HELP me remove these viruses! THIS IS URGENT!

I've been doing virus scans the last couple of days because pop-ups from AVG 6.0 have been popping up telling me I have viruses. Day after day I get this, and after I do the virus scans I tell them to put the viruses in the virus vault and all it does is say it can't be removed. Here are the following viruses that wouldn't delete, and that are still on my computer after I tried to get rid of them:

Worm/Padobot.T
Worm/Padobot.Q
Worm/Padobot.P
Worm/Padobot.V

Also it seems like all of these are in the

C:\WINDOWS\SYSTEM32\CONFIG\systemprofile\Temporary Internet Files\CONTENT.IE5



Please help me get rid of these, I need your help at all costs. Also I have a 56k internet modem, but it has never gone as slow as it does now. This is
getting ridiculous how long it takes things to load now. Even this post a new
thread thing took about 4 minutes to load, normally it takes 10 seconds at the most. It actually took me 4 times to post this topic, I kept on getting the Page Cannot be Displayed bullcrap.One more thing, what is 180 Search Assistant? I keep on getting that in Spyware and I delete it, then a popup comes up saying a third party has deleted it. It asks if I want to re-install it and I always do. Should I re-install or what?

Thanks.

 

Empty that folder and it is clean

 

you shouldn't re-install it. please register with this forum and post your HijackThis log. regarding your virus problem please download and run Free eScan virus removal tool from www.mwti.net

 

Stephan, empty the system32 folder?

My father told me not too, not sure why.

 

No, he meant empty the temp internet files folder.

 

I do that everytime I turn off the internet, it still is slow as hell.

 

Come on, I seriously need help. My father runs his business from this computer, and he is blaming me for the computer moving so slow.

 

Have you tried running a virus scan while in Safe Mode? As well as running Spybot Search and Destroy?

There is a removal tool here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.korgo.removal.tool.html

It is also known as Korgo

Cheers

 

Just a tip - You do not say what operating system you are using. If you are using WinME or XP be sure to disable the System Restore before doing a virus removal. Failure to do so can result in the worm re-installing itself.

You can also run an online Panda AV scan which will remove and repair, the latter if possibler:

http://www.pandasoftware.com/products/activescan/#e3

Another good online tool is TrendMicro AV scan:

http://housecall.antivirus.com/housecall/start_corp.asp

 

HELP! Ive also encountered Worm Padobot.Q!!!

Anybody Please Help!!! I have also encountered worm Padobot.Q, I've been browsing the internet for all possible solutions, however, I couldn't find something that would fix it. The Korgo removal tool doesnt recognized it. The list I found did not show the exact name of Padobot.Q. I've also tried deleting the temporary internet files. FOrtunately, I have deleted thousands of those infected files, but unfortunately, I still have two in this location:
C:\\windows\system32\ULKUGJM.exe
C:\\windows\system32\ZOGAUJS.exe

Can I just delete them, and not affect the whole system of my computer?
I am using Windows XP...
Thanks a lot.

 

Re: HELP! Ive also encountered Worm Padobot.Q!!!

Yes you can delete these 2 files.

Then turn off "System Restore" and try running a scan in "Safe Mode"

Let us know how you go...

Cheers

 

Ok, thank you for that quick reply... I'll try it now...

 

for those who will visit this site hoping to find a solution.
I had Padobot.T infection. AVG found it but couldn't remove it to virus vault. After hours of fighting (even Symantec removal tool didn't find it) i found the perfect solution-run an individual scan with Trojan Remover of the file in which the worm is 'sitting' (find it in AVG report). It will notify you about AVG already recognising it , that the file looks ok and bla, bla. Just make Trojan Remover to delete the file. It will , unwillingly though, do it and ,after rebooting the comp ,make some changes in registries and make the file read-only or smth.I am not that good specialist to tell it more specifically.

 

ah, btw, i dont know if it played any role but i had enabled that 'turn off System restore' function

 

ok i'm sure that you all have covered everything i need to know. after many times of reading and going through these post i have found little bits and peices that i am able to comprehend. my avg scanner found the trojanhorse virus, and through turning off my system restore somehow that got removed so one good thing came of hours of going through these post LOL. but now i am having the same troubles as the previous couple of folks, and i need lamens terms as to how to get rid of these. like a step by step process. how to get into the folders i need to be in to remove these padobot worms and so forth. everytime i run the scan (i am on scan 8 in the last hour or so and have to be at work in T minus 5 hours LOL) it will remove a couple of them, but finds a couple more that it can't or won't remove. anything you can provide me with i would greatly appreciate, and would even take the person or persons who find pitty on this southern dumbelle out for a round of drinks he he. thankyou and goodnight.

