I had something come up on my screen warning me about 2 trojans and Ineed
to install XP antivirus protection..is this part of windows? It is trojan
MYtob.mailer and Zlob.z. Is this for real? It has the microsoft logo,and
looks official, but I'm always a bit skeptical of these things..I was afraid
to click on install, not knowing what it was. I thought it would have already
been installed. I have Vista. Thanks,
Ignore the message "need to install XP antivirus protection"; It'll getyou
on more trouble!
1. Download and execute
CCleaner - Free
Cleans temporary internet files, cookies, history, recent urls, application
MRUs, etc. ...
http://www.filehippo.com/download_ccleaner/
2. Download and execute
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
After the software is updated, it is suggested scanning the system in Safe
Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click
OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System
Configuration utility again and click the General tab then click/check
the radio button 'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222
3. Download and execute
David H. Lipman's MULTI_AV.EXE from the URL:
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
To use this utility, perform the following...
Execute; Multi_AV.exe {Note: You must use the default folder C:\AV-CLS}
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{or Double-click on 'Start Menu' in C:\AV-CLS}
NOTE: You may have to disable your software FireWall or allow WGET.EXE to
go through your FireWall to allow it to download the needed AV vendor
related files.
C:\AV-CLS\StartMenu.BAT -- {or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode.
This way all the components can be downloaded from each AV vendor's web
site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and
Reboot the PC.
You can choose to go to each menu item and just download the needed files
or you can download the files and perform a scan in Normal Mode. Once you
have downloaded the files needed for each scanner you want to use, you
should reboot the PC into Safe Mode [F8 key during boot] and re-run the
menu again and choose which scanner you want to run in Safe Mode. It is
suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm
Once you cleaned you OS consider this:
Remove your existing AV application and replace with:
Avira AntiVir® PersonalEdition Classic - Free
http://www.free-av.com/antivirus/allinonen.html
You may wish to consider removing the 'AntiVir Nagscreen'
http://www.elitekiller.com/files/disable_antivir_nag.htm
(scan regularly)
Windows Defender - Free (build-in in Vista)
http://www.microsoft.com/athome/security/spyware/software/default.mspx
WD monitors the start-registry and hooks registers/files to prevent spyware
and worms to install to the OS.
Interesting reading:
http://www.pcworld.com/article/id,136195/article.html
"...Windows Defender did excel in behavior-based protection, which detects
changes to key areas of the system without having to know anything about
the actual threat."
(scan regularly)
Keep on using SAS - (scan regularly)
Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Hundreds Click on 'Click Here to Get Infected' Ad
http://www.eweek.com/article2/0,1895,2132447,00.asp
Good luck