Jump to content

Recommended Posts

Posted

Am I the only one who gets extremely frustrated and impatient regarding what seems a never-ending

war against the very petty minded creators of viruses ? When I'm spending time on this issue

I think of all the positive things I could otherwise be doing and in any case I am not that

technically minded regarding computers although these days it seems you have to be whether you

like it or not

I would be enormously grateful for the assistance of someone who has a better technical aptitude

than me regarding this issue :-

I access the Internet using Mozilla Firefox version 2.0.0.5.

I also have AVG 7.5 antivirus software on my computer which updates automatically everyday.

When I carried out a full scan only yesterday it shows in the log " complete test ended - found 0 infected files "

Just before that complete test I had an alert from " Resident Shield " of a " possible threat " ?

When I carried out the complete test again it's still gave me a message saying it had found

0 infected files but when I look at the " Event history log " it shows that as a yesterday I have

a virus and the event description gives the following " address " on my computer :-

C/Documents and Settings/Administrator/Local Settings/Application Data/Mozilla/

Firefox/Profiles/niwi89bd.default/Cache/671B13B8d01

I have tried for ages to search for the location of this file but it just doesn't show up despite

several searches and even looking in the temporary Internet files?

Would anyone have any advice on how I can delve into the computer and remove this virus which doesn't even seem to show up

on the AVG full scan ( which makes it even more confusing for a relatively noncomputer literate person like me ! ) ?

Thanks in advance

Posted

It may have been malicious code on a page which wasn't able to install itself.

Download and install CCleaner; http://www.ccleaner.com/

Close Firefox and any other browsers you are using. Run CCleaner, click on Analyze. Once the analysis is done, press Clean. Let the program do is work. It will only take a few seconds. All done.

Posted

Jiu-Jitsu thank you so much for that assistance !

I hope that that will have done the trick.

Just before the end of the C Clean process I got the same " Resident Shield "

warning again of a virus threat.

The thing that really annoys me is that when you go to the small panels

at the bottom of the Control Centre of AVG you have " Heal " ,

" move to virus vault " and even " info '

When I clicked on " heal " - which is supposed to heal your virus

I just got the message " requested action is not available

for the object. Access to the files has been denied "

The same exactly when I clicked on " move to virus vault "

and when I clicked on " info " I got the message " there is no

further information about this infection "

UNBELIEVABLE !!! Firstly why have virus protection if it only if you

half the story and doesn't give you any suggestions as to how to

find the problem if it cannot solve the problem itself ? Talk about

malicious script ! This is unbelievable why people do this and how

can they embed stuff like this in your computer which your virus

protection software cant even reach ? Anyway I'm hoping C cleaner

would have done the trick !

Thanks again

Posted

One other thing;

1] Have you configured Firefox?

You say you are using FF 2.0.0.5. The latest, as of today, is 2.0.0.8. Also, if you go to "Tools" then "Options" then "Privacy", make sure that "accept cookies from sites" is ticked & "keep until: I close Firefox" is selected.

Make sure "Always clear my private data when I close Firefox" is ticked & check the "settings" adjacent to it & make sure everything is ticked.

Next, go to the "Advanced" tab then select the "Network" tab. Look at the "Cache" setting. Make sure it says, "Use up to 5 MB of space for the cache." 5MB is more than enough for normal web surfing.

This may help reduce some potential & existing problems.

Posted

Reboot and go into safe mode (F5 or F8 as Windows loads). The reason the file cannot be cleaned is because it is running. It won't auto-start in safe mode.

If you must use a free antivirus at least drop AVG and install Antivir, which has a much higher detection rate than AVG.

http://www.free-av.com/

If you want an online scanner that will also clean infections, not just tell you about them:

http://www.eset.com/onlinescan/

Posted

Thanks very much to everyone who has replied with all this advice.

I decided to uninstall AVG and try Kaspersky security suite for one month

which someone recommended to me in any case. After installing it and

initiating a scan, I found a potentially very disturbing " trojan " indeed !!!

My main bank is Citibank Australia which is relevant because gave me just

one message the end of the scan ( other problems have evidently been

deleted earlier )

" Citibank secure verification process. Sun 08 Aug 2004 231 39 27 -0400.msg "

( Trojan program Trojan Spy HTML. Citifraud.ai

To those of you who are experts in these matters would anyone have any idea

what this is about. I don't understand the significance of 2004 - because only

purchased this current laptop eighteen months ago ? Also would anyone

know what the ai. might be after the word Citifraud ?

no wonder people are skeptical about Internet banking ! :o

Posted

That trojan is delivered via fake email to steal banking passwords. Full explanation:

http://www.viruslist.com/en/viruses/encycl...a?virusid=61119

Internet banking is safe if you use adequate security measures such as a good antivirus (AVG isn't but Kaspersky is among the best).

If you are ever in doubt about an email from your bank call them first. My bank has a good policy, they simply don't send you email. So if I get one from them I know for sure it's fake.

