Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

advpsys


  • Please log in to reply
2 replies to this topic

#1 dbecks

dbecks

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 27 July 2005 - 08:45 PM

Hi,


I just found this site by the all-wise and all-knowing google.com. I was hoping to get an answer to my problem if anyone would happen to know.

Basically, I recently logged on to my gf's computer, and her then antivirus system (i deleted it due it's being a pos) kept on popping up with this error of a "GL" something trojan. I dled zonealarm and deleted some adware she had on her comp. But as I just recently clicked on the connecting to bellsouth link zone alarm asked permission to connect to limewire.com and then advpsys, which i remembered hearing about in one of my former comp. college classes. I googled it, and just about all the searches that popped up stated that it was some type of malicious virus/trojan type of program.

Anyways the O.S. is windows 2000 (yuck) and she has a 28.8k conn (double-yuck)
Also she told me about how her comp just "turns off" randomly, and i did check for stand-by mode. anyways, if anyone could give me a lil' info about what to do, I was thinking about going into the regedit and just doing a lil' search and destroy, but i didnt want to delete anything that was crucial/important to her comp.

Thanks, Dbecks. ...... :thumbsup:

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:07:45 AM

Posted 27 July 2005 - 09:07 PM

Run these online virus scanners:
http://www.pandasoftware.com/activescan/
http://housecall.trendmicro.com/

Also this online Trojan scanner:
TrojanScan

Are you using these basic security programs?
(They're all free.)

aČ free - a complementary product to antivirus software which is specialized in protection against harmful software. Antivirus software often features an inadequate protection against Trojans, Dialers and Spyware. aČ fills this gap.
Ad-Aware - A good program similar to SpyBot S & D.
Spybot S&D - Detects and removes spyware, of different types, from your computer.
SpywareBlaster - A good program that prevents spyware from being installed on your computer in the first place. This program is always running in the background, protecting your computer. It prevents the installation of bad active X controls found in web pages.
SpywareGuard - A nice compliment to SpywareBlaster. This allows you the option to prevent downloads that contain bad active X controls.

If not, you need to. These programs, updated and used regularly, will do a lot to keep your computer clean of spyware, trojans, keyloggers, browser hijackers, etc...

Download them, update them, and then run them.

Important:
Please read this tutorial on Spybot S&D before using it. Spybot can do SERIOUS damage, if not used properly.

If that doesn't help, then:

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HJT forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:08:45 AM

Posted 28 July 2005 - 06:47 AM

I hope you installed a good AV program before deleting the one you referred to as a POS. Running without one entirely is asking for trouble!

Here are two we recommend here although all the major commercial programs will do the job as well. The trick is to keep them updated constantly.

Antivirus programs - freeware (you can only use one resident anti-virus program on your computer. More than one will conflict)

AVG: http://www.grisoft.com/us/us_index.php

Avast Anti-virus freeware
http://www.komando.com/bestshareware.asp

Also, you need to be running a good firewall. The Windows firewall, although better than nothing leaves you unprotected against outgoing malware - phone homes, trojans, etc. It only addresses incoming threats. Here are a couple of freeware programs that do a better job, and of course, there are several paid aps in addition available:
Freeware AntiSpyware and Security Programs

Software firewalls with freeware versions
Zone Alarm SE: http://www.zonealarm.com/
Sygate: http://www.sygate.com/

Anti-malware freeware (You can run as many of these as you wish. Generally there is no conflict between these and you should always run several)

AdAware: http://www.lavasoftusa.com/software/adaware/
Microsoft Antispyware Beta: http://www.microsoft.com/athome/security/s...re/default.mspx
SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
Spybot S&D: http://www.safer-networking.org/en/index.html
Microsoft Malicious Software Removal Tool (Win XP and Win 2000):
http://www.microsoft.com/security/malwareremove/default.mspx

AČ - Free from http://www.majorgeeks.com/download4281.html . Run it, click Search for Updates, then click Scan.


CWShredder from InterMute
CW Shredder removes some variants of spyware known as the Coolwebsearch Trojan. The Trojan takes advantage of a flaw in a key component of Windows -- Microsoft's version of the Java Virtual Machine -- to install itself via popups often found on porn and illegal software (a.k.a. "warez") sites. Run CWShredder after installing, and have it look for updates. Then click the "Fix" button, and the program will both scan and fix any problems it finds. If your system does not have this kind of spyware, it will give you the good news.
Cost: Free
http://www.intermute.com/spysubtract/cwshr...r_download.html

Web based online Antivirus and anti-malware scans: (these can be run regardless of whatever else you are using. You must use Internet Explorer to run these.)

Windows Security Trojanscan
http://www.windowsecurity.com/trojanscan/trojanscan.asp

Panda Activescan (IE only)
http://www.pandasoftware.com/activescan/co...n_principal.htm

Trend Micro antivirus and malware scan:
http://housecall-beta.trendmicro.com/en/st...orp.asp?id=scan

Etrust Anti-virus web scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Kaspersky Anti-Virus Web Scanner
http://www.kaspersky.com/service?chapter=161739400#betatest
online trojan scans here -
http://scan.sygatetech.com/pretrojanscan.html
http://windowsecurity.com/trojanscan

Microsoft Baseline Security Analyzer (MBSA)
MBSA is an easy-to-use tool designed for the IT professional that helps small and medium businesses determine their security state in accordance with Microsoft security recommendations and offers specific remediation guidance. Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems.
http://www.microsoft.com/technet/security/...s/mbsahome.mspx


How to submit a Hijack This log
http://www.bleepingcomputer.com/tutorials/how-to-post-a-hijackthis-log/

http://www.bleepingcomputer.com/forums/How...s_Log-t956.html




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users