1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt321.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point
* * * Please report your results ! * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
|
|
| Win xp home Audit logs showing login events at 3 AM
|
|
|
| Source security cat privilege event 576 user network service
|
| Login /logoff 3:49 event 528
|
|
|
| Norton firewall also reports activity of a Trojan at the same time.
|
|
|
| Is the log showing clear evidence of a break in ?
|
| I must say I'm puzzled in general over these logs; I know windows is doing
| lots in the
|
| background, is a login/logoff event what it sounds like ? Someone , and not
| a process , logging in and out of the machine ?
|
|
|