Guest Mhaxx Posted January 20, 2009 Posted January 20, 2009 On my Vista, Windows Defender alerted about a file download from P2P: TrojanDownloader:Win32/Renos.DU I removed manually, but Windows Defender goes on to ask to me to remove it. Why? Thanks in advance, Massimo Quote
Guest Malke Posted January 20, 2009 Posted January 20, 2009 Mhaxx wrote: <span style="color:blue"> > On my Vista, Windows Defender alerted about a file download from P2P: > > TrojanDownloader:Win32/Renos.DU > > I removed manually, but Windows Defender goes on to ask to me to remove > it. Why?</span> Possibly because your manual removal wasn't thorough enough and the system is still infected. Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/page2....emoving_Malware Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. Please see the special Notes regarding using Multi_AV in Vista. http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions http://tinyurl.com/yoeru3 - download link and more instructions You can also check to see if there are targeted removal steps for your malware here: Bleeping Computer removal how-to's - http://www.bleepingcomputer.com/forums/forum55.html Or here: Malwarebytes malware removal guides - http://tinyurl.com/5xrpft When all else fails, get guided help. Choose one of the specialty forums listed at the first link. Register and read its posting FAQ. PLEASE DO NOT POST LOGS IN THE MS NEWSGROUPS. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ Quote
Guest Kayman Posted January 20, 2009 Posted January 20, 2009 On Tue, 20 Jan 2009 10:26:39 +0100, Mhaxx wrote: <span style="color:blue"> > On my Vista, Windows Defender alerted about a file download from P2P: > > TrojanDownloader:Win32/Renos.DU > > I removed manually, but Windows Defender goes on to ask to me to remove it. > Why? > </span> Provided you have updated the in-build Malicious Removal Tool, it should remove this particular malware. Why don't you run it? Quote
Guest Dave M Posted January 20, 2009 Posted January 20, 2009 Mhaxx;4188791 Wrote: <span style="color:blue"> > On my Vista, Windows Defender alerted about a file download from P2P: > > TrojanDownloader:Win32/Renos.DU > > I removed manually, but Windows Defender goes on to ask to me to remove > it. > Why? > > > Thanks in advance, > > Massimo > > Recovery Steps > Manual removal is not recommended for this threat. To detect and remove > this threat and other malicious software that may have been installed, > run a full-system scan with an up-to-date antivirus product such as the > Microsoft online scanner (http://safety.live.com). For more information, > see http://www.microsoft.com/protect/computer/viruses/vista.mspx.</span> -http://www.microsoft.com/security/portal/Entry.aspx?Name=TrojanDownloader%3aWin32%2fRenos.DU -- Dave M ------------------------------------------------------------------------ Dave M's Profile: http://forums.techarena.in/members/dave-m.htm View this thread: http://forums.techarena.in/security-virus/1106270.htm http://forums.techarena.in Quote
Guest Mhaxx Posted January 20, 2009 Posted January 20, 2009 >> I removed manually, but Windows Defender goes on to ask to me to remove it.<span style="color:blue"><span style="color:green"> >> Why? >> </span> >Provided you have updated the in-build Malicious Removal Tool, it should >remove this particular malware. Why don't you run it?</span> Are you referring to Windows Defender? I've just run and now it seems there's no risk. I don't know why.. do you think I'm free of malware? Massimo Quote
Guest David H. Lipman Posted January 20, 2009 Posted January 20, 2009 From: "Mhaxx" <mhaxx@despammed.com> <span style="color:blue"><span style="color:green"><span style="color:darkred"> >>> I removed manually, but Windows Defender goes on to ask to me to remove it. >>> Why?</span></span></span> <span style="color:blue"><span style="color:green"> >>Provided you have updated the in-build Malicious Removal Tool, it should >>remove this particular malware. Why don't you run it?</span></span> | Are you referring to Windows Defender? | I've just run and now it seems there's no risk. I don't know why.. do | you think I'm free of malware? | Massimo No it is NOT Windows Defender ! Dopwnload and execute the MRT manually. http://www.microsoft.com/security/malwareremove/default.mspx -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp Quote
Guest Mhaxx Posted January 22, 2009 Posted January 22, 2009 > http://www.elephantboycomputers.com/page2....emoving_Malware Ok, the only thing I can't understand of it is the section: "D. Recap of what you will need to have on-hand before you start the cleanup process" that if: have I to launch LSPFix to fix Internet connection problem if there isn't problem? It's true that when malware occured Internet connection through my router seemed to be broken, but turning on the router everything now seems to work good. So: have I to perform LSPFix? Massimo Quote
Guest Malke Posted January 22, 2009 Posted January 22, 2009 Mhaxx wrote: <span style="color:blue"><span style="color:green"> >> http://www.elephantboycomputers.com/page2....emoving_Malware</span> > > Ok, the only thing I can't understand of it is the section: > > "D. Recap of what you will need to have on-hand before you start the > cleanup process" > > that if: have I to launch LSPFix to fix Internet connection problem if > there isn't problem? > > It's true that when malware occured Internet connection through my router > seemed to be broken, but turning on the router everything now seems to > work good. So: have I to perform LSPFix?</span> No. LSPFix is only if you can't get online. The concept of having it ahead of time is in case you aren't able to get online to download it after cleaning. Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.