Guest proinwv Posted August 11, 2008 Posted August 11, 2008 Does anyone know anything about this virus? Quote
Guest Maurice N ~ MVP Posted August 11, 2008 Posted August 11, 2008 Would you provide details as to what file or files were specifically tagged, and mention what antivirus program / anti-malware app was used that found this issue. -- Maurice N MS-MVP -- "proinwv" <proinwv@discussions.microsoft.com> wrote in message news:CD953DB4-1452-4204-A472-56D5723E6C99@microsoft.com...<span style="color:blue"> > Does anyone know anything about this virus? </span> Quote
Guest David H. Lipman Posted August 11, 2008 Posted August 11, 2008 From: "proinwv" <proinwv@discussions.microsoft.com> | Does anyone know anything about this virus? From the name we can determine it is nOT a virus it is a Trojan Agent. However that's all. Please provide MORE information... - Name of anti malware application that delaclred this - Fully qualified name and path to the file deemed infected. - What the OS is where this Trojan was found. Any log extracts would be helpful. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest proinwv Posted August 11, 2008 Posted August 11, 2008 I run ZoneAlarm Suite, current version, 7.0.483.000 On a scan it identified the trojan, exactly as I did in the subject line, and said it was taken care of. No further information was provided. It did then tell me to reinstall XP SP3. I did that and had a problem in that SP3 reported that setup could not copy wextract.exe. I discussed this on another MS forum and was told not to worry about it, if XP was working ok, which it is. Quote
Guest David H. Lipman Posted August 11, 2008 Posted August 11, 2008 From: "proinwv" <proinwv@discussions.microsoft.com> | I run ZoneAlarm Suite, current version, 7.0.483.000 | On a scan it identified the trojan, exactly as I did in the subject line, | and said it was taken care of. No further information was provided. | It did then tell me to reinstall XP SP3. I did that and had a problem in | that SP3 reported that setup could not copy wextract.exe. | I discussed this on another MS forum and was told not to worry about it, if | XP was working ok, which it is. OK. ZoneAlarm's AV solution does not provide a good encyclopedia. Therefore we can't determine what this Trojan's payload or objective was. However, there is still the possibility that your PC is still infected with something that zonealarm's AV solution failed to detect. I suggest scanning with the following... Download MULTI_AV.EXE from the URL -- http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe http://www.pctipp.ch/downloads/dl/35905.asp English: http://www.raymond.cc/blog/archives/2008/0...virus-for-free/ To use this utility, perform the following... Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS } Choose; Unzip Choose; Close Execute; C:\AV-CLS\StartMenu.BAT { or Double-click on 'Start Menu' in C:\AV-CLS } NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your FireWall to allow it to download the needed AV vendor related files. C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS} This will bring up the initial menu of choices and should be executed in Normal Mode. This way all the components can be downloaded from each AV vendor's web site. The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. You can choose to go to each menu item and just download the needed files or you can download the files and perform a scan in Normal Mode. Once you have downloaded the files needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key during boot] and re-run the menu again and choose which scanner you want to run in Safe Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode. When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help file. Additional Instructions: http://pcdid.com/Multi_AV.htm Please report back your results -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest proinwv Posted August 11, 2008 Posted August 11, 2008 Dave, I did run the scan from MS Live and it found one virus/spyware, not identified, which it dealt with. Would this be adequate? Quote
Guest David H. Lipman Posted August 11, 2008 Posted August 11, 2008 From: "proinwv" <proinwv@discussions.microsoft.com> | Dave, I did run the scan from MS Live and it found one virus/spyware, not | identified, which it dealt with. | Would this be adequate? Since you are talking about Windows Live OneCare -- NO. :-( I suggest doing a scan with at least the Trend Micro module and possibly Sophos as well. If you do the Sophos scan, you may want to limit it to just the tree of C:\Windows rathar then the enire disk. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Maurice N ~ MVP Posted August 11, 2008 Posted August 11, 2008 Just FYI: OP's original thread at windowsxp.general http://www.microsoft.com/communities/newsg...=&cr=&sloc=&p=1 -- Maurice N MS-MVP -- Quote
Guest David H. Lipman Posted August 11, 2008 Posted August 11, 2008 From: "Maurice N ~ MVP" <maurice@mvps.org> | Just FYI: OP's original thread at windowsxp.general | http://www.microsoft.com/communities/newsg...icrosoft.public. | windowsxp.general&tid=abd91f75-7cf1-4cd4-b37a-9de7d9a98030&cat=&lang=&cr=&sloc=&p=1 | -- | Maurice N | MS-MVP | -- Danke. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.