Please help with malware

Discussion in 'Computer Security' started by Starman, Oct 7, 2005.

  1. Starman

    Starman Guest

    My computer has been infected with "Downloader.Generic. CYH". Neither my
    anti-virus or anti-spyware software can delete or heal this trojan. Please
    suggest how to proceed.
     
    Starman, Oct 7, 2005
    #1
    1. Advertisements

  2. Starman

    Jim Byrd Guest

    Hi Starman - You don't say which anti-spyware program you used, so . . .
    Start here, from my Blog, Defending Your Machine, addy in my Signature
    below. It that doesn't fix it, then do the rest of the things I've
    identified there. When you're clean, be sure that you implement the
    preventative measures at the end.



    #########IMPORTANT#########

    Show hidden files and run all of the following removal tools from Safe mode
    or a "Clean Boot" when possible, logged on as an Administrator. BEFORE
    running these tools, be sure to clear all Temp files and your Temporary
    Internet Files (TIF) (including offline content.) Reboot and test if the
    malware is fixed after using each tool.

    HOW TO Enable Hidden Files
    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2002092715262339

    Clean Boot - General Win2k/XP procedure, but see below for links for other
    OS's (This for Win2k w/msconfig - you can obtain msconfig for Win2k here:
    http://www.3feetunder.com/files/win2K_msconfig_setup.exe ):

    1. StartRun enter msconfig.

    2. On the General tab, click Selective Startup, and then clear the 'Process
    System.ini File', 'Process Win.ini File', and 'Load Startup Items' check
    boxes. Leave the 'boot.ini' boxes however they are currently set.

    3. In the Services tab, check the "Hide All Microsoft Services" checkbox,
    and then click the "Disable All" button. If you use a third party firewall
    then re-check (enable) it. For example, if you use Zone Alarm, re-check the
    True Vector Internet Monitor service (and you may also want to re-check
    (enable) the zlclient on the Startup tab.) Equivalent services exist for
    other third party firewalls. An alternative to this for XP users is to
    enable at this time the XP native firewall (Internet Connection Firewall -
    ICF). Be sure to turn it back off when you re-enable your non-MS services
    and Startup tab programs and restore your normal msconfig configuration
    after cleaning your machine.

    4. Click OK and then reboot.

    For additional information about how to clean boot your operating system,
    click the following article links to view the articles in the Microsoft
    Knowledge Base:

    310353 How to Perform a Clean Boot in Windows XP
    http://support.microsoft.com/kb/310353
    281770 How to Perform Clean-Boot Troubleshooting for Windows 2000
    http://support.microsoft.com/kb/281770/EN-US/
    267288 How to Perform a Clean Boot in Windows Millennium Edition
    http://support.microsoft.com/kb/267288/EN-US/
    192926 How to Perform Clean-Boot Troubleshooting for Windows 98
    http://support.microsoft.com/kb/192926/EN-US/
    243039 How to Perform a Clean Boot in Windows 95
    http://support.microsoft.com/kb/243039/EN-US/
    #########IMPORTANT#########


    Download and run the free or trial version of A2 Personal, here:
    http://www.emsisoft.com/en/software/free/ UPDATE, then run from a Clean Boot
    or Safe Mode with Show Hidden Files enabled as above
     
    Jim Byrd, Oct 7, 2005
    #2
    1. Advertisements

  3. Starman

    Starman Guest

    I used AVG anti-virus and Spyware Doctor.


     
    Starman, Oct 7, 2005
    #3
  4. Starman

    teh Mephisto Guest

    AVG is ringing a bell as something you don't want to use.... but I might
    be thinking of Anti-Virus Gold (if not the same thing)

    Try using Ad-Aware, and Spybot S&D (http://www.google.com)

    http://housecall.trendmicro.com/ to double check your Anti-Virus,
    provided it hasn't blackholed it, in which case try http://66.35.253.32
     
    teh Mephisto, Oct 7, 2005
    #4
  5. Starman

    Jim Watt Guest

    Visit www.microsoft.com and run windows update, it will install
    their anti-spyware solution
     
    Jim Watt, Oct 7, 2005
    #5
  6. AVG is fine. It's Kaspersky that has the current advisory (fixed, pending
    release)

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
     
    Hairy One Kenobi, Oct 7, 2005
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.