Fitzy_bhoy said:
AVG has reported various virus' and trojans on my system.
They are as follows
Win32/parite
worm/sddrop
downloader/esepor.k
Despite updating twice in the past few days I still cannot rid my system of
them.
I have download trojan hunter and trojan remover which does not detect them.
The files affected are in the c:\system volume information folder which i
cannot find to delete the infected files.
Also winlogon.exe is being attacked, which trojan hunter finds as a
suspicious file but does not do anything with.
Can anyone help, I have just installed broadband and i am paranoid about
someone doing something to my system.
Thanks
BUY SOME DECENT ANTI-VIRUS SOFTWARE. If you can afford broadband, you are
WAY late on spending the lousy 15 bucks to protect your system and stop
infecting half the world!
And learn to NOT OPEN EMAIL ATTACHMENTS, no matter how cute they look.
You need decent AV software, which will then enable you to clean up the
infected files. I don't know what you mean by "winlogon.exe is being
attacked" -- "attacked"??? -- but winlogon *can* be a trojan.
In any case, you should DISCONNECT from the internet and clean up your
system before re-connecting, so that you don't infect half the world.
Have you even notified your friends (what ones you might have left) and
contacts that you are infected?
It takes some pretty SLOPPY computing and no sense of responsibility to
get infected with THREE trojans like this. Go out and GET ANTI-VIRUS
software, download the latest defs for it, re-scan your system and have it
quarantine all infected files that it can't repair. This will likely
leave your system unusable since you've got at least 3 infections going,
but it's probably best if you reload from scratch anyway since you've now
destroyed some good part of your own data as well as passing along this
stuff to others.
Geez, Win32/Parite is THREE YEARS OLD, how dense do you have to be to run
without any AV software in this day & age? IAC it's likely damaged a
bunch of your programs by now -- which IMO you deserve for being so
irresponsible -- but here's the info on removal:
http://securityresponse.symantec.com/avcenter/venc/data/w32.pinfi.html
Sddrop is "only" a year old and lets a hacker do whatever they want to
your system:
http://securityresponse.symantec.com/avcenter/venc/data/w32.kwbot.f.worm.html
" 4. Waits for commands that the hacker transmits using IRC. The
commands allow the hacker to perform any of the following actions:
* Deliver system and network information to the hacker.
* Manage the self installation.
* Download and execute files.
* Perform Denial of Service (DoS) attacks.
* Replicate across file-sharing networks, such as KaZaA and iMesh."
So I guess you don't mind your computer being used in DoS attacks and
having some stranger execute whatever they want on it.
And esepor.k is only a few months old, and you probably ENJOY the pop-up
porn ads.
As for whatever's going on with your WINLOGON, perhaps it's some variant
of this:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100990
which means that if you've done any credit-card buying on the internet,
someone now likely has all your information.
Happy computing! I bet you're REAL happy you saved spending $15 on a
decent AV program now!
BTW, if you take the same approach with your home as you do with your
computer: please post your home address here along with the times you'll
be out, leave the front door wide open and please leave all your valuables
out where we don't have to look for them.
