Okay I’m just about at my wits end:mad:, I’ve been having recurring issues with Trojan e-mail links going out to everyone on my MSN contact list and it’s starting to become a serious problem! At first I brushed it off as a harmless thing and simply updated my virus and malware apps, after running a number of scans and removing the bugs I thought I was home free. Sadly this is not the case, even with daily scans of my system I still seem to be sending out malicious e-mail links to people on my contact list:(! Not only that but my all in one antivirus software seems to be coming up with infections on a daily basis. For example I ran a scan on my system and the app came up with a few “low risk level” bugs, then I ran the same scan again and it came up with a whole new batch of infections “what gives”:brick:! Lately I’ve been looking into getting some new software and even going so far as reformatting my drive and doing a complete reinstall of Windows, though I’d rather that be a last ditch effort. Anyways I’ve spent more time and money investigating this issue than actually getting any work done and would really appreciate any and all advice you guys may have.

By the way I almost forgot to mention the software I’m using now:

Current Antivirus: PC tools / Spyware Doctor with Antivirus “so far it blows”
Current Firewall: Comodo Firewall Pro “seems to be doing a good job”

Prior Antivirus: Avast Anitvirus home edition
Prior Firewall: Sygate Personal Firewall

Looking into / Antivirus: AVG Internet security version
Looking into / Firewall: Zone Alarm Firewall

At this point I’ve paid for the software I already have but wouldn’t mind spending more cash for better security and piece of mind.:)

I had a problem with msn sending random .rar files to my contacts that coldnt be opened

I updated from the version I was using to MSNmessenger Live, and changed my Anti virus from the Norton one that came with my pc to the AVG free edition and it has totally stopped since. Hope thats some help

Looking into / Antivirus: AVG Internet security version
Looking into / Firewall: Zone Alarm Firewall
That's the combo I use. Stable as can be and quite reliable. Plus, AVG has a lower memory footprint than many other AV programs. The new v8 feels a little bloated, but it's still very reliable. A couple of other program I'd suggest would be:

- Spybot Search & Destroy. Not really AV, but great for finding snoopy spyware that could be piggybacking on your apps or misusing your data

- Peer Guardian. Even if you don't do any P2P, there are lots of bogus logons and hackers out there. Your PC gets hit more often than you think, even with a traditional firewall. You can get blacklists to cover educational institutions, reported ad bots, trojans, spyware, etc.. The lists update every day. You can even create your own, which is preferable to messing with the Windows HOSTS file itself. PG is an app definitely worth having. Keep it in your tray and forget about it.

There are some other programs that'll block out key loggers too. You might want to look into that.

I'm very paranoid when it comes to security. It might all be overkill if you've lived safely without this stuff though.

A quick word regarding AVG. It's certainly one of the best AV programs I've used. However, on occasion, it has a nasty habit of reporting harmless EXEs as being infected. In that case, it'll lock you out of executing the file. If you know that the file is 100% harmless, just temporarily disable AVG's resident shield. The resident shield is what's responsible for scanning EXEs files in real-time. It's reliable about 99% of the time. For the false positives, just disable it and re-enable when you're done.

Stop going to Russian porn sites!
LOL!

Sorry...Josh made me do it.

lol Russian Porn sites;)
I'd suggest doing a full wipe of your system.
Scanning is all about prevention...once that shit gets in chances are it's lying dormant somewhere, even after it's been found and removed. Just pull the files you absolutely need to a external drive and get wiping. Just spend a day wiping and reinstalling. It's a bit drastic but it'll save you a lot of time in the long run.
2 cents
B

I had a problem with msn sending random .rar files to my contacts that coldnt be opened

I updated from the version I was using to MSNmessenger Live, and changed my Anti virus from the Norton one that came with my pc to the AVG free edition and it has totally stopped since. Hope thats some help

Thanks for the tips Ben, I'm actually using MSN messenger Live but I just realized that I didn't have my AV app scanning my transfered files! I did though have "Windows Live Onecare safety scanner" installed but I'm not sure how good it is compared to having my AV app doing this job.

