Try the first answer. It could be a false positive caused by a large cluttered Browser Cache. Also delete the Temp. Files and History.



If it continues to say you are infected then do this:



Trojan Removal Procedure.



Removing infections from your computer is never as easy as aquiring them. Malware infections are not meant to be removed so it takes TIME and PATIENCE to get rid of them. If you do not have T & P then you can always do a Reformat.



Malware is a general word for all form of Viruses, Spyware etc. This procedure works for all Malware. Replace the Ewido program with the appropriate program.



You might be unable to access the Internet after removing the Malware so you will need to run LSPfix or Winsockxpfix (as appropriate). Download one and save to desktop, run it later.



LSPfix: all Windows OS except 95.



http://www.cexx.org/lspfix.htm



Winsock XP Fix: Windows XP only.



http://www.spychecker.com/program/winsoc...







Download and Update Ewido (now called the AVG Antispyware):



http://www.ewido.net/en/download/...





-- If you have problems updating see here:



http://www.ewido.net/en/download/updates...



Once the updates are installed do the following:







Let's get cleaning



Part 1



• Temporarily show hidden files.



For Windows XP:



1.

Click Start, and then click Control Panel.



2.

Click Appearance and Themes, and then click Folder Options.



3.

On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.







For older systems:



1.

Double-click My Computer, click View, and then click Folder Options.



2.

On the View tab, under "Hidden files and folders", click "Show hidden files and folders", and clear (uncheck) the "Hide protected operating system files" check box.





IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.





Empty your Internet Explorer cache and your other temporary file folders:



1.

On the Internet Explorer Tools menu, click Internet Options.



2.

On the General tab, in the Temporary Internet Files section, click the Delete Files button. This will delete all the files that are currently stored in your cache.



3.

Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK.



4.

Click OK again.



Restart in Safe Mode:



To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."



Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.







Start Scan and let Ewido scan the PC





When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode.



If you are unable to access the Internet after removing Malware you will need to run LSPfix or Winsockxpfix (as appropriate).





If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem, removing the need to run Winsockxpfix. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the dialogue box that appears. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.





The last steps



If you are running Windows XP or Windows ME, and your computer has been successfully cleaned of Malware, there is one more thing that needs to be done.



Delete any old restore points and then create a new restore one. The old ones may, of course, be infected with the Malware and cannot be used.



First, start and then stop the Restore Service. This is done differently depending on what operating system you are running.



Windows XP:



1.

Click Start, and then click Control Panel.



2.

Click Performance and Maintenance, click System, and then click on the System Restore tab.



3.

Select the Turn Off System Restore check box, click Apply, then restart your computer.



4.

Return to the System Restore Tab and turn System Restore back on.





Windows ME:



1.

Click Start, click Control Panel, click System.



2.

Click Performance, click File System, and then click Troubleshooting.



3.

Enable the option Disable System Restore, click Apply then restart your computer.



4.

Return to the Troubleshooting tab and turn System Restore back on.





To set a manual restore point complete the following steps:



1.

Click the Start button.



2.

Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.



3.

Choose Create a restore point, and then click Next.



4.

In the Restore point description box, type a name for your restore point, and then click Next.



5.

Click OK.





There are Trojans that fall into the Smitfraud family. These require the use of a specialized program for removal. Here are two sites that specialize in removing these:



http://www.internetinspiration.co.uk/rog...



http://siri.urz.free.fr/fix/smitfraudfix...

2

scan your whole computer (D and C drives) in safe mode with norton. when you start you computer, hit F8 every second until you get to a menu. Select Safe Mode and then hit Yes when it asks you if you want to resume in safe mode or do a system restore (system restore will not remove a trojan). Once in safe mode, run Norton and scan EVERYTHING. also know that your text and icons may be really BIG, so don't be alarmed. It's safe mode.



If that doesn't work, download Trend Micro SysClean from Trend Micro's site that will only run in safe mode. I say to try that next because norton may not run in safe mode, but you can't remove this trojan in normal mode though. If you still have problems, let me know through e-mail and I'll assist you even more.



