cancel
Showing results for 
Search instead for 
Did you mean: 

virus problems

juliasdream
Grafter
Posts: 260
Registered: 09-06-2007

virus problems

I'm trying to sort out a computer for someone as it was riddled with viruses
Even though it had Norton Internet security 2007 that didn't managed to stop them
Since The subscription was due for renewal I removed Norton at his request and installed AVG 7.5 free. It immediately came up with viruses which were either "healed" or moved to the "virus vault".
I then ran the AVG scan and it picked up a load more. Again, some were healed and others sent to the vault.
I also ran spybot which detected tons of malware and spyware, all of which were dealt with
Now the computer appears to be running fine except that when I connect it up to my router the light for the port I used flickers constantly. This is worrying
Is there a way to see what it is doing?
Also I am wondering wether all or some of the items in the vault can be removed.
I'd be grateful for any advice
They are the following:
        Trojan horse BackDoor.Generic9.EFP C:\WINDOWS\system32\drivers\ip6fw.sys ip6fw.sys 28.38 KB
        Virus found BackDoor.Ntrootkit C:\WINDOWS\TEMP\122890.exe                       122890.exe 25 KB
Virus found BackDoor.Ntrootkit C:\WINDOWS\TEMP\165812.exe 165812.exe 25 KB
Trojan horse Downloader.Zlob.SRE C:\WINDOWS\bgvijmdu.dll bgvijmdu.dll 96 KB
Virus found BackDoor.Ntrootkit C:\WINDOWS\TEMP\388906.exe 388906.exe 25 KB
Virus found BackDoor.Ntrootkit C:\WINDOWS\TEMP\409484.exe 409484.exe 25 KB
Trojan horse Downloader.Zlob.SRE C:\Documents and Settings\All Users\Application Data\lczipepg.dll lczipepg.dll 96 KB
Trojan horse Downloader.Zlob.RD C:\WINDOWS\PeMon\pemon.dll pemon.dll 158 KB
Trojan horse SHeur.ABSM C:\WINDOWS\PerfInfo\kjlHLSpcjn.exe kjlHLSpcjn.exe 3.51 MB
Virus found BackDoor.Ntrootkit C:\WINDOWS\TEMP\122828.exe 122828.exe 25 KB
Virus found BackDoor.Ntrootkit C:\WINDOWS\TEMP\4272656.exe 4272656.exe 25 KB
6 REPLIES
Community Veteran
Posts: 26,438
Thanks: 686
Fixes: 8
Registered: 10-04-2007

Re: virus problems

You could put ZoneAlarm on - as each process tries to connect to the internet an alert will pop up asking if you want to allow this action. That will tell you if there is anything untoward trying to call out.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£13/month)
Mobile: iD mobile (£4/month)
Community Veteran
Posts: 1,571
Thanks: 3
Registered: 13-04-2007

Re: virus problems

tcip view from
http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx
will show all the connections and its FREE.
As you have so many virus I wouldn't connect it to your router if you other pc's on at the same time as the first port of call for virus would be the local network.
With so many virus I would format the hard drive and start again as there is no sure way of knowing you got them all and what damage they have done.
Its takes longer to mess about than to re install.
leon
Newbie
Posts: 8
Registered: 10-02-2008

Re: virus problems

Do a Format,its much quicker than messing about.
pierre_pierre
Grafter
Posts: 19,757
Registered: 30-07-2007

Re: virus problems

dont forget its a rootkit virus, Have you tried to remove it from Dos, as a windows program wont work.  also, you probably need a specific root kit killer.  try http://www.trojan-zlob-removal.com.removal-instructions.com/removetrojan.zlob.html
pierre_pierre
Grafter
Posts: 19,757
Registered: 30-07-2007

Re: virus problems

pierre_pierre
Grafter
Posts: 19,757
Registered: 30-07-2007

Re: virus problems

Quote from: leon
Do a Format,its much quicker than messing about.

Just looked back at the other posts, somebody took a very long time to do a format, the previous post was on 14th December