hi i now have a list of the viruses from my friend computer got it to boot up after a lot of work dont know how i managed it she had 10 viruses avast got them on boot scan she had win32:gen win32adware:gen win32trojanadware:gen win32spyware win32rootkit:gen win32bravix[drp] bv:vapsup:a win32hupigon win32:vapsup:e win32agent:LT what do you know about these viruses i only recognise a couple of them as i had them myself cant find much info on them
Personally I don’t think it would be a deliberate act by any virus, after all it really doesn’t want to disable your system but to use it to spread, etc.
Though there are possible conflicts that might arise if they were to corrupt system files whilst trying to get established.
It is a bit of a futile exercise trying to get information on only the malware name as there is no standardisation or naming convention, this is even more difficult when it is generic detections (the -gen at the end of the name). You are more likely to get better information searching for the infected file name.
You would be advised to have your friend follow the instructions Tech gave in reply #5 of this topic.
ive just done scanned my computer again has 72 infections and the trojan.tdsserv virus avast didnt find it first time around it was spy doctor that found it i am now doing high scan with avast hopefully get it this time i just read a bit on google about it and it tells me it is a high risk virus and can disable your virus software also also hide its self and take personal information and has the ability to change files in ur computer is this so it seems no matter what i do i keep getting these viruses dont know what the next move is help plz
tvdxrools you have two threads open- a sure invitation to a disaster
If you see this respond in THIS thread
and if you are working on two different computers keep them in separate threads
now
where is all tis stuff coming from?
What Firewall are you using?
please rt click avast ball and update programs
then rt click avast ball and schedule boot time scan
reboot - move all hits to chest as suggested and post log
then go to Malwarebytes.org
run Rogue Remover Free- let it deal with whatever it finds
AND
MalwareBytes Anti Malware MBAM
update
check the box next to all nasties
click REMOVE CHECKED- a backup will be made
post the log
along with
read the stickie about HJT at the top of this forum
post a fresh HJT done AFTER the above
take your time and do these correctly
anything not clear post back
apologize to the OP in the other thread for hijacking his thread
thanks will do it just finishing a high scan with avast and nothing found so hopefully i will follow ur instructions and report bk shortly in this thread left apology to op for using his thread thanks
We would prefer to see a third party firewall
Vista firewall can be set somewhat to filter outbound traffic but from what I hear is a real pain
You do not have to copy whole of previous posts
I’ve never heard of anyone messing with VRDP- so it must be OK
If you are running Spybot t-timer or other real time protection let us know
Vista 32 or 64?
If I propose something that does not work with Vista shout out.
high scan?
boot time scan or settings on high post with the scan log
thanks
ok run boot scan didnt find anything so take it spyware dr got it tried few times to download malware rougue from malware.org everytime its telling me it cant run ther is a file missing what firewall do u suggest i run and also how do i get the scan log to post on here both from avast and spware dr thanks
Did you say you ran Spyware Doctor? which version? Free trial, Paid, GooglePack?
Spyware Doctor has an excellent forum here and they actually have Tech support! http://www.pctools.com/forum/forumdisplay.php?f=54
they can quickly help you find the right log
DAvidR or Tech
can you address the post the log questions?
meanwhile Spybot search and destroy http://www.safer-networking.org/en/mirrors/index.html
could you download, (install sd-helper do not install t-timer) update, immunize and run a full scan
quarantine any hits do not remove/ delete
post the log
i ran the free version of spyware doctor to try it out and see if it was any good first no i just downloaded rogue remover i will try both them together also try spybot i will attemt hjk this afterwards i just hope we find a solution as my computer is looked after thats why i dont understand all these viruses im just glad of the help thanks again
spyware doctor is an excellent product
I just removed due to a comparability problem or I could fire it up and see where the logs are
It would be really nice to know if it found anything
see what you can find
we gotta start somewhere
thanks for keeping trying
we’ll find a chink in the armor
ok thanks ive got a log of my scan with spyware dr will post it here have to do it in to or 3 quotes as it is to big it might give u an idea of where the viruses came from or the files they infected ok i will go ahead and star posting them
[quote author=wyrmrider link=topic=38477.msg323091#msg323091 date=1220917384]
nice find
but that looks like the activity log
anything in quarantine?
[/quote this is a bit more of the report ertlevel=“2” description=“<b>Threat Name</b> - Trojan.TDSServ<br><b>Type</b> - Startup<br><b>Risk Level</b> - High<br><b>Infection</b> - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TDSSserv.sys, (Default) = driver<br>”/>
<value number=“121” datetime=“08/09/2008 19:47:03:347” summary=“Infection quarantined” alertlevel=“2” description="<b>Threat Name</b> - Trojan.TDSServ<br><b>Type</b> - Registry Key<br><b>Risk Level</b> - High<br><b>Infection</b> - … and this is what is in quarintine … 9 rogue antispyware pc.healthcentre…1 perfect key loader hkey_local_machine\software\microsoft\windows\current\version\run#sistray…3 adware.agent.bn hkey_local_machinesoftware\currentversion\uninstall\web…19 adware.bho.gen…72 trojan.tdsserv
How did you get that posted as a copy?
hard to read
but it does look as if there are some quarantined items
TDSSserv.sys
which is may be a nasty and may involve a rootkit
SDFix can get it but you have to be able to follow instructions exactly
I’d like to see a Spybot scan log (no copy this time) and either the Avast boot time scan log or a Kaspersky AV on line scan
then read the stickie at the top of this forum and post a hijack this
any way to post that Spyware doctor in a clearer form?
what did MBAM forum say?
Avast has an anti rootkit feature if we can’t get Avast to run we need to use a different anti rootkit application
please advise
most all should get adware.agent.bn
if it is still around after spybot scan these two get it
Super Anti Spyware
Windows Defender
take no action just put these on your “keep in mind” list