 

Another name for Padabot is Korgo and the NAI stinger has the cleaner for them. You can get it here The cleaner at trend micro will clean padabot/Korgo also you can get it here

 

ok i think i just may have found the bottom of the barrell. i found out how to get into the file that they were in. i guess the more tired i am the easier things get for me. anyways i deleted some of them in regular mode and some of them i had to delete in safe mode. and now i guess my only question will be. now that i got rid of them do i face a risk of getting them back. i went on vacation and my housesitter royally screwed things up for me and i've been fighting this darn computer ever since. i just want it to be like it was. are there patches or something for these silly little padobot things, so that i don't ever have to go through this heartache again?
anything you can do for me is greatly appreciated... and mucho cudos for the creaters of this site because without it i'd still be crying in my pillow.

~BLEU

 

You want to make sure you have the following. see screen shot you can get it here if you don't have it. ms update

 

I would suggest taking a look at the following thread to secure your PC:

https://www.wilderssecurity.com/showthread.php?t=43117

Hope this helps...

Cheers

 

i just really wish you guys could see the smile on my face. i fixed something by reading your directions and without being on the phone for hours and hours with computer techs that i can't understand. i guess the only dissapointment in the search for a solution, the answer was not to reformat my harddrive and reinstall windows xp. yes the system clean was good, but now i will have to spend the hours of scanning all of my backup files and making sure they are ok, and re downloading them. but anywho.. i just wanted to post a great big thankyou to all of you computer whizes out there and especially to those of you who took pitty on my poor sanity.
i have one more question. will turning my system restore on make the viruses come back? is system restore considered a bad thing? i'm not turing it on until the "computer gods" (that's you guys LOL) tell me it's ok.
you guys have a wonderful night, as i'm sure i will reinstalling all of my files and scanning them all as well.

almost on 24 hours of a virus free pc,
~ BLEU

 

It is ok to turn on your System Restore after u are absolutely sure your computer is clean. after enabling, reboot your computer. oh, u can also set a clean restore date at this time.

 

THIS WORKED ...

This thread was like an angel from heaven after experiencing exactly the same problems with AVG identifying the padobot.T virus, so I just wanted to add afew things to help others solve this problem as quickly as I di!!

1) Download the windows update that protects your PC from being reinfected whilst you are on the net trying to fix it! Go to: www.microsoft.com/technet/ security/bulletin/MS04-011.mspx

2) Go to download.com and download spyware doctor - it is free to download, although you have to pay US$40 if you want to receive the live updates. But for now just the free download is all you need.

3) Run the full test and quarantine anything it finds (users reviews say that spyware doctor doesn't remove useful items like other spyware, but do just review the list just in case)

4) Run AVG again - this time it found the virus again (cue heart-stopping panic...) - and removed it! End result - viruses found 1, viruses still on the computer 0 - perfect! BUT DON'T STOP HERE!

5) Now go to http://v4.windowsupdate.microsoft.com and download all of the windows updates for your computer. You probably got the virus in the first place because you were running XP without all the latest security patches leaving it vulnerable to attack (I had downloaded all the secuirty updates and then had to reload windows and forgot to do it again ...)

Based on the tips in this thread and following the above process I had this sorted out in no time - GOOD LUCK!

 

Re: THIS WORKED ...

This thread is a godsend. Thank you thank you thank you thank you thank you thank you thank you thank you thank you thank you thank you thank you!

 

Re: THIS WORKED ...

Good to see Jha, do you now have your PC secure with a Firewall, Antivirus, Spyware PREVENTION and Spyware Removal programs as an absolute minimum?

Cheers

 

Hi Justine and jha

Blackspear and the others have helped immensely you to rid yourself of your problems, but you really should do one more thing.

I realise you are happy with AVG, but it is certainly not going to be 100% accurate [just a fact, it does not rate as good as the top end AV's].

My strong advice is to simply do an ONLINE scan occasionally.
Just to double check.

TREND'S HOUSECALL On the right side under More Info, click Scan Now.

SYMANTEC SECURITY CHECK Click on GO.

BITDEFENDER ONLINE VIRUS SCAN Click on the 'I Agree' licence.

PANDA ACTIVE SCAN Click on the animated gif, Panda Active Scan.

Cheers, TAS