Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Worms, Worms, I Got Worms!


  • Please log in to reply
1 reply to this topic

#1 CCp

CCp

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Location:Another place and Time
  • Local time:01:07 PM

Posted 23 October 2005 - 09:14 PM

Hello,
Im CC. And I have a worm and my antivirus doesnt catch it. Its the W32/Agobot.-TB. I noticed in my processes that it runs wdfmgr.exe, alg.exe and wmiprvse.exe so I stop those processes. I ran my antivirus and it said that it didnt find anything. How do I get these and how do i get rid of them? How come Norton doesnt catch them.
By the way I love this site. Thank you so much for it.

:thumbsup:

Oh im running XP and have Norton Internet Security as virus protection.
Thanks in advance for your help.

Edited by CCp, 23 October 2005 - 09:33 PM.


BC AdBot (Login to Remove)

 


m

#2 stidyup

stidyup

  • Members
  • 641 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:07 PM

Posted 24 October 2005 - 02:22 AM

If you think you are infected submit a hijackthis log here.

How to submit a hijackthis log

Download Hijackthis

Try running the following from safe mode (Getting to safe-mode) Sysclean you'll also need the virus template file from here lpt***.zip remember to extract the contents of the zip file into the same folder as Sysclean.com

or

DrWeb CureIT

If your good with the command line also try Sophos Command Line scanner this command will scan all of your hdd's SAV32CLI.EXE -F -di -remove -dn -mbr -all -zip -p=avscanlog.txt and give you a log file to review afterwards.

If you can't get into safe mode download the following - Ultimate Boot CD however you will need to update the definitions on the disk see here how to do that. Alternatively download a archive version of Public AntiVirus again this will need updating but full instructions are here.

If you want a smaller download look here for instructions on how to create your own boot CD.

Also try installing and running A2 Free and Ewido

I'd also run Spybot(Spybot Tutorial) and Adaware

If your using Win2K/XP run adaware/spybot from "safe mode with command prompt"

At the C:\ prompt type the following:-

cd\
C:\progra~1\spybot~1\spybotsd.exe /autocheck /autofix
cd\
C:\progra~1\lavasoft\ad-awa~1\ad-aware.exe

Sophos on recovery

If in doubt post a hijackthis log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users