virus problems

im just sitting here on my pc and im getting avast telling me i have viruses, i keep deleteing them and they keep coming back.

VBS:Malware [Gen]
Win32:Dialer-E [Trj]
Win32:Trojan-gen. {Other}
VBS:Malware [Encrypted]
ISTactivex.dll
Win32:DyfucDldr-F [Trj]

these are the ones i keep getting. the DLL keeps apearing on my desktop and since it was created that day and i didint install or update anyhting i would think
its bad.

why do they keep coming back, is there a restore file on my pc somewhere or something like that?

download spybot search and destroy and then update it.
once updated do a scan.
spybot will kill the following:
ISTactivex.dll
Win32:DyfucDldr-F [Trj]
Win32:Dialer-E [Trj]

and possible the other 2. others can help you get rid of the other 2.

i run avast every day adn it sayd its deletes them, but yet they keep coming back, but i dont DL anyhting or even go in the web. i have spybot S&D, ill try n update it, i also DL this otehr spyware removal. ill post back here with the outcome

Thanks

yup those are gone. now im getting these viruses…

VBS:Malware [Gen]
Win32:Trojan-gen. {Other}
VBS:Malware [Encrypted]

and a few others, i save thier names into a file but gaylly i guess it didnt save when i closed out.

any advice for killing these off? my avast said it just updated virus database so iam run it again, but is there a way to have it auto delete when it finds a virus casue i dont wanan sit here and click delete every time a virus pops up.

thannks

Hi,

what WIN do you have ?
Where exactly was the infected File found (full pathname and filename) ?

Sometimes it’s enough to

  • clear all TEMP-folders and
  • empty Temp.Int.Files folder(s) (via IE->Extras-Internetoptions->Delete files, including OFFLINE files) and
  • empty java-Cache or
  • disable system restore on Win ME/XP
    to get rid of it…

test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name
(you need to temporarily disable AV-Resident Shield/Monitor/Guard to be able to scan the file online)

(If they all don’t show it as infected, please send it in a password-protected zip-file to
virus@free-av.de/virus (at) asw (dot) cz
Include the password and a link to this posting in the mailtext)

-remove the Virus/Malware and it’s system modifications according to VirusInfos
from Avast, VGREP, TrendMicro, Kaspersky;
you might also try searching for the virus name or filename with google

general removal procedure:

  • disable system restore on Win ME/XP
  • kill respective Backdoor/Trojan process with task manager
  • search for the file/process names in the registry; remove the malware’s startup entries in the registry
  • disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot

-Secure your system:
change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - or better use a secure browser

  • scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro to check whether your PC is clean :wink:
  • reenable system restore on Win ME/XP

if it’s of the trojan-gen kind: ad-aware and cwshredder might also help
if you still can’t remove it, you could post a logfile of Hijackthis here

see www.lurkhere.com ->nicefiles and www.lavasoft.de

Further Details and Links via the board search above :wink:

i ran trend and it found an TROJ REVOP.A called over.exe in my program files. it wont clean it tho, there is also pup.exe, i had pup a while ago and now its back.

can you please tell me how these things keep coming back, i run avast, i just formatted my pc. is there a restore file that dosnt get picked up that?

Run Avast at boot-time or in safe-mode so programs are not loaded yet
you have to do more than just have an anti-virus running
you need to learn “safe hex” see:
http://www.claymania.com/safe-hex.html
also there are some programs to help you be safe:
Spybot Search + Destroy
Spyware Blaster
Spyware Guard
Ad-Aware
Use a good firewall
Most viruses are spread by e-mail-use a filter!!!
What e-mail client are you using?if outlook express check out the link above.Also there are a few settings to change.
Let me know and I’ll post a list for you.
Don’t forget -update update update!!!
“munge” your e-mail address ex:@nomail.afraid.org
This will almost stop harvesting of your address.
-max

use virus defination from avast it has alot of virus detector(free)

www.avast.com