Avant 4.7 guidance required

I am trying to remove a virus on a friends PC which is

Win32:Adloader-AZ its a trojan I think.

This virus has blocked my internet connection. I have installed avast 4.7 and started a scan, in doing the scan the avast window states “current scanner status infected” I am not sure what this means, I am guessing it means that Avast has become corrupted therefore pointless doing the scan again.

Is this the case ?, any suggestions more than welcome.

The PC is running windows XP service pack 2

I don’t think so… but can you schedule a boot-time scanning?
Start avast! > Right click the skin > Schedule a boot-time scanning. Select for scanning archives. Boot.

It will be good if you download, install, update and run other trojan remover tools:
a-squared
Free AVG Antispyware
SUPERantispyware
Spyware Terminator

It seems strange that an Ad loader (advert loader) would block your internet connection. Did this loss of connection happen after attempts to remove the infection ?

For XP SP2, try Windows Start button, Run - type ‘netsh winsock reset’ without the quotes - this may be enough to fix the issue.

yes I lost the Internet after trying to remove adloader with avast. However I will try the run command later tonight, thanks for the tip. although it may also be due to installing sp2 so I can then get the microsoft malicious software tool remover from microsoft security webpage, (for whats it’s worth)

Dave

The removal of some trojans can have this effect as they hook themselves into the connection system, most notably NewDotNet.

The above fix has worked for resetting the connections after removal of newdotnet.

...although it may also be due to installing sp2 so I can then get the microsoft malicious software tool remover from microsoft security webpage, (for whats it's worth)

Did you installed XP SP2 on infected computer? Well if so, then this could be the reason for having problems now.

Hi guys

tried the above fix from start run & no joy, I have noticed that in device manager no items are showing, its completely blank. To get on the net I use a usb device but just noticed that any usb device does not work.

I have tried safe mode with networking no joy, also cannot do a system restore. Any ideas ??

Dave

Furthermore to the above I have noticed that 99% of all services have been disabled, and cannot be restarted, looks like a reformat is looming, unless anybody has any ideas.

I am aware that this problem is moving away from my initial avast query, so if no further help is available
thanks for all your suggestions so far.

Dave

Overinstallation can solve the problem and you won’t lose your programs, settings, data, files, etc.
Just choose ‘Repair’ installation of Windows and install ‘over’ the old installation.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;315341
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q314058
http://www.webtree.ca/windowsxp/repair_xp.htm

But if you have a backup for your data, it is advised to format and do a clean installation.

Due to the device manager problem mentioned above and from a search on google, I discovered that all services had been disabled. so after starting dhcp rcp etc etc I have now got pc back on the internet. Now I am downloading & installing every free malware removal tool & anti virus I can find. hopefully that should sort it.

thanks again for above suggestions

Dave

It’s not necessary… even worse, if you install two antivirus at the same time you could have another conflict.
A lot of antivirus, when uninstalled, left trash behind what could make your system unstable.
Try full computer scanning on-line:
Kaspersky
Trendmicro housecall
Ewido

You need to exercise extreme care when selecting your protection and over and above what Tech said, there are many rogue products out there. So before installing anything you should do some research, google, etc. and for any anti-spyware product this is an essential place to visit http://www.spywarewarrior.com/rogue_anti-spyware.htm.

thanks guys I will tread carefully on this issue, and research as suggested. dpending on who & how many people you speak to every seems to have an opinion on what is good & what is not good.

on my own laptop I use avg (free) antivirus and sunbelt (kerio) firewall, and seems ok to me.

if I was to put 1 firewall 1 anti virus package & 1 anti spyware package on this problem pc what would you choose ?

Dave

Firstly I’d have to disagree with one antispyware package. I have one resident antispy, plus a number of on demand scanners. The resident I chose is SpywareTerminator. If you install it in other than “beginner” mode, you’ll need to learn how to deal with popups. The program alerts you to every unknown application, as well as confirmed threats. (Which, apart from it’s being free, is one reason I chose it.) More than 1 resident antispy can sometimes cause conflictions, but often behave OK together. AVG antispyware (was Ewido, 30 day trial then on-demand scanner only) is considered excellent, especially with trojans. Asquared is also excellent with trojans. Superantispyware is an excellent all rounder. And “so yesterday” but still very worthwhile are Spybot and AdAware.
Depends what kind of approoach you want to take. For most of us, as good protection as we can reasonably find, plus a few removal tools in case something gets through is pretty adequate.
I chose comodo Firewall (2.3.6.81) and (of course) Avast AV.

The general rule of, only one resident anti-spyware, one firewall, the same as only one resident AV applies to avoid potential conflict in programs that basically specialise in the same area.

No limit on the on-demand scanners other than you have to keep them up to date.

Anti-spyware order of preference, but all generall do a good job:
SUPERantispyware
Free AVG Anti-spyware
Spyware Terminator
a-squared

Kerio firewall is fine and for the most part if you are happy with it and don’t find it to intrusive OK.
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php. Also see http://www.thefreecountry.com/security/firewalls.shtml

Hi,

PC still online, so I have just ran the kaspersky online scan

19 viruses infecting about 9000 files

can anybody tell does the scan jusr scan or delete/nutralise as well ?

Dave

From the Kaspersky website (Free Online Virus Scanner page):

“NOTE: The online virus scanner will not remove the malware from your machine if it finds it - installing our software is required to do this. You try our antivirus software (full product) for FREE by downloading and installing a free trial, or you can purchase our products in the estore.”