help from here to get rid, but now things are going from bad to worse. I must have run about six different scans today and now the internet connection seems to be going mad. I have been getting pop ups ( all in French), it cuts out, my welcome screen (AOL ) looks very plain, basic and not like it usually does. I have tried the free help on there but that has cut out. I seem to be getting on other sites so far.I also keep getting AVG pop ups saying it has found a Trojan and I click to heal/ quarantine, it says it has done it but the next time I go on the net it pops up again. I have not had anything like this bother before - I have McAfee firewall ( which also told me the AVG email scanner had changed, did I want to allow it access and I don't know whether to or not in case it's been infected somehow, then again I don't want to be left exposed. I also have ad aware spybot and the ewido antispyware program which I downloaded yesterday. The other users on the computer don't seem to be getting this just me! Sorry for the rant, I really would appreciate some help as I feel I am going round in circles and just making matters worse if I try to do anything.

Edited to add - I have checked in the virus vault and most of the viruses are infecting the back up copies of various programs. ( there are several different trojans and they are infecting different programs/documents) Help!!
«13456710

Comments

  • alanrowell
    alanrowell Posts: 5,386 Forumite
    Part of the Furniture 1,000 Posts Combo Breaker
    First ensure that you are up to date on your anti-virus / anti-spyware software

    Then turn off System Restore. Then you reboot in safe mode.

    Run all your anti-virus / anti-spyware programs. Then reboot in safe mode & repeat until clean

    Then reboot normally, connect to the internet & download all the critical Windows Updates

    Reboot in safe mode and check everything again.
  • Browntoa
    Browntoa Posts: 49,602 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    follow this whole thread here

    http://forums.moneysavingexpert.com/showthread.html?t=133269

    posts 1 to 4, it is the Malware/Spyware removal thread and contains links to all the software you need (you already have Ewido from yesterday) and FULL instructions on what to do..

    if you still have problems afterward there are instructions in post 4 of the thread about making a hijackthis log...do that and then post the log back here and we can advise you
    Ex forum ambassador

    Long term forum member
  • rosy
    rosy Posts: 642 Forumite
    Thanks to both of you for replying. I have run in safe mode a complete AVG scan, adaware scan and ewido scan ( I did this yesterday too. More Trojans popped up after the scan yesterday and yet more today).
    If you can spare the time I would be really grateful for advice as it's really getting me concerned now.

    AVG scan - listed three more Trojans today

    Trojan Horse LOP.AD in Documents and Settings\All Users\Application DAta \ Four book grim noun\ armysecond.bk!

    The title of this makes me think I am going to be bombarded with more and more of the things - AVG hasn't picked up a third or fourth book of viruses ( if I am interpreting the name of the thing correctly ) and I am still,in spite of clearing everything, getting more alerts from AVG ( as we speak in fact - these ones it seems to be able to fix though ). I suspect something is on a timer somewhere releasing the viruses in a stream, as that is what it seems like - I can't pick them off fast enough.

    I also had the following - Trojan Horse Lop.AD in my Application Data\LONGBARBEGGS\mbhajtjr.exe and the same again but with \wrmptccm.exe ( that doesn't stand for a worm, does it:eek: )

    The longbarbeggs doesn't sound too great.

    What would help me calm myself is

    a) Is this just someone causing nuisance value ( it takes about 4 hours a time to scan everything) or could this be causing real harm somewhere - I'm not so fussed about pop ups though they are a nuisance but I don't want my passwords etc hijacked or my computer crashing - how bad is this?

    b) AVG in safe mode couldn't sort the viruses, but did allow me to quarantine them when I restarted the computer - is this normal or should I be concerned?

    c) If I back up my important stuff now in case of the worst case scenario developing, how do I know there's not something still hidden in the backed up copies of things? Obviously the AVG is picking up a lot of stuff but clearly it isn't getting to the root of the problem and I really know nothing about the finer points of searching through my computer. I'm not very confident trying to sort out stuff in case I cause a calamity

    d) I don't know how this stuff got in in the first place because I am very careful about not clicking on links, have a firewall and update the AVG etc virtually every day and run regular scans. Should I be doing something else? My sons use MSN a lot - I guess they may have downloaded something dodgy from their friends but they won't admit it if they have!

