hard drive shot through with Trojans, Jokes, Worms, Viruses.

Discussion in 'Malware Help (A Specialist Will Reply)' started by staywhereyouare, Jul 2, 2006.

  1. staywhereyouare

    staywhereyouare Private E-2

    Hi--thanks in advance:

    OS: Win ME
    Processor: Intel Celeron 600 MHz
    RAM: 320 MB
    20 GB C:drive (where all the viruses were) master (runs on WinME)
    40 GB D:drive as slave (used to run on Win98 SE)
    dial up
    Compac 5000 series 5BW120

    My first mistake...letting my brother-in-law try to help me see the info on the D: drive (which had been knocked out by multiple power surges), by giving me a C: drive shot full of viruses. AVG did not detect them.

    Symptoms: computer slowed down, internet slowed down, typing slowed down, and mouse cursor hesitating and not smoothly when moving it online.

    Followed all the procedures in "How to protect yourself from Malware thread"
    except uninstalling Microsoft Java (this has caused some problems opening programs in the past).

    Followed the procedures in "Read and Run me 1st before asking for support"
    *except* Counterspy wouldn't install. It said it needed MDAC 2.0 to install--but I have higher versions of that, so I'm not sure what's going on.

    Ran CWSshredder and Kill2me--also ran about: buster before I figured out the virus problems.

    Question: are all the files on the D: drive compromised because of the viruses on the C: drive?
     

    Attached Files:

    staywhereyouare, Jul 2, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Was AVG installed before before the infections or after? Did you run a full system scan with AVG?

    Your logs do not show any signs of active malware. Yes Bitdefender showed some items in email folders that YOU need to manually remove, but that is all that was show. So what Trojans, Jokes and Worms are you referring too.

    MS Java is no longer supported by Microsoft and is too full of secuirty holes to keep. You should not have any problems after uninstalling it as long as you install Sun Java. It should full replace MS Java. Which programs are you saying would not "open".

    Are you sure that you have installed all of your Windows updates from Microsoft.

    Yes it could be but I don't see any on the C drive.

    You can however run HijackThis and fix the below minor item:
    R3 - URLSearchHook: (no name) - ~CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)

    I do have a question about one process seen running. What is the below process for? It could be a problem! Maybe a LOP infection!
    C:\WINDOWS\SCREEN SCAPES TASK.EXE

    If you don't know what it is then have HJT fix the below line:
    O4 - Startup: Screen Scapes Task.lnk = C:\WINDOWS\Screen Scapes Task.exe

    Then reboot into safe mode and delete the file.
     
    Last edited: Jul 3, 2006
    chaslang, Jul 3, 2006
    #2
  3. staywhereyouare

    staywhereyouare Private E-2

    Thanks for the reply...

    AVG was installed before the infected C drive was installed as a master. Ran full system scan--AVG up to date. Nothing found.

    OS has all the Windows updates.

    Bitdefender said Win32.Magistr.B
    Joke.Geschenk
     
    staywhereyouare, Jul 3, 2006
    #3
  4. staywhereyouare

    staywhereyouare Private E-2

    ugh..sorry, half of my message didn't post.

    I-Worm.Hybris.B
    Trojan.Patched.B
    suspected of One_Half.3591

    I'm a novice...didn't realize stuff was in the email files from the old user. I'll delete the emails and uninstall the ISP programs.

    AVG fully updated and scans every day. Will uninstall MS Java. OS is completely patched.

    Looks like Screen Scapes is some sort of calendar/planner. The other person had it on there--it can come off. I'll research signs of LOP infections after the HJT is fixed.

    If no problems, disable and enable system restore, correct?

    Really appreciate your help. Make no money in AmeriCorps--idealism doesn't pay--and need to keep this going so I can do job searches in Nov when my tour is over. So thanks for helping a sistah out!
     
    staywhereyouare, Jul 3, 2006
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You mean it was installed on drive C (the infected drive) before using this as your Boot drive????

    Yes we know that! It was in your email files as already stated that you need to remove.
     
    chaslang, Jul 4, 2006
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is not a useful log. I need a log that not only tells you the virus/trojan name but where it is located (the full file name and path).


    Only after you are no longer having any malware problems. Are scans still detecting things (other than in email files or in system restore itself)?
     
    chaslang, Jul 4, 2006
    #6

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds