This program is supposed to work on that virus
avast will also pick it up. It seems to be a difficult one to get rid of though.
You got it. lets hope it works.
BTW a lot of these malware scanners will work better if you run them in safe mode.
Try that and if you can get into it
try doing a system restore to before the problem started. Virus tend to lock that up so you cant use it but if you can use it to set the computer back to before the virus activated its a lot easier to remove it with a full system scan
combo fix will also work on somethings when other software wont because it doesnt need to be installed
It works better on xp than on vista which is why i didnt recomend it first but here is the link
are you still trying to download ? or to run it ?
If you cant download you can try downloading to another computer and copying it to a cd to install on the infected computer.
If you can see a strange procedure running in the task manager you can try killing with right click and end process tree. usually they are like a string of random numbers and letters. Even if it comes back sometimes you can kill it long enough to get something to run that will get rid of it. If you can get the file name and location you can try deleting it manually or use the kill file in hijack this to get rid of it
Try the combo fix in safe mode. By the time it gets to creating the report it should have told you if it found anything and fixed it hopefully
as for the ots
this is not as easy as i thought it would be. Those things all have to be looked up to see if they are legitimate.
I agree that those funny ones look funny but most of what i can see is legitmate half the entries are for other anti virus programs.
in the fixit section of the ots
C:\Windows\System32\?ô???ô?ô?ô?ô?ô?ô -> C:\Windows\System32\ô䘺睋ôôôôôô -> [2009/08/18 13:46:04 | 000,000,000 | ---D | C]C:\Windows\System32\?ô???ô?ô?ô?ô?ô?ô -> C:\Windows\System32\ô䘺睋ôôôôôô -> [2009/08/18 13:46:04 | 000,000,000 | ---D | M]
basically paste the lines from the files secton
then click run fixit
i would also delete the alternate data streams
go to c:\programdata\temp
delete everything in there it is a temp folder nothing needed should be in there.
it disapeared huh ? lol
At some point it may be easier to just reload the operating system you realize.
you might lose your stuff if you reload the operating system.
Actually you should have backed up all the data files that you need before this. The virus could destroy them at any time
try running the program that picked it up in the first place in safe mode. If we are lucky we deleted enough to at least let it kill what it found. If it still picks it up try to give me exactly where it says it found it.
ok who knows maybe it will actually fix it this time
Well you wouldnt want to do a complete restore. You would just want to copy the actual data files. Those usually arent infected although its possible they can be its a lot more rare.
You would have a new clean operating system. You would reinstall your programs from original cd's so they would be clean as well.
Install 1 ( ONE ) good antivirus software. ( they tend to interfear with each other. ) and then copy only the data from your external hard drive. pictures documents etc
then before you open any of them do a full scan of the computer. That way it should be able to pick up the virus if it does happen to be in one of the documents before it can be activated and install things to keep it from being detected.
Excuse my military analogy but kind of like destroying a machine gun is a lot easier when its still in its box than it is when somebody is firing it at you.
well it depends what you backed up and how you backed it up. A lot of backup programs backup the entire computer programs operating system and all. Mostly because it sounds really good because personally i dont think its a very good way to do it.
what i would do if i was you and i was going to go the new computer route
just grab a brand new flash drive or 2 they are pretty cheap
plug it in to the old computer and just copy those documents etc that you really really need
then plug it into the new computer and
copy them all into their own folder on the new computer where you know where to find them and it will be easy to scan them etc.
That avoids any problems with what might also be on the backup drive or the backup / restore software etc.
I find simpler is better in cases like this
thats all there is ? actually that looks more like a false positive than a real threat to me.
The website builder can easily have some sort of interactive stuff in it that could trigger as a trojan
What else is it doing because honestly my first thought when i picked this up was that dropping the number 3 in at random is more likely to be a faulty keyboard than a virus
uninstall the intuit site builder and see if the trojan warning goes away
I can try to get an md5 value to test it but it looks to me like that is a legitimate file.
It accesses the internet and sends stuff from your computer to a website. To that particular spyware program it looks like a trojan. it is doing what a trogen does and it has a name very simillar to UPDATE.EXE which it thinks is a very bad trojan
Thats why nothing else is picking it up and the fix its using isnt fixing it.
If you mean doing a system recovery back to factory specs I think that would give you piece of mind.
after all the stuff being done by the antivirus programs even if you didnt have a virus and whatever other problems may have been around just because windows isnt perfect a system recovery would certainly get it safe to use and probably a lot smoother than it is now. Just back up everything that you definately dont want to lose as far as data goes. If thats all in my documents that would be just fine. back it up and do a straight copy to a different folder and make sure that you have a couple of copies just in case one is bad.