Just to let you know, I'm an I.T. college student techinician at my university.

trojans tend to be extremely difficult to remove

try system restoring to date that you believe that your comp was still clean of that trojan

it might work (removed all my trojans tht way) if not

otherwise the last case scenario would mean reformatting your comp dont do this unless youve given up hope and is willing to lose everything on your harddrive to making your comp brand new again

.Oddball is the best answer.

I think the computer virus is stronger than the anti-virus software. So I will opt reformat the computer instead. Remember to backup the file if it is necessary.



I am interested if the virus is made by the some anti-virus company.

Try some of these:



Spyware, Adware, Trojans, Malware, Dialers, Popups:

http://www.download.com/Ad-Aware-SE-Personal-Edition/3003-8022_4-10399602.html?tag=tab_rev

http://www.ewido.net/en/download/

http://www.javacoolsoftware.com/spywareblaster.html

http://www.download.com/Bazooka-Adware-and-Spyware-Scanner/3000-8022-10247782.html

http://www.javacoolsoftware.com/sgdownload.html

http://www.safer-networking.org/

http://www.download.com/HijackThis/3000-8022_4-10379544.html

http://www.emsisoft.com/en/software/download/

Online Scanners:

http://www.webroot.com/consumer/products/spysweeper/freescan.html?

http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

http://www.pandasoftware.com/products/activescan.htm

http://www.bitdefender.com/scan8/ie.html

http://www.windowsecurity.com/trojanscan/

http://www.kaspersky.com/virusscanner

http://www.spywareguide.com/onlinescan.php

http://housecall65.trendmicro.com/

Spyware, Adware, Trojans, Malware, Dialers, Popups Lists:

http://www.softpedia.com/catList/104

http://www.download.com/Adware-Spyware-Removal/3150-8022_4-0.html?tag=dir

http://www.majorgeeks.com/downloads31.html

http://www.filehippo.com/software/antispyware/setarea

http://www.soft32.com/s/Windows/Security/AntiSpyware/3-9-0-0.html

Antivirus:

http://www.grisoft.com/

http://www.avast.com/

http://www.free-av.com/

Antivirus Lists:

http://www.softpedia.com/catList/1

http://www.download.com/Antivirus/3150-2239_4-0.html?tag=dir

http://www.majorgeeks.com/downloads29.html

http://www.filehippo.com/software/antivirus/

http://www.soft32.com/s/Windows/Security/Antivirus/3-1-0-0.html

Firewall:

http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp?dc=12bms&ctry=US&lang=en&lid=staticcomp_za

Firewall Lists:

http://www.softpedia.com/catList/97

http://www.download.com/Firewalls/3150-10435_4-0.html?tag=dir

http://www.majorgeeks.com/downloads34.html

http://www.filehippo.com/software/firewalls/

http://www.soft32.com/s/Windows/Security/Firewalls/3-5-0-0.html

IP Blocker:

http://prdownloads.sourceforge.net/peerguardian/pg2-050918-nt.exe?download

Browser:

http://www.mozilla.com/firefox/

Email, News, RSS:

http://www.mozilla.com/thunderbird/

System Cleaner:

http://www.ccleaner.com/

System Cleaning List:

http://www.softpedia.com/catList/98

http://www.majorgeeks.com/downloads12.html

http://www.filehippo.com/software/cleaning/

System Info:

http://www.softpedia.com/catList/92

http://www.majorgeeks.com/downloads9.html

http://www.soft32.com/s/Windows/System_Utilities/System_Tools/3-50-0-0.html

ok...this is what i think.....if it is in the recovery partiton...that drive is locked.....so u will not be able to get into it to remove....i did find out something though...if u download winrar...u can open winrar...go to d drive..select explore....winrar will then show u everything that is in the locked drive...u can then go in and delete it......i would download either ewido antispyware......or superantispyware...and run a full system scan with each...remove what ever they find

Stop having sex with your hard drive.

doesnt the anti-virus quaratine it for u?

delete cookies