Computer Hope
Software => Computer viruses and spyware => Topic started by: nightmagic11801 on September 23, 2006, 05:18:18 PM
-
I started having all these goofy stupid things happening to my pc so my dad told me to download the avg free. Since I have had it (about a couple of weeks) It has picked up six viruses. 5 being trojan horse and one associated with java. Should I heal them or kill them?
Here's the list: 1)Trojan Horse Downloader.Zlob.DMI located in windows system 32\oqabf.dll 2) " " .DKP " " Program files\iCodecPack\iesuninst.exe
3)" ".DMI system volume information\ _restore{0a438c3B-a487-4c6d-850c-c76cc3327fd0}\rp1293\a0100053.dll
4)" .DKP " "
" " " "
\a0100056.exe
5)Trojan horse Backdoor.generic.EAY " "
" "\Rp906\a0071086.exe
6)Java openstream located in documents and settings\owner\application data\sun\java\deployment\cache\javai\v1.0\jar\javainstaller.jar-3c936701-11fb9a30.zip
It really sucked writing that all out! so i hope it helps with the info! Thanks much in advance! ;)
-
Scan in safe mode.
'heal' them if possible, delete them if you can't heal them.
-
How do I get into safe mode and once i'm in it how do I get back to normal?
-
http://www.computerhope.com/issues/chsafe.htm
-
Thanks I'll do that later and let ya know what happens! :)
-
tools such as ASquared or Ewido should clear up any problems such as trojan horses and worms
ASquared
a trial from here
http://www.emsisoft.es/es/software/download/
Ewido
download a thirty day trial for free from
http://www.ewido.net/en/
copy these links into your browser then download and update each product before running
-
A-Squared and Ewido both offer free versions...
patio. 8-)
-
http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1134123580
check it
[smiley=wink.gif]
-
http://www.computerhope.com/cgi-bin/yabb/YaBB.cgi?num=1134123580
check it
[smiley=wink.gif]
Thanks I look into the ewido, I already have the windows defender and of corse the avg. I did delete the viruses, it didn't give me an option to heal. But now everytime I start the pc up I have a window from windows installer that says: The feature you are trying to use is on a network resource that is unavailable.
Click OK to try again or enter an alternate path to a folder containing the installation package "WPOZOOZA.msi" in the box below.
Use source : c:\hp\tmp\src\
When I hit cancel it trys to install it anyway I then have to hit cancel 3 -6 times before it goes away. Is this part of the trojan maybe?there is still one in the test results, but It won't let me do anything with it, delete,heal,restore,or vault. But it's there every time I do a scan. Other than that everything else seems to be ok
-
ewido should take it out.. can you give the name of the trojan horse.
-
Well I ran the ewido and it took care of 85 infected things. One of them being a trojan ( don't remember it's name ) I ran the avg again and there is still a trojan in there. The same one that it will not let me do any thing with. It's name is :Trojan horse Generic2.BCB. I'm going to run another Ewido scan with my system restore off and see if it gets anything else. If you know why AVG won't let me do anything with that virus please tell me! In the mean time........off to do some more scans!
-
also go to the site i gave and post hijackthis log
-
I get that trojan all the time, he's an easy kill defender 15-in-1
ewido gets em too :-*
-
I get that trojan all the time, he's an easy kill defender 15-in-1
ewido gets em too :-*
You get that trojan all the time?
-
Well after some more scans I was able to get rid of everthing. The trojan is no longer showing in my avg scans. But I still have the stupid windows installer thing happening when i start the pc up. Any ideas what it is and how to get rid of it?
-
Did you try looking for the installer and removing it? It may be somewhere in a temporary folder.
-
spybot might help
-
HJT log.
You need to read the posts in here and absorb what is said, we don't just post links to scanning programs hoping they will fix your problems.
-
HJT log.
You need to read the posts in here and absorb what is said, we don't just post links to scanning programs hoping they will fix your problems.
Best advice i've seen this month ....
patio. 8-)
-
The MSI popping up all the time is usually the result of an incomplete or corrupted install. If it gives you any detail information you might try removing the program involved and running the installation again (if it's something you want installed).
-
HJT log.
You need to read the posts in here and absorb what is said, we don't just post links to scanning programs hoping they will fix your problems.
I ran the htl and took care of the stuff that needed taken care of and what not. The windos installer is still there and i don't know how how to find it's temp folder or the program that it is trying to install. I do have the windows update but it will not update untill i give it's ok,and it hasn't notified me in a few weeks. There's no programs in my add/remove that I didn't put there,and I havn't dowwnloaded anything in about a month, eversince i have been trying to get rid of viruses,and adware. How do I find whatever is trying to install to get rid of it?
-
Post the error message from MSI.
-
There is a fix for the Windows Installer at MS's web site...
-
I can't find it any where :-? I'm lost as to where to look. And the only time it ever does it is when i first boot up the pc. this is the message:
The feature you are trying to use is on a network resource that is not available.
Click OK to try again or enter an alternate path to a folder containing the installation package 'WPO2OO2A.msi' in the box below.
Use source: c:\hp\tmp\src
When I push cancel it still trys to install and then this message pops up again and i have to repeat cancel 3 times for it to disapear so that my pc will continue its start up. Help :-[ :-?
-
There is a fix for the Windows Installer at MS's web site...
Is MS :Micro Soft?
-
yes
-
Okay after hours and hours of searching, the only thing that i was able to figure out was that the program trying to install was a office word free trial thing that was being activated to install when Piolet was started....so i got rid of piolet and now i don't have it anymore. Thank you all for all your help though!! ;D
-
Office Word phoning home ? ? !! I'm aghast !
What is Pioulet ?
-
I believe Office is now "loaded" too. ::)