Trojans by the hundred

[David Kelsey]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going to
try PC Tools and Spybot. Is there any easy way to deal with this problem
for keeps please?

David Kelsey

 

[Don Phillipson]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going to
try PC Tools and Spybot. Is there any easy way to deal with this problem
for keeps please?

"Hundreds" of malware items are dealt with fastest
by wiping (repartitioning) the drive and reinstalling the
OS from scratch. Before doing this you would want
to save high-value data and configurations, but at the
risk they might later infect the OS.

 

[Mark Adams]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going to
try PC Tools and Spybot. Is there any easy way to deal with this problem
for keeps please?

David Kelsey

Yes, take away your son's access to Live Mail and the internet; or learn to
practice safe hex. Remember, security suites and the like are like condoms
for your computer. Sooner or later, they leak.

 

[smlunatick]

My  son has XP SP3 and Live Mail.  He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time.  He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with.  He is going to
try PC Tools and Spybot.  Is there any easy way to deal with this problem
for keeps please?

David Kelsey

Get SuperAntiSpyware Free and MalwareByte Anti-Malware Free. There is
not one software that will detect / remove / block all possible
virus / malware.

There is no "permanent" solution besides running spyware / virus
protection.

 

[Malke]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going
to
try PC Tools and Spybot. Is there any easy way to deal with this problem
for keeps please?

Just to add a bit more detail to Mr. Adams' excellent answer:

1. Back up his data and do a clean install/factory restore of Windows.

http://michaelstevenstech.com/cleanxpinstall.html - Clean Install How-To
http://www.elephantboycomputers.com/page2.html#Reinstalling_Windows - What
you will need on-hand

2. Safe Hex:

http://www.getsafeonline.org/
https://www.mysecurecyberspace.com/
http://www.getnetwise.org/
http://www.claymania.com/safe-hex.html
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://msmvps.com/blogs/harrywaldron/archive/2006/02/05/82584.aspx - MVP
Harry Waldron - The Family PC - How to stay safe on the Internet
http://www.elephantboycomputers.com/staying-safe.pdf

Malke

 

[Pegasus [MVP]]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going to
try PC Tools and Spybot. Is there any easy way to deal with this problem
for keeps please?

David Kelsey

Get SuperAntiSpyware Free and MalwareByte Anti-Malware Free. There is
not one software that will detect / remove / block all possible
virus / malware.

=================

With hundreds of trojans, there is *no* software that will fix the machine.
Format & re-install is the only solution.

 

[M]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds
of trojans, all the same, which appear to cause his processor to run at
100% most of the time. He is now running an AVG scan, which has taken
four hours, but found just nine infections, which it dealt with. He is
going to try PC Tools and Spybot. Is there any easy way to deal with
this problem for keeps please?

David Kelsey

Yep, reformat and reinstall Windows is the only sure way.

M

 

[1PW]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds
of trojans, all the same, which appear to cause his processor to run at
100% most of the time. He is now running an AVG scan, which has taken
four hours, but found just nine infections, which it dealt with. He is
going to try PC Tools and Spybot. Is there any easy way to deal with
this problem for keeps please?

David Kelsey

Hello David:

In addition to what the other posters have told you, PCTools is not a
good choice and if it can be returned for a refund, do so now.

*Immediately* after the flatten & rebuild, install good antimalware.
Many do like AVG although many believe you can do better. I do. I'd
go with Avira AntiVir Personal. Also consider the lifetime upgraded
versions of Malwarebytes' Anti-Malware (MBAM) and SUPERAntiSpyware (SAS).

Please do not be attracted to antimalware suites.

If your son does not use a good NAT router, make /that/ one of your
choices too.

 

[Leythos]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going to
try PC Tools and Spybot. Is there any easy way to deal with this problem
for keeps please?

David Kelsey

download and install/update MBAM:
http://www.malwarebytes.org/mbam.php

Dump AVG and get a quality anti-malware product.

 

[JS]

My son has XP SP3 and Live Mail. He has suddenly discovered hundreds of
trojans, all the same, which appear to cause his processor to run at 100%
most of the time. He is now running an AVG scan, which has taken four
hours, but found just nine infections, which it dealt with. He is going
to try PC Tools and Spybot. Is there any easy way to deal with this
problem for keeps please?

David Kelsey

The best approach for a highly infected PC
is a "Clean Install" as you can never be 100% certain that every last bit of
the infections were removed.

That said if you have the time and want to see just how far you can go in
removing the viruses, malware and bots then read on.

Start by reading the following Virus Removal Info:
Provided by: Malke - MS MVP:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

For me on a friend PC that had more than 60 infections, and he had no
recovery CD and the keycode was lost the above article plus "AVG" and
Norton's NIS 2009.

NIS 2010 Trial Software just released:
http://shop.symantecstore.com/store...=vyAfXgoBAkgAACCz2K4AAAAQ&rests=1252512234289

AVG Free:
http://free.avg.com/

Plus a second pass using Malware Bytes and NIS appeared to have did the
trick.

 

[db]

well, it is unlikely that anyone
could tell that 100's of trojans
were covertly planted on the
computer,

without a software that would
have discovered them and able
to take the necessary action to
disinfect the system.

on the other hand, what if the
hundreds of so called trojans
are not malware,

but simply ordinary files that
are being wrongfully identified
as malware by malware?

there are several scenerios in
addition to the above that should
be carefully considered.

the first step is to ensure the
accuracy of your information.

--
db·´¯`·...¸><)))º>
DatabaseBen, Retired Professional
- Systems Analyst
- Database Developer
- Accountancy
- Veteran of the Armed Forces
- @Hotmail.com

"share the nirvana mann" - dbZen

~~~~~~~~~~~~~~~

 

[PA Bear [MS MVP]]

Backup your personal data, then do a format & clean install of Windows.
Please note that a Repair Install (AKA in-place upgrade) will NOT fix this!

cf. http://michaelstevenstech.com/cleanxpinstall.html#steps

After the clean install, you'll have the equivalent of a "new computer" so
take care of everything on the following page before otherwise connecting
the machine to the internet or a network and before using a USB key that
isn't brand-new or hasn't been freshly formatted:

5 steps to help protect your new computer before you go online
http://www.microsoft.com/protect/computer/advanced/xppc.mspx

HOW TO get a computer running WinXP Gold (no Service Packs) fully patched
(after a clean install)
http://groups.google.com/group/microsoft.public.windowsupdate/msg/3f5afa8ed33e121c

HOW TO get a computer running WinXP SP1(a) or SP2 fully patched (after a
clean install)
http://groups.google.com/group/microsoft.public.windowsxp.general/msg/a066ae41add7dd2b

Also see:

Steps To Help Prevent Spyware
http://www.microsoft.com/protect/computer/spyware/prevent.mspx

Rogue Security Software - Microsoft Security:
http://www.microsoft.com/protect/computer/viruses/rogue.mspx

 

[Anteaus]

Agreed. This sounds like a fake antivirus product has gotten installed. If it
is also nagging you to buy such a 'product' then that is your problem.