Looking into / Antivirus: AVG Internet security version
Looking into / Firewall: Zone Alarm Firewall
That's the combo I use. Stable as can be and quite reliable. Plus, AVG has a lower memory footprint than many other AV programs. The new v8 feels a little bloated, but it's still very reliable. A couple of other program I'd suggest would be:

- Spybot Search & Destroy. Not really AV, but great for finding snoopy spyware that could be piggybacking on your apps or misusing your data

- Peer Guardian. Even if you don't do any P2P, there are lots of bogus logons and hackers out there. Your PC gets hit more often than you think, even with a traditional firewall. You can get blacklists to cover educational institutions, reported ad bots, trojans, spyware, etc.. The lists update every day. You can even create your own, which is preferable to messing with the Windows HOSTS file itself. PG is an app definitely worth having. Keep it in your tray and forget about it.

There are some other programs that'll block out key loggers too. You might want to look into that.

I'm very paranoid when it comes to security. It might all be overkill if you've lived safely without this stuff though.

A quick word regarding AVG. It's certainly one of the best AV programs I've used. However, on occasion, it has a nasty habit of reporting harmless EXEs as being infected. In that case, it'll lock you out of executing the file. If you know that the file is 100% harmless, just temporarily disable AVG's resident shield. The resident shield is what's responsible for scanning EXEs files in real-time. It's reliable about 99% of the time. For the false positives, just disable it and re-enable when you're done.

Thanks for the advise and the recommended software cooke, it seems the more people I talk to the more I hear about AVG! Now I'm just wondering how my PC is going to react to running both "Spyware Doctor and AVG", I guess with Spyware Doctor I can turn off the anti virus engine and just go with the on gaurd feature set which includes protection against spyware, adware, Trojan horses, keyloggers, spyware cookies, adbots, spybots, etc. Anyway I've become a paranoid android:s as of late due to this situation, hopefully the following steps will work out.:)

Stop going to Russian porn sites!
LOL!

Sorry...Josh made me do it.


My surfing habits are pretty pedestrian so no porn sites for me:) as I prefer the real thing but I have been duped into some weird sites when looking for reference:s.

lol Russian Porn sites;)
I'd suggest doing a full wipe of your system.
Scanning is all about prevention...once that shit gets in chances are it's lying dormant somewhere, even after it's been found and removed. Just pull the files you absolutely need to a external drive and get wiping. Just spend a day wiping and reinstalling. It's a bit drastic but it'll save you a lot of time in the long run.
2 cents
B


Yeah I 'm still considering this but it'll have to be a last ditch effort, then again I may do it this Sunday when I have some free time, as of right now I need to catch up on some work.

use "panda antivirus", its only a 30 days trail but if the virus is still there after panda scan your computer, nothing can delet him. ^^

Thanks for the advise Styx but I think I'm going to bite the bullet and spend the rest of the day wiping and reinstalling:flag:windows:(. I'm just glad that I invested in the extra two terabyte external drives.:)

IMO, the only reason to even bother with a full on wipe is if the virus made it into the master boot record. If your AV is telling you that the MBR is clean then a total reboot would be overkill. I mean, it'd do the trick, but that's a whole lot of wasted time.

If, for some reason, that AVG can identify the virus, but can't delete it. Symantec online has a database of virii, along with the associated manual removal tools.

BTW, it could be that the virus is hiding out in your system restore. AV programs seem to overlook that since it's protected space. That would explain why it's so tough to remove. You might to disable system restore, along with your Windows swap file, before doing any anti-virus. I know that it's a pain wiping out your restore points, but if the virus is bad then there's not much choice.

Glad to see you are wiping it.
In the time AND money you've spent failing at trying to wipe this crap off your drive it could've been wiped and reinstalled. I've tried in past and watched roommates do the same...waste countless hours researching virus/spyware and other crap trying to find the solution. In the end, it always wound up with a full wipe and reinstall.
I know it sounds like a lot of work, but spending hours and even days on a mystery bug just wouldn't be worth it to me when I have contracts with deadlines.
B

Here's the other side of the coin.

Spend more time now. Find out the how & why. Do this and you won't have to wipe & reinstall every time it happens.

