virus help

[hwoarang_t4]

my friend was on my comp and gave me a multidrop trogan and i was wondering if any1 knows how 2 get rid of this son of a b. i really want 2 get rid of it so any info would help greatly

[Doom]

hmmmm you can try geekstogo website or u can try this program

SmitFraudFix
Follow the instructions on the link

[hwoarang_t4]

thx hopefully it works

ok i tried it but my mcafee keeps finding the file saying its a virus, brings up msn messanger, and wont delete or clean or anything 2 it. all that file did was get rid of the thing from add the 4 files when i delete them. im guessin its cleaned out since i used avg 2 scan my comp and didnt find anything. so u make things simple any1 know how 2 make mcafee stop sending that msg and msn messanger from coming up? btw thx kill slayer for some help

[Joshy]

Your friend is an asshole and you should slash his tires if he has a car. Unfortunately, i dont know anything about removing viruses so i can't help you there.

[Z3R0]

Shut down. Reboot, and enter "safe mode" (think it f-3). When your computer starts up you wil know if you are in safe mode because your desktop will say safe mode in the four corners. When you are sure you are in safe mode, run scandisk and the defrag programs. restart your computer. This might not work but it is the basic diagnostic.

[hwoarang_t4]

ill try it and see if it works

[Z3R0]

Lemme know, if it doesn't work i'll give you something else. You might be better off just deleting the infected file, assuming that you have identified it or it isn't part of your programing.

[hwoarang_t4]

nope didnt work. i scanned, deleted infected files, restarted and the mofo msg wit the virus still shows up

btw my comp is scanning again and alrdy found that same trogan

[Pamela]

Ewido is a good program for anti spyware and avast is good for viruses.AVG is excellent ...and all of these are free programs and easy to download. Be sure you check your settings ,I cheat...I have a friend that I use a program with that lets him take over my computer. So I sit back like a dumbass and learn as he shows me what I SHOULD have done.

Hey...WHAT??? It works for me!^-^ Our sessions are normally followed by talk along the lines of *Is there anything else I can help you with my dear? We have leveling in 5 minutes and dynamis later on.*

[hwoarang_t4]

ill try ewido

[Z3R0]

It may not even be a real trojan, just a joke. Have you noticed any missing files?

[hellsing293]

if you can do it get nod32(ussually have to pay but theres always a way for free ). AVG should work though. ask you're friend what he did exactly so you might be able to better figure out what it is/how to get rid of it.

[hwoarang_t4]

It may not even be a real trojan, just a joke. Have you noticed any missing files?

well no files r missing but it keeps making files, its a multi dropper trogan

if you can do it get nod32(ussually have to pay but theres always a way for free ). AVG should work though. ask you're friend what he did exactly so you might be able to better figure out what it is/how to get rid of it.

he said he was on msn messanger talking 2 his firend, clicked this 1 link about him being in a pic, saved the pic, and boom i got the trogan. not sure if itll help but he said the pic ended wit a .pif file

[kfish117]

I would reccomend using AdawareSE , you can download it from Free Software Downloads and Software Reviews - Download.com , It works excellent, and is easy to use.

[Pamela]

I am on MSN as we speak and so is my friend add me to your MSN and we can help get it fixed. As for Adaware,Spybot Search and Destroy,and Spyware Blaster they are what I use. my MSN is [email protected]

Any smartass remarks will be duly noted...as I go into the next room and laugh. I just added you to mine.

[hwoarang_t4]

ehh small problem. once in a while this trogan will send a msg that contains the trogan in a pic and itll close the convo

[Z3R0]

Try this, you should 'not' have any open browsers when you are following the procedures below.

Download Ewido Security Suite at http://www.ewido.net/en/download/.

1. Install Ewido Security Suite.
2. When installing, under 'Additional Options' uncheck:
* Install background guard
* Install scan via context menu
3. Launch Ewido, there should be an icon on your desktop, double click it.
4. The program will now open to the main screen.
5. When you run Ewido for the first time, you will get a warning 'Database could not be found!'. Click OK. We will fix this in a moment.
6. You will need to update Ewido to the latest definition files.
* On the left hand side of the main screen click update.
* Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed. The status bar at the bottom will display 'Update successful'.
8. Exit Ewido. DO NOT scan yet.

If you are having problems with the updater, you can go to http://www.ewido.net/en/download/updates/ to update manually.

Download CleanUp! http://cleanup.stevengould.org/ (Alternate Link if main link don't work - http://www.greyknight17.com/spy/CleanUp.exe ) and install it. Don't run it yet.

Restart your computer and boot into Safe Mode (if you don't know how, go to http://www.bleepingcomputer.com/forums/ind...showtutorial=61 ).

Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you check the last one:

O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch

Uninstall the following via the Add/Remove panel:

WildTangent - This is an online gaming package that is installed by a number of third party applications and even OEMs, ISPs and AIM. The games aspect of this is really rather cool. The being installed without you asking for it isn't cool at all. They collect information about you and your usage. We recommend uninstalling it.

Locate and delete the following:

C:\WINDOWS\wt\

CleanUp! deletes EVERYTHING out of your temp/temporary folders, it does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp!. Run CleanUp! and click on the Options button. Uncheck 'Scan local drives for temporary files'. Also uncheck those two Newsgroup entries if you don't want to delete them. Click OK and then click on the CleanUp! button. Let it run. After it's done, choose Yes to logoff.

Now open Ewido and do a scan on your system.

* Click on scanner.
* Click on 'Complete System Scan' and the scan will begin.
* While the scan is in progress you will be prompted to clean the first infected file it finds. Choose 'Remove', then put a check next to 'Perform action on all infections' in the left corner of the box so you don't have to sit and watch Ewido the whole time. Click OK.
Exit Ewido when it's done.
* Once the scan has completed, there will be a button located on the bottom of the screen named 'Save report'.
* Click 'Save report'.
* Save the report to your desktop.

Restart your computer to get back to Normal Mode. Post the Ewido report and a new HijackThis log here.

Also give me this file:

Go to c:\windows\system32\drivers\etc and open up the hosts file (no extensions) up in Notepad. There should be a bunch of lines with a # in front of them followed by a single line like:

127.0.0.1 localhost

[trayne]

superadblocker should remove it. multidrop trojan is a altered version of doom.exe and the annoying amos worm. it keeps returning cause you are deleting the files but not its registries of the virus. superadblocker will do that for you. it has a spyware/etc. scannar on it that checks for and removes such things from files and its registries.. i think its a 15 day trial on it but i have a zip of it with a keygen in it. i put it on friends computers cause they also are suckers for hacks and end up trojaning or virusing themselves.

[hwoarang_t4]

ok u sorta lost me at
Run a scan in HijackThis. Check each of the following if they still exist and hit 'Fix Checked' after you check the last one:
where do i find that

think u can send me that zip wit the key gen?

im not 100% sure but i believe we have conqured that f'ing virus. woohooo!!! thx every1 that helpe. if i could i whould each and one of u a cookie

[Z3R0]

Follow the links to make certian that it is gone.