Aug 30, 2006, 03:33 AM // 03:33
|
#1
|
Burninate Stuff
Join Date: Aug 2005
Location: New Mexico
Profession: E/Mo
|
So, my familys comp has a virus....
Win.32.Trojan.Gamania
That is what norton( ) and AdAware are both finding, before it reboots the comp. Basically, the scan starts, then as soon as it finds thea item, it stays up for like 3 seconds and then restarts. Does the same in safe mode, too.
Any Ideas on how to kill this, or maybe a mini-scan designed fot this virus alone? I assume it is new, or Adaware would have probably figured a way to prevent a reboot.
Thanks for any help
|
|
|
Aug 30, 2006, 04:07 AM // 04:07
|
#2
|
Academy Page
Join Date: Mar 2006
Location: Silicon Forest, Oregon
Guild: United Heroes of Ascalon [UHA]
Profession: W/Me
|
To put it simply. If you have al of your CD-Keys and Windows Cd's still intact, Do a re-install of Windows.
Not the fastest way to do this, but it will get rid of any other malware on that PC and any other bad things that can be eating away at your system.
/2 cents
|
|
|
Aug 30, 2006, 04:23 AM // 04:23
|
#3
|
Frost Gate Guardian
Join Date: Apr 2006
Location: Earth
Profession: Mo/Me
|
Hmm. Start in safe mode with networking. Try using HitmanPro. [Google ftw].
It's a program that downloads, updates and then runs several anti virus / spyware programs.
Does it restart you computer with both programs?
|
|
|
Aug 30, 2006, 05:20 AM // 05:20
|
#4
|
Burninate Stuff
Join Date: Aug 2005
Location: New Mexico
Profession: E/Mo
|
Quote:
Originally Posted by UBS
Hmm. Start in safe mode with networking. Try using HitmanPro. [Google ftw].
It's a program that downloads, updates and then runs several anti virus / spyware programs.
Does it restart you computer with both programs?
|
yup. its restarting with both.
Im having my bro DL spybot....maybe it doesent have a defence againt spybot
|
|
|
Aug 30, 2006, 10:27 AM // 10:27
|
#5
|
Krytan Explorer
Join Date: Mar 2006
Profession: W/N
|
Get rid of norton and use avast, turn off system restore and set avast to do a boot time virus scan setting it to delete any viruses found.
If that dosent work do a full scan in windows setting it to delete whtever it finds.
is your pc rebooting even before you do a virus scan or only when you scan???
if it is fire up a command prompt and enter, shutdown -a
Last edited by mrcake; Aug 30, 2006 at 10:29 AM // 10:29..
|
|
|
Aug 30, 2006, 03:04 PM // 15:04
|
#6
|
Lion's Arch Merchant
Join Date: Aug 2006
Location: Alabama
|
I would not recommend removing your AV software. But there are other things you can do to help.
The AdAware update on 28 August was modified to detect and remove Win.32.Trojan.Gamania. However, it falls into the category of an "Aurora Clone", which makes it almost impossible to remove. It includes both a spambot, a keylogger, and self-replication techniques in addition to auto-updating. The current vector for this file seems to be through P2P software, IRC scripts, and adult/gambling sites.
I agree with Vvon though. You are best off backing up your data and reloading the computer from scratch. That is the only way to get rid of most Trojans of this type. And in the future, run antivirus and antispyware programs regularly. And be careful what kind of web sites you visit, and what kind of programs you install.
P2P, Gambling sites, hacker sites, and adult sites are probably the biggest source of spyware and trojan infections. I can't think of a computer I have seen in the last year that had virus, and did not visit one or more of those areas. Consider it the same as walking down a dark back alley in the shady part of town. Since that is where the bad guys live and work, you are much more likely to get something you did not expect (like a mugging).
|
|
|
Aug 30, 2006, 04:25 PM // 16:25
|
#7
|
Grotto Attendant
Join Date: May 2005
Location: At an Insit.. Intis... a house.
Guild: Live Forever Or Die Trying [GLHF]
Profession: W/Me
|
There's also on-line antivirus scanners. F-secure and Norton both have free versions.
|
|
|
Aug 30, 2006, 04:33 PM // 16:33
|
#8
|
Burninate Stuff
Join Date: Aug 2005
Location: New Mexico
Profession: E/Mo
|
ooooo. that was the info i was looking for, mushroom. Sounds nasty. too bad for them im 1300 miles away
I had forgotten about running scan at startup! Ill have my bro try that.
thanks peeps
|
|
|
Aug 30, 2006, 09:18 PM // 21:18
|
#9
|
Lion's Arch Merchant
Join Date: Aug 2006
Location: Alabama
|
Quote:
Originally Posted by Wrath Of Dragons
ooooo. that was the info i was looking for, mushroom. Sounds nasty. too bad for them im 1300 miles away
|
That has nothing to do with anything. It is your computer they want mostly.
Most Spambots work by having your computer send out either pop-ups to other computers, or by having your computer turn into a robot that send out spam e-mails. In this way, the spammers are able to isolate themselves from the "source" of the e-mails.Several years ago, Pacific Bell cut off access to thousands of people because of their computers sending out spam via virus infections.
Most keyloggers are simply looking for any e-mail addresses you enter. This is the most common way for the spammers to compile lists of new e-mails. But some are more sophisticated, able to recognize credit card numbers, bank acount numbers, and forward those to the creator.
And others still record web sites visited and account names and passwords entered. Both EverCrack and WoW users have been hit by this kind of trojan, allowing hackers to go in and liquidate characters of their possessions, and selling them on E-Bay and other places to another player.
In fact, it is only the fact that GW has no monthly fees and most items are easy to get that has prevented that from happening in our little community. But I imagine that someday somebody will write such a utility. It is just a matter of time.
|
|
|
Thread Tools |
|
Display Modes |
Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT. The time now is 02:09 PM // 14:09.
|