Help I got a virus

Semua Balasan

• 14 Januari 2008 18:48

   

   
  

  0

  I fixed that Virus I removed Shockwave & Flash and now I'm getting BSOD on vista the virus is crashing the OS now because One Care couldn't removed the program/app thats messin with Vista so I removed the trigger APP Shockwave for now.

   

  Now I'm getting BSOD or something crashed and report sent.

   
• 14 Januari 2008 19:04

  Moderator

   

   
  

  0

  Go to the logging tab under change settings and create the log. In the report that opens, check to see where the threat has been detected.

  -steve

   

   
• 14 Januari 2008 23:42

   

   
  

  0

  Stephen Boots wrote:

  Go to the logging tab under change settings and create the log. In the report that opens, check to see where the threat has been detected. -steve

   

  It cleans up the virus every time detected removed/clean up

   

  But after a re complete scan after it does all that I might be browsing around on the web hotmail or any ad banner site with swf and the virus pops up One care removes and clean up a full scan says no potentially harmful items found but a few days later I'll come across a site or swf ad banner and it does it all over again it won't go away.

   

  I'm on my xp home computer it's really old and slow but right now running better than my Vista computer which has been doing a Complete virus/scan for 14hrs but only at 50% It's on my E:\ drive scanning the dreaded vista bakup files the system is slow and hung My friend calls it beating a dead horse to death it's only a 2.66ghz, 1gig of ram and  2 320gig hard drives with one virus that won't go away. The Gateway  has about had it hopefully later this year I'll be able to get a brand new full vista Ultimate system. I'll add more to this later this thing really slow. All this and I'm moving too.

   
• 15 Januari 2008 2:33

  Moderator

   

   
  

  0

  But where is it removing the virus from? It may be that the infection is residing in a file that is activated when Flash loads.

  -steve

   

   
• 15 Januari 2008 8:07

   

   
  

  0

  Stephen Boots wrote:

  But where is it removing the virus from? It may be that the infection is residing in a file that is activated when Flash loads. -steve

   

  Here's the Log

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   

  Windows Live OneCare found potentially harmful or unwanted software on your computer
  Threat Name:	TrojanDownloader:Win32/Gida.A
  Detection Date and Time:	1/14/2008 1:03 AM
  File Name:	C:\Users\Mikro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\BOJ86R5Q\gnida[1].swf
  Threat Severity:	Severe
  Threat Category:	Trojan Downloader
  Virus and spyware monitoring found potentially unwanted software:	(ANTIVIRUS_ONACCESS)
  Threat Status:	Removed

   
• 15 Januari 2008 19:13

  Moderator

   

   
  

  0

  I snipped out most of your log, but noticed that each entry was indeed for that same .swf file.

  I'll suggest you contact support, but I'll leave this thread unanswered until we know more about this.

  -steve

   

   
• 15 Januari 2008 20:55

   

   
  

  0

  Stephen Boots wrote:

  I snipped out most of your log, but noticed that each entry was indeed for that same .swf file. I'll suggest you contact support, but I'll leave this thread unanswered until we know more about this. -steve

   

  Since this detection/removal My computers performance has gone to Hell

   

  I did call support

   

  Ticket virus issue: 1055577493

   

  the virual App Is still on my system I think

   

  One Care currently reports no problems

   

  I very worried this virus is grabbing personal info passwords and what not Windows live keeps asking me to sign in is a clue some one messing with my Windows Live ID.

   
• 15 Januari 2008 21:56

  Moderator

   

   
  

  0

  I would expect that the firewall would block outbound actions by a threat that it keeps detecting and removing, Mikro.

  -steve

   

   
• 15 Januari 2008 22:02

  Moderator

   

   
  

  0

  Found more detail on this threat, Mikro:

   

  http://www.f-secure.com/v-descs/trojan-downloader_swf_gida_a.shtml

   

  -steve

   

   
• 16 Januari 2008 4:31

   

   
  

  0

  Stephen Boots wrote:

  Found more detail on this threat, Mikro:   http://www.f-secure.com/v-descs/trojan-downloader_swf_gida_a.shtml   -steve

   

  Cool thanks but I still can't get rid of it every time I goto a windows live site with ad banners or other website One care swats at it clears it out clean till the next time Info great as long as there's a resolution to get rid of or remove the problem.

   

  Why isn't there something under the One Care site virus search area under this trojan

   

  this thing a royal pain in the ___ and there's no to yo remove it.

   
• 16 Januari 2008 5:38

   

   
  

  0

  There It took a Securty competors removal tool to get rid of the dang thing and the tool showed the exact path of the dang thing vista running as it's happy self.

   

  I like to thank Symantec Trojan Uploader removal tool It fixed the re-acurring mess

   
• 16 Januari 2008 13:52

  Moderator

   

   
  

  0

  Since you have an open support case on this, Mikro, whatever information you can get from the Symantec tool to provide to OneCare support about this infection that OneCare could not completely remove, would be very good.

  -steve

   

   
• 16 Januari 2008 20:38

   

   
  

  0

  Stephen Boots wrote:

  Since you have an open support case on this, Mikro, whatever information you can get from the Symantec tool to provide to OneCare support about this infection that OneCare could not completely remove, would be very good. -steve

   

  I found this site too after looking at the pinned info threads here. 

   

  http://www.microsoft.com/security/portal/Entry.aspx?ThreatId=-2147368057

   
• 22 Januari 2008 9:45

   

   
  

  0

  I actually got this just after i installed Realplayer 11 an updated version that is striaght from the update tool built into it

   
• 25 Maret 2008 20:05

   

   
  

  0

  Hi,

  I am having a problem with a Trojan Downloader too.  Windows Live OneCare removes it but it also keeps coming back.

   

  This is its name: TrojanDwonloader:JS/Renos.cw

   

  I have tried everything I know to try to fix my problem.  I have even put  sites on the restricted site list but they keep coming back and opening new web pages.

   

  I can't play my games on pogo.com without interruptions.  HELP

   

   
• 26 Maret 2008 1:52

  Moderator

   

   
  

  0

  Follow the instructions in this post, http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=662566&SiteID=2, to report a virus that is not cleaned by OneCare and to get help in removal.

   

  If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

  -steve