In the short term, yeah, you'll spend time tracking down the issue. In the long term, you won't have to. You'll automatically know how to deal with it. Wiping & reinstalling is a brute force tactic. It's cures the disease without ever diagnosing. Not too efficient of a solution, imho.

Here's the other side of the coin.

Not too efficient of a solution, imho.

Tell me about it, it's been in the back of my mind, here I am asking myself "why should I have to take this route in the instance it happens again". Anyway I just downloaded Spybot Search & Destroy and bought AVG, I'll run a scan before reinstalling to see what they come up with and compare that to the history of my other AV scanner. Hopefully I can track down the culprit and look for some sort of hot fix. This day is a total wash :o for me so I guess I can spend the time and play virus/trojan detective.:cool:

Hey Marcus,

Unfortunatly I think wiping your system is the only sure fire way to get rid of that shit. It doesn't do much good to install the Antivirus after the infection has already occured. Who knows where those files get put and how many copies or replications are made. I agree with Modeling Man, it's all about prevention, but once your infected it's all over.

Nuking the whole Drive and starting over is the only way to be sure, and just like someone else said it is much less time consuming to do a fresh install then to research for hours on a possible fix that may only mask the problem for a while, and then have it reappear later on. Plus it's a good Idea to wipe your drive every once in a while any way.

Some other advice for keeping your system clean...Put as few programs as you can on your system, watch where you go on the web, and don't open any weird e-mails even if they are from people you know, and make sure any programs you download are from a reliable source. Sorry if that sounds obvious but you'd be suprised at how many people don't even use these basic tips. Thats my thoughts on it, hope that helps some.

Here's the other side of the coin.

Spend more time now. Find out the how & why. Do this and you won't have to wipe & reinstall every time it happens.

In the short term, yeah, you'll spend time tracking down the issue. In the long term, you won't have to. You'll automatically know how to deal with it. Wiping & reinstalling is a brute force tactic. It's cures the disease without ever diagnosing. Not too efficient of a solution, imho.

I'm not advising to not use anti-virus, and the minute your machine acts weird to not research and just wipe it.

I'm saying if you have spybot, Virusfinder4000, or whatever super awesome 1337 security and THEN the shit hits the fan AND you're looking at either 1 week of trying to track down the problem buying more software and then going on forums asking for help. Meanwhile, the virus is continuing to send out emails to friends (hell i got one from Marcus about 2 weeks ago) possibly even clients. The problem isn't just affecting you it's now affecting other computers and that could possibly piss off a lot of people/companies.

In the past, I've done the scan stuff found the problem and eliminated it but what I've found is that every time the virus was different. It would exploit some new chink in my computer's armor. Rarely the fix was the same way you did it before as the people that write this shit are constantly trying to find new tactics. If you are being safe, updating your virus scan stuff all the time this type of thing only happens once in a blue moon. So i figure the time spent researching a virus that chances are will be totally reconfigured in 6 months anyways isn't worth the time. I'll usually give it 1 day, if I can't find the problem/answer, chances are it's beyond my expertise and just better to nuke it before it gets out of hand. Maybe if I was still in college I'd go spend weeks tracking down the problem, but when I have less than 4 hours every night to work/play games/see my wife. It's just better spent eradicating the problem and then rebuilding the fort. I usually do a clean wipe every 1-2 years just to keep my computer fresh and clean.

So far it's worked pretty well for me.
All this talk has got me wanting to do a virus scan right now.
B

Do you get any report whatsoever about the virus? If so, you could search solution from the Cookepuss' suggestion, or from F-Secure virusdatabasem they also have solution to how to get rid of certain viruses which are 'hard to go'.

Other thing, alot of people seem to have MSN virus todays.. Spreads like wildfire. Your friends could link you whatever your infected system spams them with and then you could search solution from google with the keywords provided :)

As for system wipe. I had some VERY assy virus on my comp which resulted in one 'unnamed' virusprotection software to delete some files from windows folder = no more working windows. (This also was the end of my domwar3 :p). I formatted my comp, and reinstalled clean. But still got the virus, guess it was way up higher. I got some strange soft from somewhere, I don't remember, and I sure as heck wouldn't have tried it with proper good install of windows and such... But it fixed it.. after few reinstalls :D

Babbling.

