What's new
  • Please do not post any links until you have 3 posts as they will automatically be rejected to prevent SPAM. Many words are also blocked due to being used in SPAM Messages. Thanks!

Virus problem...Help

mattlef

Well-known member
Joined
Apr 16, 2008
Messages
1,977
Location
Toronto, Ontario
I'd have to agree with BrainEater,
Save what you need to save, and blow out windows with a fresh install. This could end up being a loosing battle if its been going on for even a week. Fresh Install of the OS is going to save you a hell of a lot of time, and maybe wasted effort.
 

BrainEater

Well-known member
Joined
Mar 19, 2007
Messages
2,768
Location
Calgary
If you do actually get through a scan , and decide to take that computer online , Here's something you should do.

Turn off all running programs , and everything in the systray you can.
hit <ctrl-alt-del> , go into taskmanger>Processes . Now , while carefully watching what processes 'pop-up' , plug in the ethernet cable.If you are lucky , you might find one or more of the sub-programs of the trojan popping up there for a sec while they rebuild themselves.

I did a quick search on trojan r.G , did'nt find anything meaningful.That's bad , because it means it's newer.
 

Kilauea

Well-known member
Joined
Mar 23, 2008
Messages
1,346
Location
Montreal
I don't like AVG either. A few years ago there was an infection on this computer that caused some pop ups and other "minor" problems. AVG never found what it was. I installed Kaspersky trial and it was gone immediatly. Then I switched to AVS(Aol sponsoring Kaspersky) and it was amazing. After the license was over I went back to AVG on my father's computer, but in the meantime, I was trying Avira and Avast on mine.

Back to the situation now. I finally managed to update AVG and restarted scanning, I went to scan directly into the windows folder as it was the one that was affected and surprise(not really) I found some different virus:
Trojan horse downloader.Small.DGT
Trojan horse SHeur.CDSC
Trojan horse Agent.AADO

The scan is not over, but I am at 56 after 30minutes and not a trace of the trojan r.g yet.

Edit: I noticed that as soon as I touch the keyboard the computer freezes
Edit 2: I don't know if that means anything to anyone, but when I go into graphic properties(where we can change the background), I only have 3 tabs parameters, appearance and theme. It wasn't like that before.

Edit 3: after I last touched the keyboard, I had to restart... Once that is done, I get just past the starting windows screen and then the screen stays blue, nothing more happens, I can move the mouse, but can't press any keys on the keyboard. In safe mode, the screen is black but the problem is the same(including the freeze as soon as a key is pressed).
 
Last edited:

Jmac

Well-known member
Joined
Apr 25, 2007
Messages
550
Location
Van Isle, BC
It's quite possible that, during the system disinfection, a system file may have been corrupted or deleted by AVG which is adversely affecting your bootup.

I responded to your other thread about accessing the recovery partition but, should you not wish to take that route, you may still be able to boot into Safe Mode w/ Command Prompt and run chkdsk /r (checks for and attempts to repair file system errors) and/or fixboot (attempts to fix the Master Boot Record).

Personally, I'd recommend just doing a system recovery and next time you should make your recovery discs (it prompts you when you first boot it up and will keep annoying you until you make them, unless you tell it not to).
 

BrainEater

Well-known member
Joined
Mar 19, 2007
Messages
2,768
Location
Calgary
eeek.

A quick lookup on the SHeur trojan yields some info.

It disables your firewall and kills your internet.

It also installs a full blown rootkit.

You have some serious issues now.You should consider every password on that machine compromised.As well , any personal info/banking/whatever , has probably been compromised as well..

You need to immediately talk to your dad and find out what kinda personal info was on there , and change it all.

Sorry bud , but it's time to stop trying to clean , and seriously consider reinstalling windows.

:sad:
 

enaberif

Well-known member
Joined
Dec 9, 2006
Messages
11,391
Location
Calgahree, AB
eeek.

A quick lookup on the SHeur trojan yields some info.

It disables your firewall and kills your internet.

It also installs a full blown rootkit.

You have some serious issues now.You should consider every password on that machine compromised.As well , any personal info/banking/whatever , has probably been compromised as well..

You need to immediately talk to your dad and find out what kinda personal info was on there , and change it all.

Sorry bud , but it's time to stop trying to clean , and seriously consider reinstalling windows.

:sad:
Absolutely agree!
 

DarKStar

Well-known member
Joined
Jul 15, 2008
Messages
1,213
Location
Canada
You got the BRAVIAX ? ThaT's a nasty MF :) AVG skips on a lot - I use Spyware Doctor (that one effectively removes BRAVIAX and any strays left overs) don't attempt to manually remove them, some will show up again. Get yourself spyware doctor, you will be surprised how much stuff it finds on your system. You should have a BRAVIAX files in the %windows%system32 directory too. I use AVIRA security suite, that one also finds stuff, has an excellent detection rate, and it removes more stuff left than other programs.

I had the BRAVIAX too and neither Spybot S&D 1.6 nor AdAware 2008 even detected it !
Same for Norton, it skipped on a lot of that too.
 

Kilauea

Well-known member
Joined
Mar 23, 2008
Messages
1,346
Location
Montreal
You have some serious issues now.You should consider every password on that machine compromised.As well , any personal info/banking/whatever , has probably been compromised as well..
Alright, just to get things straight as to how bad things are. every password would mean what exactly ? There are lots of information on that computer, but at the same time its not so bad. My father uses it to write his bills and stuff for his company.

My mom uses Opera to pay bills, but it is safe to assume that she did not do it for 14 days or more.

Besides that, he has his email that is access through Outlook, it recorded his password so he doesn't need to enter it everytime(either way he doesn't know it).

I believe that is all that is done on his computer that is sensitive. So, which of these should I worry about ?

And while we are at it, I plan to get myself an HDD enclosure along with an HDD, but before doing anything, I guess I will plug my father's HDD into the thing because he has a sata drive and I am still with IDE, and then save the information on my HDD and my ipod. Then I'd do whatever with the compaq disk that came with the computer.
Would this work ? or would I be at risk of having a virus on my own computer if I were to do that ?
 

Latest posts

Twitter

Top