| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 57463 | 2005-05-03 06:53:00 | virus found in online scan | theother1 (3573) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 351688 | 2005-05-03 06:53:00 | I scanned my computer with McAfee online scanner and trendmicro online. Trend micro didn't find anything but McAfee found this "Generic PWS.f " It appears to be a password stealer but how to remove without buying McAfee? I have AVG free and Spybot and Ad Aware plus Zonealarm and MS antispyware but still it got through. :horrified |
theother1 (3573) | ||
| 351689 | 2005-05-03 07:50:00 | Try this www.simplysup.com It isn't free but might remove it. It might be OK having AVG and other programs, BUT is your windows updated/patched?? Having Windows, that isn't patched, files like this can and will get through... |
Speedy Gonzales (78) | ||
| 351690 | 2005-05-03 08:49:00 | You will have to restart into safemode, to stop trojan activating. Look in your windows folder for svhost.exe ( NOTE SPELLING..not svchost.exe) Start Registry editor and remove this key.. HK_Local_Machine\Software\Microsoft\Windows\Curren tVersion\Run\ Shell = svhost.exe Also I would advise for you to run a cleaner such as Ccleaner , with all boxes ticked, to ensure it is not hiding in your temp files or cache and cause another re-infection. |
pheonix (36) | ||
| 351691 | 2005-05-03 09:13:00 | Try this . simplysup . com/tremover/" target="_blank">www . simplysup . com It isn't free but might remove it . It might be OK having AVG and other programs, BUT is your windows updated/patched?? Having Windows, that isn't patched, files like this can and will get through . . . Yes,all updates and patches are in place . |
theother1 (3573) | ||
| 351692 | 2005-05-03 09:27:00 | You have'nt got any software from here have you. www.nirsoft.net hth |
johnboy (217) | ||
| 351693 | 2005-05-03 09:46:00 | You have'nt got any software from here have you. www.nirsoft.net hth Not that I know of. |
theother1 (3573) | ||
| 351694 | 2005-05-03 09:48:00 | I am waiting for some other suggestions or confirmation that Phoenix's suggestion is the correct path to take. No offence Phoenix but I need to be sure. | theother1 (3573) | ||
| 351695 | 2005-05-03 11:32:00 | More info here. securityresponse.symantec.com |
Safari (3993) | ||
| 351696 | 2005-05-03 11:39:00 | Phoenix got me out of a bog with CoolWebSearch. Your caution is wise but in all posts I've seen and followed up he/she knows what they are talking about. | mark c (247) | ||
| 351697 | 2005-05-03 11:51:00 | thanks guys. I took Phoenix's advise and opened in Safe and looked at the registry keys but couldn't see the key he (or she) referred to. Ran CCleaner anyway. I think I will run McAfee again and see if picks it up again. :confused: |
theother1 (3573) | ||
| 1 2 | |||||