virusmagnet 0 Posted January 4, 2005 hi all. i need help. my pc( os: windows ME) was infected by a unknown trojan ( my antivirus/anti trojan software was not able to detect it) it disables the regedit and puts in a nooptionsfolder and no customized webview in the registry. In the past, i'm usually able to delete viruses because they take on a the hidden file - folder.htt and replicates in the folders. this time, a security window pops up everytime i open any folder, telling me that the web content has been changed and would i allow it to be initialized by scripts. everytime i access the folder options and click on 'show hidden files or folders' the security message would appear and the page would be refreshed. then the option would return to "hide hidden files and folders." I tried getting the system information through windows systems tools and i keep getting a "that is not allowed due to restrictions in this computer" the trojan also deleted the contents of the dosstart.bat it may also have deleted or added things to the registry but aside from those mentioned above, i am not aware of it. i don't know what else it does aside from messing my registry everytime i open a folder. i hope someone may be able to help me. Thank you -vm Share this post Link to post
ScinteX 0 Posted January 4, 2005 hi, Sounds like spyware to me- there are subtle differences between spyware, trojans, worms and viruses.... But anyway who cares about that lol lets just try to fix it. Download Ad-aware from here: http://www.lavasoftusa.com/support/download/ And then Spybot from here: http://www.safer-networking.org/en/download/index.htmlom And then CWS Shredder from here: http://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/CWShredder.shtml Run them all (with Internet Explorer closed) and clean away. Ad-aware is pretty good at restoring various settings to thier former glory. Give it a whirl and you should be fine. Share this post Link to post
virusmagnet 0 Posted January 7, 2005 thank you. i have spybot, hijackthis, and spyblaster and only hijackthis was able to undo the 'disable registry' bit. thanks Share this post Link to post
pbuckne 0 Posted January 23, 2005 You may want to follow that up with another scan with a program like aluria, you can download it from www.download.com I would also get another antivirus. Try uninstalling the one you have and downloading the one from www.free-av.com. Once you turn all the configuration options up, like heuristic scanning set all the way up, if finds almost anything virii and even some spyware. I use it to cover my rear when working on a clients machine. You never know what small piece of spyware might remain just waiting to do it all over again. You can also download a program called enableregedit.vbs, which almost always works to re-enable the registry. You never can be too helpful. Share this post Link to post
