well, I am still having trouble with installing avast!..or there is still trash from Norton!
I going to read as many forums as I can and get as much information as I can. I am a baby in diapers–making messes–as far as knowing anything about the *inner workings**of a computer.
so I am going to start with very basic things and work my way up to ??? knowing more than I do now :-[
One question, please? when I do a boot scan, all is fine. when I run a through scan, it alerts me to Win32.CTX virus which I then quarantine…but it happens everytime I do these actions and i don’t understand why…
any advice?
What file is infected with Win32.CTX virus?
Do you try to repair before sending to Virus Chest (Quarentine)?
Could you post your starup programs list?
Good luck
I am going to follow the instructions in that thread today…have to do something 'cause my email is not working on Outlook Express again ( I’m using my bellsouth.net account for now)
the infected file shows in:
documents and settings\donna holt\local setttings\temporary–then I cannot see anything after that.
I haven’t tried the repair just the quarantine.
My start up:
IE
OE
ashdisp
ashmaisv
ashServe
avast! Antivurus
Notepad
WordPad
ad-watch
I have to manually start any avast! program.
and an interesting thing happened last night and this morning…I received a notification from
Net Delivery Service
A virus was intercepted before being routed to you and was destroyed. If you believe the sender’s address is valid, please inform him or her of the situation. Please note that even though the source may be a known and valid e-mail address, such e-mail messages are often sent out without the knowledge of the sender.
A virus was intercepted before being routed to you and was destroyed. If you believe the sender’s address is valid, please inform him or her of the situation. Please note that even though the source may be a known and valid e-mail address, such e-mail messages are often sent out without the knowledge of the sender.
Raman is suggesting that you go to the mentioned URL, download a tool called “HijackThis” and let it generate the log of your startup files (which is rather well hidden in the program: Config/Misc Tools/Generate StartupList log"). You can download the standalone StartupList tool from that page as well.
Having a notepad and wordpad in startup is a little suspicious…
The messages you get means that somebody (who has your e-mail address in his/her address book and got infected by the Swen virus) is sending the Swen virus to you (i.e. the virus is spreading). Since you can’t find out who really sent it (the e-mail “From” field is forged), you can safely ignore this notification.
No Problem. Download and unpack the zip, start the exe-file(hijackthis.xe?) Press scan, than save log, save it and the windowseditor will pop up. Mark/copy all the thing it shows and past it here.
I do not see any special on your log. Support.com\bin\tgcmd.exe could be classified as Spyware. I see that you use Adaware allready , maybe you should try spybotSD, too.
Hm, what can be the english word for “Datentraegerbereinigung”.
You should find it under all programms/accessories/systemprogramms. It could be called “harddisccleaning”?
That means you should delete your temporary folder and temporary internet files( IE -Cache).
All files inside this folder: C:\Documents and Settings\DONNA HOLT\Local Settings\Temporary Internet Files
and this
C:\Documents and Settings\DONNA HOLT\Local Settings\Temp\
BTW: I can not find a startup for Notepad or wordpad.
Raman, thank you, sir, for your advice!
I installed and ran spybot and deleted some nasty stuff–although it’s in a safe place in case I goofed
I checked for disk erorrs, defraged. and empytied the cache…in other words, I cleaned up as much as I knew how to do.
Also, when I did a through scan this time, I marked repair all…I’ll scan again later and see if CTX is still there.
When I hover over the avast! icon–activated manually–it says: on access scanner 6 provider(s) total 5 running…is this something that I need to correct??
Cojo, what were the result of the scanning?
For your question, on access scanner 6 provider(s) total 5 running…, this means one of the six avast! modules (resident providers) is not running. It’s not wrong but, could you see is avast! is correctly configurated for your need? Right click the ‘a’ icon, choose, ‘On-Access Protection Control’.
The six residents providers are:
Standard Shield. It checks the applications being run and documents being opened. It will not allow an infected application to start or an infected document to be opened, thus possibly protecting you, the user from activating/spreading a virus
Outlook/Exchange. It checks incoming and outgoing e-mail messages processed by MS Outlook client (it is part of the MS Office package - it is not the same as the simpler Outlook Express!) or MS Exchange. It will refuse to accept or send a message containing a viral code
Internet Mail. It checks incoming and outgoing e-mail messages processed by clients other than MS Outlook or Exchange, such as Outlook Express, Eudora etc. Again, it will refuse to accept or send a message containing a viral code
Profession Edition includes also:
Script blocking. It checks scripts contained in the web pages you look at, thus avoiding infection due to potential bugs in your web browser
Instant Messaging. It checks the files downloaded by common communication programs, such as ICQ or MSN Messenger
P2P Shield. It checks the files downloaded by common P2P (file sharing) programs, such as Kazaa and others
hello again! and aha…the new through scan I ran found that CTX virus…I tried the repair and it said:
Access Denied
c:\documents and settings\donna holt\local settings\temp\trz195.temp…file
so I put it in the chest again! why does it keep showing up?
I really do appreciate everyone being so kind and patient with me while I get this taken care of…thank you all.
Technical, thank you!
I went to MoveOnBoot but there is nothing called that and I don’t know which one to use ???..sorry…but, gosh, some of them look good–of course not nearly as good as Avast!
Which one are you recommending, please?
Thank you again…you have done so much to help me, I would like to think of a way to send you a present for you or your family…
CoJ0
MoveOnBoot is not an antivirus application.
MoveOnBoot allows you to copy, move or delete files on the next system boot. This comes in very handy, if you need to replace or delete files which are locked by other applications, loaded into memory or cannot be changed until next system boot. You could manually enter a line to the wininit files, but using MoveOnBoot is much simpler, since the program can be integrated into shell - it creates the “Copy/Move/Delete on boot” context menu item.
my next computer is going to be a Mac…I can not stand this Dell from Hell!
I had problems trying to install the Sygate…so I amy look at the Black Ice…or something else.
thanks for your reply!
this puppy is going to bed and try and get computers off my mind for awhile I’ve been working on this for several hours!
I think I will have to do some more cleaning up on this computer and get rid of that virus–tomorrow! ;D