///

As for modeling_man's post above me. One VERY good thing to do is burn all your computers 'patches' to CD/DVD, such as SP2 or 3 for XP, your video card drivers, directX, keyboardmousewhatnot, motherboard, soundcard, everything. It doesn't matter if their versions get old and such, the most important thing is to have them ready. Else the wipe and reinstall is complete pain. Especially when some 'parts' of your computer gets old and it gets harder and harder to find proper drivers.

Sort of backwards wisdom. Cause I still don't have my comps base drivers burned up on CD :D

A full wipe is the only sure way to eliminate all viruses. However, I agree that it can be overkill. I think you have the right start with AVG. AVG is an awesome program and you should be very happy with it. I have been using it for several years now and have never had an issue.

If you do go for the full wipe, just be careful when you back things up. There is a rather new, rather pesky, virus out there that prays on jump drives and external storage. Every time you plug/unplug external storage, the virus copies itself all over the place putting up a million pop ups at the same time. This little bugger crippled my schools network overnight.

I guess that warning should go for everyone. Don't go sticking your external drive into just any random computer. You could catch an STD (server transmitted disease.):lucky:

One other thing to consider would be changing your e-mail passwords. (If you have not already) It is possible that someone could have cracked your account. Not too hard to do if know what you are looking for.

I know I replied to this over at PC but I thought of a cool program everyone should try, if they are interested in it ofcourse.

There's a pretty cool and over protective progam called A-Squared (http://www.emsisoft.com/en/software/free/) that I used to use. It's pretty good at catching weird looking mischievous files you can do a trial run on your system and see what files it catches as malicious and you decided what is the best course of action for those files.

I also like learning about preventative infection to virus's and how to get rid of them it's useful when your friends have problems you go over and say let me handle this and boom you do a few clicks and they give you money, ;) who knew! Just kidding about the money part but you get the idea, females give friendly bj's lmao...(no offense females of the board, probably a bad joke.. Hence small text).

Here is all you need.

AVG Free - Download (http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10320142.html?part=dl-AVGAntiVir&subj=dl&tag=button)
Spybot - Download (http://fileforum.betanews.com/detail/Spybot_Search_and_Destroy/1043809773/1)

when you run your scanns, make sure your computer is unplugged from the internet. Also, I would try scanning first, in safe mode.

So far from what I use I have a pretty clean computer here is what I use, although I wouldn't suggest doing this if your prone to going to risky site...

Norton Anti-virus and system works
Zone Alarm (It's great for scans since it can lock your internet, I use the free version though)
Zone Alarm Router (its actually hardware but it blocks a lot of stuff going in the router, the only problems I really have are wifi connections for my DS and Wii)
Firefox+ semi-high security settings and max IM security
Opera has also been a somewhat dependable browser since there aren't as many viruses built to transfer through it although im not sure about website compatability and actual security with it)

however I have a friend using F-Secure and he says it's a very good program.

I don't exactly trust norton but it has a few other helpful tools. But Zone Alarm and F-Secure seem to be very dependable programs.

Also viruses seem to spread quicker when your signed into admin rather than a profile with less access I beleive depending on what type of virus your dealing with.

I would also check what processes are happening on your computer too. Many times a virus will look like a basic OP process, but I would be weary when a very small process is taking an unnatural amount of memory.

Hey folks I’m back up and running and I’d like to thank everyone for they’re input, it’s been a big help:D! When it came to my system I not only formatted my C: drive but the other two internal drives as well, better to be safe than sorry. Of course before doing so I ran multiple scans on all of the files that I moved to my external drives. While it’s not 100% bulletproof everything seemed on the up and up which gave me a bit of peace of mind especially since I scanned them with two separate programs. Seeing as how I would have to go through all of this anyway I took the opportunity to upgrade my OS to Windows 64bit, this was something that I’ve been planning but never got around to. Now that I upgraded my OS I’ll be able to jump from the 4 gigs I have now to the 8 gigs I wanted, I guess all it took was a nasty little virus to get things in motion,:inocent:. Anyways I’ve learned some valuable lessons and hopefully I wouldn’t have go through this ordeal again, cheers!