    I'm sorry this is a big ramble but I really would appreciate more help! Thanks
  • Browntoa
    Browntoa Posts: 49,602 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    go here

    http://www.tomcoyote.org/hjt/

    download hijackthis (flashing button on the left of the screen) and install it to it's own directory not run it from the extracted file

    follow the instructions to do a scan and then the Scan Button has a new Caption. Save Log. Click the Save Log button to create a file named Hijackthis.log. A dialog box will pop up. Use it to select the location where you will save the log. Close the program. Return to the Forum and reply to your original post. Open the Log in Notepad. Highlight the entire contents. Copy and paste the contents of the HijackThis log into your post.

    Wait for help from either me, Pchelpman or Alfonso only.

    we will analyse that log and see what is really going on and advise you :)
    Ex forum ambassador

    Long term forum member
  • rosy
    rosy Posts: 642 Forumite
    Hello, Thank you - I will download hijackthis and let you know what it finds, but I did a panda scan which picked up spyware ( I think it's all originating from something called Virus Burst ) - the file names it found matched up with what AVG was identifying as a virus, but the panda scan picked up lots more in the same vein ( and some others the names of which may be censored on here! ). I don't know if that helps at all before I do the hijackthis log ( the problem with the free pandascan is as it is picking it up as adware it's not deleting any of it - I posted last night ( well early this am) to ask if it was worth buying the Pro panda version). I have the log for that if that would help - should I post that first?
    Thanks for your help
  • pchelpman
    pchelpman Posts: 1,275 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    HijackThis is an excellent tool but it doesn't see everything. Panda is better for that.

    Please post a HJT log and the Panda Activescan log as well. It will give us more detail of what malware is hiding on your computer and where it is.

    Then we can go a'huntin' for the bad guys.;)

    Meanwhile ...DO NOT buy anything.

    PCH
  • Donnie
    Donnie Posts: 9,862 Forumite
    rosy wrote:
    Hello, Thank you - I will download hijackthis and let you know what it finds, but I did a panda scan which picked up spyware ( I think it's all originating from something called Virus Burst ) - the file names it found matched up with what AVG was identifying as a virus, but the panda scan picked up lots more in the same vein ( and some others the names of which may be censored on here! ). I don't know if that helps at all before I do the hijackthis log ( the problem with the free pandascan is as it is picking it up as adware it's not deleting any of it - I posted last night ( well early this am) to ask if it was worth buying the Pro panda version). I have the log for that if that would help - should I post that first?
    Thanks for your help

    Did you check your private messages and follow the instructions?
  • rosy
    rosy Posts: 642 Forumite
    Sorry for being so ignorant but how do I install hijack this to its own directory? I have saved it to my desktop at present where it is still sitting zipped up! The pandascan I copied and pasted but it is too long to post - shuold I just post it in bits?
  • Double-click the .zip file and extract the file inside (HijackThis.exe) to your Desktop.
  • pchelpman
    pchelpman Posts: 1,275 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    By all means post log reports in "bits". We've had them here before and I know Activescan can be very lengthy at times.

    Doinnie .... what PMs? Please do not PM users with instructions. Three reasons ...

    1. If you give helpful information everyone would like to benefit from it.

    2. If the user follows your advice,then posts a question in the thread about the outcome, you are the only person who definitely knows what they have done.

    3. We know nothing about your expertise in handling malware or what advice you have given; this puts the user in an unacceptable risk position.

    I'm not trying to be rude here and I'm sure you can understand why we take this approach.

    PCH
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.9K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.9K Work, Benefits & Business
  • 598.8K Mortgages, Homes & Bills
  • 176.9K Life & Family
  • 257.2K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.