tojans took over my computer please help....

[Guest]

While running my daily virus scans , at one point a virus scan finally told
me i had trojans, a little too late...within the next day i lost the ability
to open explorer and also safe mode...i now can get to safe mode but they are
stikk there...is says,
trojan horse dlopper generic fa (?) instn.32.exe,trojan horse
bc5791.zip,trojan horse downloadder ist.bar.9.au (i think)
ysb_toolbar.exe,and last trojan horse downlodderdc5802.zip also a wom so
the popup says..please help send email to (e-mail address removed) or
(e-mail address removed) (not my comp) also I am running: Intel (R) Pentium
(R&D) cpu 3.00 Ghz 3.00,2.00GB of ram

thanks to everyone who responds .... this computer is my life!!! all my
personal and travel agent business is on it thanks again

Oh Yeah....you can call me too 206-246-1069

 

[Thota Umesh]

Hii, most of the worms can be cleaned disable and removed including the ones
u have mentioned. Use the following antivirus solutions to fix it. but if u
still cant fix it run a scan in boot dos mode that will completely
elliminate any residue of viruses. For xp residing on f32 use a boot disk
for ones residing on ntfs use windows boot cd to get into command promt
mode. Now download a dos scanner from free-av.com that utilizes the updated
database for win32 av scanner to do a dos scan this will completely
elliminate if and any virus or worms left on ur system.

http://safety.live.com (online scanner)
www.windowsonecare.com (ms antivirus)
www.freeav.com (avera antivir)
www.microsoft.com/athome/security/spyware/software/default.mspx (windows
defender)

Hope this helps...,
Umesh Thota.
www.windowsworkshop.com

 

[David H. Lipman]

From: "ELLIEXX2001" <[email protected]>

| While running my daily virus scans , at one point a virus scan finally told
| me i had trojans, a little too late...within the next day i lost the ability
| to open explorer and also safe mode...i now can get to safe mode but they are
| stikk there...is says,
| trojan horse dlopper generic fa (?) instn.32.exe,trojan horse
| bc5791.zip,trojan horse downloadder ist.bar.9.au (i think)
| ysb_toolbar.exe,and last trojan horse downlodderdc5802.zip also a wom so
| the popup says..please help send email to (e-mail address removed) or
| (e-mail address removed) (not my comp) also I am running: Intel (R) Pentium
| (R&D) cpu 3.00 Ghz 3.00,2.00GB of ram

| thanks to everyone who responds .... this computer is my life!!! all my
| personal and travel agent business is on it thanks again

| Oh Yeah....you can call me too 206-246-1069
| --
| ELLIE RHOADES


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *

 

[David H. Lipman]

From: "Thota Umesh" <[email protected]>

| Hii, most of the worms can be cleaned disable and removed including the ones
| u have mentioned. Use the following antivirus solutions to fix it. but if u
| still cant fix it run a scan in boot dos mode that will completely
| elliminate any residue of viruses. For xp residing on f32 use a boot disk
| for ones residing on ntfs use windows boot cd to get into command promt
| mode. Now download a dos scanner from free-av.com that utilizes the updated
| database for win32 av scanner to do a dos scan this will completely
| elliminate if and any virus or worms left on ur system.

| http://safety.live.com (online scanner)
| www.windowsonecare.com (ms antivirus)
| www.freeav.com (avera antivir)
| www.microsoft.com/athome/security/spyware/software/default.mspx (windows
| defender)

| Hope this helps...,
| Umesh Thota.
| www.windowsworkshop.com


It really doesn't help. These are Betas...

| http://safety.live.com (online scanner)
| www.windowsonecare.com (ms antivirus)

And have one of the poorest malware catch rates in the anti virus Industry !
Now that Microsoft is on Virus Total, anyone can test a sample and see how poorly
Microsoft's so-called AV solution really is.

Avira AntiVir is good as an AV solution on the PC. However, we don't know what Av
software is already on the person's PC.

BitDefender, McAfee, Kaspersky, Trend Micro, etc.. All have online AV scanners all BLOW
AWAY anything that Microsoft can offer. If you really care to help then suggest a
solution that can have the broadest detection rate.

 

[David H. Lipman]

From: "Thota Umesh" <[email protected]>

| Hii, most of the worms can be cleaned disable and removed including the ones
| u have mentioned. Use the following antivirus solutions to fix it. but if u
| still cant fix it run a scan in boot dos mode that will completely
| elliminate any residue of viruses. For xp residing on f32 use a boot disk
| for ones residing on ntfs use windows boot cd to get into command promt
| mode. Now download a dos scanner from free-av.com that utilizes the updated
| database for win32 av scanner to do a dos scan this will completely
| elliminate if and any virus or worms left on ur system.
|
| http://safety.live.com (online scanner)
| www.windowsonecare.com (ms antivirus)
| www.freeav.com (avera antivir)
| www.microsoft.com/athome/security/spyware/software/default.mspx (windows
| defender)
|
| Hope this helps...,
| Umesh Thota.


Now that I search the News Group, I find that *many* of your posts include the Microsoft
anti virus Beta solutions.