Security Apps running:

AVG
Comodo Firewall
Peer Gaurdian

good to hear. How long did it all take? I'm think of doing the same thing, but don't want to spend too much time sitting around waiting.

Good to hear you got rid of that virus :)

Did u upgrade to xp 64 or vista 64? Some apps don't work at all in vista 64 like faogen, meshlab, polycruncher (friend told me this one didn't work, but I've haven't tried it) crytech export plugins, etc.. etc.. I'm guessing it may be the same for xp 64. I keep an old xp machine around just in case I need to use something that doesn't work in vista64. Other than that its cool and nice to not be limited to only 3gb ram. :D

good to hear. How long did it all take? I'm think of doing the same thing, but don't want to spend too much time sitting around waiting.

Truth be told it took about a day and a half, I had a ton of files to sort through "1 500 gig, 2 300 gig internal drives and 2 external terabyte drives" and upgrading to the newer OS caused a bit of headache as well. The real time sucker was the scanning and swapping of files, I was a bit paranoid so I went through everything with a fine tooth comb.:)

Good to hear you got rid of that virus :)

Did u upgrade to xp 64 or vista 64? Some apps don't work at all in vista 64 like faogen, meshlab, polycruncher (friend told me this one didn't work, but I've haven't tried it) crytech export plugins, etc.. etc.. I'm guessing it may be the same for xp 64. I keep an old xp machine around just in case I need to use something that doesn't work in vista64. Other than that its cool and nice to not be limited to only 3gb ram. :D

I went with Windows Xp64:), the last thing I needed at this point was more headaches so I played it safe. So far everything works like a charm and I corrected the few driver issues that came up.:thumb:

Stop going to Russian porn sites!
LOL!

Sorry...Josh made me do it.

chinese is good:lol:

AVG users:

Is it just me or is the new v8 so much slower than v7.5? Even I disable the painfully slow browser integration, it brings my GMail to a crawl. Such a shame that Grisoft is discontinuing 7.5 database updates in weeks. I'd stay with 7.5 otherwise.

Well this is my first experience with AVG but so far the speed in which I browse is tolaroble. One thing I noticed is that AVG seems to prefer IE over Firefox which sucks since I mostly use Firefox, although my firewall may have something to do with that as well.

I did notice that. I don't think that the firewall has anything to do with it. I've been using it with both Firefox and ZoneAlarm for several years. Never had a problem. Previous versions of AVG never cared about my browser or firewall. All of a sudden, v8 comes along and starts acting like a temperamental prat. I had to roll back to v7.5 just to be able to browse decently in Firefox.

I only just upgraded to v8 a couple of days back. Had I known that it was going to be so bloated I probably wouldn't have recommended it.

Kind of a moot point anyway. My new workstation comes in on Tuesday and I'll have to switch over to Avast! since AVG doesn't currently support 64-bit.

EDIT>>>> Nevermind on that 64-bit thing. I just noticed that v8 is now Vista x64 compatible.

I havent read everything closely so sorry if its been said, Reformatt you HDD and in future buy 2nd HDD, keep all downloads/updates/software/patches/ everyhting on the 2n'd harddrive,

Us your primary harddrive for all programs and exe's that means when you get a Virus that AVG doesnt fix you just Format and install all your patchs updates drivers etc off your 2nd drive, takes about a day and I tend to do it once every 4-6 months, I've never used a firewall or always on virus protection, just occassionally run AVG and Ad-aware and Spybot, and then see what the damage is before reformatting or sorting it out.

the new AVG is super slow. I think you need a dual quad core to run it. At least that's what it felt like to me.

The free version of AVG gets the job done and is so much faster.

The free version of AVG gets the job done and is so much faster.
Yeah, but even the free version has been updated to v8. Grisoft will stop supporting AVG Free 7.5 as of May 31st.

The weird thing is that they're touting this new version as actually being faster. Guess the marketing guys must use the extra special version. ;)

I bet the marketing guys use apple computers. That's why you can't trust marketing guys.