Posted
That trojan is delivered via fake email to steal banking passwords. Full explanation:

http://www.viruslist.com/en/viruses/encycl...a?virusid=61119

Internet banking is safe if you use adequate security measures such as a good antivirus (AVG isn't but Kaspersky is among the best).

If you are ever in doubt about an email from your bank call them first. My bank has a good policy, they simply don't send you email. So if I get one from them I know for sure it's fake.

thank you cdnvic but i'm already very aware of these bogus e-mails and would not for one minute

even consider the authenticity of an e-mail sent from Citibank -it would immediately be deleted !

but I can't even remember getting a bogus e-mail so I'm wondering how this Trojan would

have got its way onto my computer in any case. it's a war out there isn't it ?

I spoke to my bank in Australia this morning just in case and after finding that everything

is okay with my account for the time being I don't think I'm going to be using Internet

banking for the time being.

Posted
cdnvic what is your opinion of avast against anti-vir?

thank you

Antivir has a better detection rate, but avast is very configurable with a mail scanner and p2p shield. Avast's detection rates are still decent, but it uses more resources than Antivir so on an older machine it may slow you down a bit.

If maximum detection rate is what you want, Antivir all the way.

If you like something highly configurable that still has decent detection rates, then Avast is your choice.

Posted

Here's a somewhat modified list of actions I took following the advice at the CastleCop site, which you may follow; or go on-line to the first url below and follow the instructions there. I had some bad problems on my XP machine following the use of an infected CD and found the CastleCops site. It is about the best I've come across for explaining and helping out regarding viruses, malware, etc. They have a forum and actually answer questions and an expert section for people with problems the steps below can't fix. Right now I'm only running AVG continuously, and do scans with the others whenever I think about it... I'm not familiar with the Antivir program cdnvic recommends, and will have to check it out. I quit using AVG for a year or so as it didn't seem to do anything but this version seems to be working very well. The main thing to understand is that there is a whole range of malware: viruses, trojans, etc. and you therefore need a similar range of diagnostic and preventive programs. The following are all free programs.

------------

1. Look in the Add / Remove Programs section of your Control Panel.

Remove anything that you are not familiar with - except: LinkOptimizer. If you have this you have a problem. You need to get on line and follow the directions at: http://wiki.castlecops.com/Malware_Removal...Remove_Programs

2. On-Line Scans

I liked the BitDefender site as the on-line scanner loaded without a problem and worked very well, but any of these major sites will do I guess if their scanner will load - my machine won't load the Trend Micro House scanner.

http://www.bitdefender.com/scan8/ie.html

Panda ActiveScan

The Online Panda Scan flags both viruses and spyware, but will only disinfect viruses.

http://www.pandasoftware.com/products/activescan.htm

F-Secure's Online Scanner

The F-Secure Online Scanner Next Generation Beta has incorporated rootkit detection capabilities through its BlackLight engine

http://support.f-secure.com/enu/home/ols.shtml

Pc-Cillin (Trend Micro Housecall)

http://housecall.antivirus.com/housecall/start_pcc.asp

eTrust Antivirus Web Scanner

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

3. Downloads: Use these in the order they are listed...

SmitfraudFix (SmitfraudFix.exe): This didn't find anything on my computer but it seems capable of finding lots of strange malware.

http://siri.urz.free.fr/Fix/SmitfraudFix.exe

CCleaner (ccsetup200.exe):

My son had this on the computer over a year ago but I never looked at it. It seems to be really good. Not only does it get rid of a lot of garbage files but it also cleans up the Registry. One of the main reasons I always advocated using Norton Utilities was its ability to fix a lot of the problems that build up in the Registry files. This program seems at least as good if not better. For information on settings look at CastleCops Malware Removal_ Clean out the Clutter - CastleCopsWiki.htm

http://www.ccleaner.com/downloadbuilds.asp

Ad-Aware (aawsepersonal_06.exe):

Castlecops had the current version Build 1.06.

For information on settings look at CastleCops Malware Removal_ Antispyware Scanners - CastleCopsWiki.htm

http://castlecops.com/downloads-file-451.html

AVG (avg71free_394a763.exe):

Their free software is at a completly different site than their commercial stuff. First time I ran it, it caught a couple items then did another update a day or so later and found another... first time I've ever found a virus with AVG. They recommend re-booting the computer into Safe Mode (hit F8 as the computer boots) after the first update to do the scan as it makes it simpler to find the viruses and mal-ware. For settings info see CastleCops Malware Removal_ Trojan Removal Programs - CastleCopsWiki.htm

http://free.grisoft.com/softw/70free/setup...up-7.5.0.50.exe

SuperAntiSpyware (SUPERAntiSpyware.exe):

This found a couple bad guys on my computer.

For settings info see CastleCops Malware Removal_ Trojan Removal Programs - CastleCopsWiki.htm

http://www.superantispyware.com/

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...