You need to sit down and LEARN what anti malware software works and doesn't work becuase I
can see from your many replies -- you don't.

Care to discuss this ?

 

[Thota Umesh]

Sure! u seem to have a phobia against microsoft products ? i hav tested
windows onecare and found it more effective and its detection range second
to avira (still continue to use it) the reason u see many posts about
onecare is because many use it and trust it to be one of the top antivirus
soultions. the features included the viruslist overall integrity and patch
management and antispyware(windows defender). i think u need to evaluate
onecare once. ow everyone is entitled to their opinion and solutions posted
here are based on their experience and expertise. Forcing your views or
Starting a totally baseless discussion just wudnt help the person in need of
help. think abt it.

Regards,
Umesh

 

[David H. Lipman]

From: "Thota Umesh" <[email protected]>

| Sure! u seem to have a phobia against microsoft products ? i hav tested
| windows onecare and found it more effective and its detection range second
| to avira (still continue to use it) the reason u see many posts about
| onecare is because many use it and trust it to be one of the top antivirus
| soultions. the features included the viruslist overall integrity and patch
| management and antispyware(windows defender). i think u need to evaluate
| onecare once. ow everyone is entitled to their opinion and solutions posted
| here are based on their experience and expertise. Forcing your views or
| Starting a totally baseless discussion just wudnt help the person in need of
| help. think abt it.

| Regards,
| Umesh

I don't know what Zoo samples you have tested Microsoft AV solutions with.. Maybe some OLD
samples. I have tested Microsoft AV solotion using new samples since the Live afety web
site came up. In my last test I had 27 EXE files in a folder. All had previously been
sen to Microsoft's submission email address. Of those 27 files, Microsoft got only 2 and
they were ZLob variants.

Microsoft takes way too long to even put out signatures. In the below I submitted
SVCHOST.EXE to Microsoft in Mid March !

svchost.exe
-------------
AntiVir 6.34.1.27 05.09.2006 TR/PSW.PdPi.CT.1.C
Avast 4.6.695.0 05.08.2006 Win32:LdPinch-S
AVG 386 05.08.2006 PSW.Generic.TQZ
BitDefender 7.2 05.09.2006 Trojan.PWS.PdPinch.CT
CAT-QuickHeal 8.00 05.09.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 05.09.2006 no virus found
DrWeb 4.33 05.09.2006 Trojan.PWS.LDPinch.800
eTrust-InoculateIT 23.72.3 05.09.2006 Win32/SillyDL.5kp!Trojan
eTrust-Vet 12.4.2201 05.09.2006 Win32/LdPinch.BA
Ewido 3.5 05.09.2006 Trojan.PdPinch.ct
Fortinet 2.76.0.0 05.09.2006 W32/LdPinch.FH!pws
F-Prot 3.16c 05.09.2006 destructive program named W32/Trojan.BFP
Ikarus 0.2.65.0 05.09.2006 Trojan-PSW.Win32.PdPinch.CT
Kaspersky 4.0.2.24 05.09.2006 Trojan-PSW.Win32.PdPinch.ct
McAfee 4757 05.08.2006 PWS-LDPinch
Microsoft 1.1372 05.09.2006 no virus found
NOD32v2 1.1527 05.09.2006 no virus found
Norman 5.90.17 05.09.2006 W32/PdPinch.DA
Panda 9.0.0.4 05.09.2006 Adware/Adsmart
Sophos 4.05.0 05.09.2006 Troj/LdPinch-FH
Symantec 8.0 05.09.2006 Infostealer
TheHacker 5.9.7.140 05.08.2006 Trojan/PSW.PdPinch.ct
UNA 1.83 05.06.2006 Trojan.PSW.Win32.PdPinch
VBA32 3.11.0 05.08.2006 Trojan-PSW.Win32.PdPinch.ct

 

[Thota Umesh]

Hii, Unlike ur pets i tested the products on an live envoriment in an unsafe
terminal disabling all protection, system was infected within seconds
atleast 30 differnt worms with in few mins then system crashed this
infection was tested along with other resident variants. i am not saying
onecare or avira give u 100% full protection but it does give u the best
protection available without giving ur system a drag! the worms that were
not detected were not even detected by other solutions either. ps onecare
also detects many symbian viruses too

No more replies from my end as this is not the media for tech debate u can
knock urself out! , as i wud rather prefer to support other than waste time
on a half wit. lol or u can mail me ur quires and have a tech debate

Cheers,
Umesh.

 

[David H. Lipman]

From: "Thota Umesh" <[email protected]>

< snip >

|
| No more replies from my end as this is not the media for tech debate u can
| knock urself out! , as i wud rather prefer to support other than waste time
| on a half wit. lol or u can mail me ur quires and have a tech debate
|
| Cheers,
| Umesh.

Obviously you are incapable of a good discussion -- very sad.

While I may make spelling mistakes, that truly embarrass me, I don't write like a third
grade child such as I shown above !

 

[Thota Umesh]

I have looked up ur posts and seems u just prolong the posts diverting
topics and starting a senseless discusions all over the newsgroups! wasting
everyone's time. this is not a good thing what ever u are tryin to prove
here. pls do not try to break the newsgroups intergrity.