OK. It's probably going to require you to disable System Restore before you can completely remove the virii. When your computer creates a restore point in System Restore, the trojan gets captured, too. So, it lives in there, hiding, and just comes back. So, they usually want you to disable SR, do the removal, and then re-enable SR. It's not very hard to do, but I don't want to steer you into unfamiliar territory.
ipwins.exe IS spyware, good call. Have you checked the AVG website? I've never used it but I've heard it's a great tool. Sometimes you can plug the trojan name in there to get removal instructions.
These are Symantec's instructions for any Trojan removal (a good place to start):
# Disable System Restore (Windows Me/XP). # Update the virus definitions. # Restart the computer in Safe mode # Run a full system scan and delete all the files detected as Downloader # Delete the values that were added to the registry. # Restore the security level of Microsoft Internet Explorer
This is the full article with instructions on how to do each step. It says "Downloader.Harnig", but the instructions are the same, just use the virus names that were detected on your computer instead and do a search for those.
Thanks for going to all that effort. I read the detailed removal instructions and am not confident enough to try it... I don't even understand half of it!
I've just been running *yet another* virus scan and Ad-Aware scan, and this time the scanner let me put the second trojan in the vault. I'd like to think I'm okay now (once I can find and plug the hole, anyway) except that I'm also now at 35 Running Processes and 1578 Process Modules.
Have I mentioned that I just spent 10 minutes bawling?
Do you know if once viruses are in quarantine, if the computer is then safe from them? I mean, once they're in the vault/in quarantine I don't have to do anything else, do I?
I hate computers. And my chest. And sometimes the need to breathe.
I'm sorry you're feeling awful physically at the same time you're having computer virus problems. I know it sucks. :(
I've put a lot of virii and trojans in quarantine and it seems to do the trick most of the time. On the positive side, the trojans you have don't seem to be the variety that cause your computer to restart every five minutes (I had that one and oh was THAT fun).
Do you have a respiratory infection? All this stress is probably making it even harder for you to breathe. I feel so badly for you... I wish I could just come over and fix the darn computer for you and you could just sit and drink soup out of a mug.
Process Modules aren't too much of a thing... they're the individual files utilized by each Process (more or less, that's the easiest way to think of it). There are a lot of .dll files and similar associated with every process and you can imagine how many of those are associated with Windows alone. You've done well to get it down, though.
I started using a program called The Ultimate Troubleshooter. It did cost money, but it shows me each and every thing running on my computer and gives me a detailed explanation as to whether's it necessary or not and why (and it's easy to understand) and it gives me options and directions to stop it or remove the files. It's helped a LOT. Just something to consider in the future if you like. :)
the trojans you have don't seem to be the variety that cause your computer to restart every five minutes (I had that one and oh was THAT fun).
Heh. I had that one too, back on my old computer. I remember trying desperately to use that five minute window to find the cure, and then once I had that, trying to actually do the repair IN the five minute window. Um yeah. I ended up taking it to the shop. (If I knew anything about those safe modes and system restores and all that jazz, I'm sure that wouldn't have been an issue. *sigh*)
Do you have a respiratory infection?
They've been trying to figure out what's wrong for about 2 years. First it was bad, then it got much better, now it is bad again. It's scary and I hate it. But I will have some nice soup in the morning and just pretend that you brought it to me. :)
Thanks for the info on Process Modules. 1500+ just sounds like such a LOT. And I will keep the Troubleshooter in mind.
ipwins.exe IS spyware, good call. Have you checked the AVG website? I've never used it but I've heard it's a great tool. Sometimes you can plug the trojan name in there to get removal instructions.
These are Symantec's instructions for any Trojan removal (a good place to start):
# Disable System Restore (Windows Me/XP).
# Update the virus definitions.
# Restart the computer in Safe mode
# Run a full system scan and delete all the files detected as Downloader
# Delete the values that were added to the registry.
# Restore the security level of Microsoft Internet Explorer
This is the full article with instructions on how to do each step. It says "Downloader.Harnig", but the instructions are the same, just use the virus names that were detected on your computer instead and do a search for those.
I hope it helps some.
Reply
I've just been running *yet another* virus scan and Ad-Aware scan, and this time the scanner let me put the second trojan in the vault. I'd like to think I'm okay now (once I can find and plug the hole, anyway) except that I'm also now at 35 Running Processes and 1578 Process Modules.
Have I mentioned that I just spent 10 minutes bawling?
Do you know if once viruses are in quarantine, if the computer is then safe from them? I mean, once they're in the vault/in quarantine I don't have to do anything else, do I?
I hate computers. And my chest. And sometimes the need to breathe.
(Thanks for putting up with me. You're the best.)
Reply
I've put a lot of virii and trojans in quarantine and it seems to do the trick most of the time. On the positive side, the trojans you have don't seem to be the variety that cause your computer to restart every five minutes (I had that one and oh was THAT fun).
Do you have a respiratory infection? All this stress is probably making it even harder for you to breathe. I feel so badly for you... I wish I could just come over and fix the darn computer for you and you could just sit and drink soup out of a mug.
Process Modules aren't too much of a thing... they're the individual files utilized by each Process (more or less, that's the easiest way to think of it). There are a lot of .dll files and similar associated with every process and you can imagine how many of those are associated with Windows alone. You've done well to get it down, though.
I started using a program called The Ultimate Troubleshooter. It did cost money, but it shows me each and every thing running on my computer and gives me a detailed explanation as to whether's it necessary or not and why (and it's easy to understand) and it gives me options and directions to stop it or remove the files. It's helped a LOT. Just something to consider in the future if you like. :)
Reply
Heh. I had that one too, back on my old computer. I remember trying desperately to use that five minute window to find the cure, and then once I had that, trying to actually do the repair IN the five minute window. Um yeah. I ended up taking it to the shop. (If I knew anything about those safe modes and system restores and all that jazz, I'm sure that wouldn't have been an issue. *sigh*)
Do you have a respiratory infection?
They've been trying to figure out what's wrong for about 2 years. First it was bad, then it got much better, now it is bad again. It's scary and I hate it. But I will have some nice soup in the morning and just pretend that you brought it to me. :)
Thanks for the info on Process Modules. 1500+ just sounds like such a LOT. And I will keep the Troubleshooter in mind.
Thanks again for all your help. You're awesome.
Off to bed now.
Reply
Leave a comment