Tons o' Trojans

My friend, recently clicked a link for something along the lines of a Windows update search toolbar. He clicked the "No" option and right then, my computer froze. When I rebooted, I had AVG Anti Virus tell me I had a couple problems:

These are all the viruses it found:
BackDoor.Ruledor.D
Downloader.Agent.AR
Downloader.Turown.G
Downloader.Turown.J
Downloader.VB.3.AD
Backdoor.VB.11.AM
Downloader.Small.7.Q

(I checked Symantec's virus encyclopedia, and they had no information on any of the above viruses, so I came to the next best source for help)

The first problem upon viewing my desktop, was that I had a search toolbar above my taskbar. Fortunatley, AVG caught the viruses and automatically healed my system. I was able to get rid of the toolbar, but there are still suspicious files floating around my hard drive. Then, I ran Spybot S&D to get rid of any extra spyware it recognized.

The problem? My system takes a really long time to start up now. Are the trojans still there? Is there a way to get rid of them?

P.S. Earlier, I had been having some trouble with AVG randomly picking up the "SecThought.E" virus, but it never gave me that much trouble. Here's the discussion on it:

https://www.wilderssecurity.com/showthread.php?t=30203

If you want me to, I can post a HijackThis log. I already have one posted for the SecThought.E virus here:

https://www.wilderssecurity.com/showthread.php?t=39544

 

Hi,

It often helps to run a full scan in Safe Mode, update TDS-3 and run a scan of C:\ in there and delete anything positively identified - adware, trojans

Your HJT log looks clean, but you can remove these

O2 - BHO: (no name) - {004A5840-FF59-11d2-B50D-0090271D3FD4} - (no file)

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/27eef280a7b382...ip/RdxIE601.cab

You also appear to have 2 resident antivirus scanners, which is very risky. AVG and McAfee ? You should stick to one resident, and the other on-demand

 

Hello Muerte Roja

In addition to Gavin's help you can always get some more info here:

http://www.virusbtn.com/resources/vgrep/

Simply type in the name and click Search [select Any Vendor]

*Note: Symantec often does not have a lot of these as they class them as either Trojans or Malware/Spyware and their claim is Virus detection. Just an observation I have seen in many threads/forums re Symantec's perceived lack of response to these issues of what's considered to be input into their data bases.

I tried one of those names and got the following [see pic]

TAS

 

Thanks for the help. About the two resident virus scanners, I usually exit out of McAffee when my system starts up because it is such a drag on the resources. Should I uninstall it completely?

I just set myself up with Ad Aware, Spyware Blaster, and Zone Alarm. Is there any threat with having all these programs?

 

I am doing this for a friend, but if you need a HJT log, I'm sure I can convince them to download it. Another reason I am only replying is because I seem to have lost my ability to post new threads.

Does anyone know how to defeat the W32.Spybot.Worm?

Thanks for any help.

 

I don't think you'll have a problem with having those programs running together. I have them and all is well.

 

I as well run ZA, adaware and Spyware Blaster together and have never had any problems with them together. I also run Spybot, sometimes too. So you'd always be Safe with these ones!

 

Antivirus programs (not spyware blaster, adaware, tds, others) install filesystem drivers which control file access - which is why you should avoid installing 2 of those. Even when you close the McAfee GUI down, the driver should still be active. It would be better to at least choose "disable" first

You could uninstall it, but what if you want to file scan with it to check a possible false alarm, or to have a backup scanner ? It would be better to disable the driver/service which controls the protection, and remove the startup for the GUI. If you want to, email support and I'll help you work through it

 

Thanks for all the help, I think I will e-mail support.

Oh and by the way never mind about the W32.Spybot.Worm, I killed it.

 

Ummm...call me retarded, but what's the e-mail for help? I tried the "Contact Us" link and haven't gotten a response yet.

 

Try this address: support(at)diamondcs.com.au

Change (at) to @

 

only the good ones get respons.

 

Burn...

 

For responses do use support@diamondcs.com.au
or for submitting trojan samples submit@diamondcs.com.au
There isn't any difficulty in that.