| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 70592 | 2006-07-08 23:22:00 | Feebs worm infection. | Cicero (40) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 469501 | 2006-07-08 23:22:00 | I have been attacked by the above. Have run spy bot and it removed and ran housecall and it removed it too. Problem is, AVG finds it each day and removed,for all that I am sure it is still on here. Also did a clean out via hijack this. Any thoughts would be appreciated. XP SP2. Oh also AVG leaves message...Partion table (MBR)which I presume is where it fixed it from. |
Cicero (40) | ||
| 469502 | 2006-07-08 23:30:00 | Try Trojan remover (http://www.simplysup.com/) It seems to have 4 variations of it in its database. I would also kill those P2P programs, if any are installed. This is most probably how u got it in the first place. |
Speedy Gonzales (78) | ||
| 469503 | 2006-07-08 23:34:00 | There is also a removal tool to download from here: www.f-secure.com |
Terry Porritt (14) | ||
| 469504 | 2006-07-09 01:18:00 | Thanks chaps. Ran Speedy worm finder,found nothing. I do have a P2P app but don't activate much these days,most when scanned contained virii,so have mostly given it away. Will now look at T reco. now and see how that goes. |
Cicero (40) | ||
| 469505 | 2006-07-09 02:43:00 | I just wonder why you didn't run your anti-stuff while you are running in SAFE MODE? Turn of your system restore settings and make sure the little beastie isn't hiding in there to re-infest you over and over each time you boot. I personally never run system restore at all...it just ties up hdd space and is a haven for malware. |
SurferJoe46 (51) | ||
| 469506 | 2006-07-09 02:52:00 | I just wonder why you didn't run your anti-stuff while you are running in SAFE MODE? Turn of your system restore settings and make sure the little beastie isn't hiding in there to re-infest you over and over each time you boot. I personally never run system restore at all...it just ties up hdd space and is a haven for malware. Might do that now. I don't use sys restore,I use GoBack. Thanks to yous Joe. :thumbs: |
Cicero (40) | ||
| 469507 | 2006-07-09 04:44:00 | Might do that now. I don't use sys restore,I use GoBack. Thanks to yous Joe. :thumbs: Ran spybot in safe mode,it found Zlob downloader. How does one get a Hijackthis out of safe mode?You can take a copy,then when one comes out of course it re starts and the copy has gone? |
Cicero (40) | ||
| 469508 | 2006-07-09 06:15:00 | ? HijackThis opens Notepad to show the log. Save the file, Cicero (File-Save As) to somewhere that you know where it is, name it to something you will remember. Then when it reboots, just like magic the file should still be exactly where you left it saved! |
godfather (25) | ||
| 469509 | 2006-07-09 06:34:00 | I have been attacked by the above. It's a bit of a worry as to how you managed to do this. Particularly after this post (www.pressf1.co.nz). |
FoxyMX (5) | ||
| 469510 | 2006-07-09 06:43:00 | ? HijackThis opens Notepad to show the log. Save the file, Cicero (File-Save As) to somewhere that you know where it is, name it to something you will remember. Then when it reboots, just like magic the file should still be exactly where you left it saved! Why that is wonderful GF and profound thanks. Now Foxy is getting at me. ;) |
Cicero (40) | ||
| 1 2 | |||||