Virus/Dialler problem Iv got some sort of fucking virus/dialler and its proving a c unt to get rid off. Its creating a .exe called svchos1at.exe and changing my dial up username to "nix" then dialling me into some isp but it still shows up as my normal isp.. AVG will remove the virus when the svchos1at.exe exists but then shows as clean.. after a while i then get some program running in memory called "winoldap" this is defo something to do with the virus as it shows up as running about 3 times at once THEN i get disconnected and my machine attempts to dial back up on the sly... if it succeeds then after a reboot i have the svchos1at.exe back on my pc. I have tried all the online virus checks and they show me as clean. I am using WINME and I have got System restored disabled.
ps. is there anyway I can see what this memory resident program is (winoldap) ? can I see where on the C:\ its located and where its coming from?!
sorted this out i think...... there was something in the startup menu called AVsoft that was a avsoft.exe. deleted it and it has happened again so far. This must be a new virus tho as all checkers didnt pick up this exe.
More than likey spyware... Click Start > Run and type MSCONFIG - Click the Start up tab and have a read thru of whats there... owt that sounds dodgy - delete it. but be careful! Also, check the start up folder on the 'Programs Menu'
bastard this is back with a vengance, ad-aware hasnt zapped it either.... there is nothing starting up in msconfig and nothing in the sratup menu..... there is nothing running memory resident then it just runs itself after about 10 mins and trys to dial up
Dodgy will probably be your man, he's "mr. how to fix things without flattening" Try something like : http://www.sysinternals.com/Utilities/RootkitRevealer.html (the link is at the very bottom) just run it - it will show u a list of hidden files - some genuine possibly some not - see if this gives u a clue as to how to clean it. Otherwise it's as per dodgy's help : HijackThis A very useful program, but do not delete anything it shows you unless you are 100% certain of what you are doing. Download it , extract it fully to a folder at the root of your drive (eg C:\Hthis\), run it and save a logfile (don't delete anything!). Copy and paste the full contents of the logfile to your post for help. http://www.majorgeeks.com/download3155.html
Teknofishy: have you tried using all those anti-spyware progs in that sticky, and the new verion of Housecall? That infection has been around for a few weeks, so should be easily cleanable - if you do try them and have no joy, post up a HJ this log, but it may be end of week before I'll get a chance to go thru it
This avg program that your always taking about is fucking class, everyday theres someone on here who uses it and they've got a virus.
i think it may be dead at last... for some reason ad-aware was d/l its update but wasnt installing it. iv updated now and ran it twice and i seem clean *touchs wood* thanks the help tho chaps
It's spyware you fucking moron. You of all people should not be criticising advice given on here... pot/kettle...
Still use the other progs to make sure, if it does come back up the HJThis log and will sort it. Adaware should have got that one though
Many ways - unpatched Internet Explorer being a main cause, or using the wrong security settings in IE and going to dubious sites. Even if you use Firefox it's a good idea to clean out your cache often (see sticky). You can also get it from programs you install, either pre-bundled with the software, or by the installer being tampered with (like a virus). Quite a few trojans nowadays also start downloading other trojans and spyware when active. Read the sticky, as I explained how to prevent most of it in there.
I'm just saying that people are always moaning about virus/adware on there computers, and its you who always tells them how to remove it not the software your recommending, maybe everyone should install a Dodgy on their computer and everything will be sweet.
Thats the worst attempt at a suck up i've ever seen Teknofish - Tried microsoft anti spyware? Worth a shot, it's very good.
it can take a while from when a virus/new spyware exploit is released onto the web to when it's discovered and the various spyware/AV programmes are updated... in that time it can easily get around...
