Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Trojan Horses & Computer Help
self

Posted on 12/23/2007 5:13:12 AM PST by hsmomx3

I am not sure what has happened but I always have my AVG Anti-Virus running and it used to be in the task bar.

Yesterday, something strange happened.

When I noticed it was not there, and after the kids were finished on the computer, I restarted it and got this message:

C\WindowsSystem32\vtsqr.exe

Windows cannot access the specified device, path or file. You may not have the appropriate permission to access the item.

I got into my AVG program and ran it and some 44 Trojan Horse Dropper, generic THT items were found in many programs such as Acrobat Reader, in my AVG program, etc.

After the AVG was run, I ran the check disk option and it fixed many corrupt files.

I am able to start my computer but my AVG program is no longer in the task bar. I can access the internet as well but I am not sure if this problem will affect my ability to install software in the near future such as tax software, etc.

And there are times when I am on the internet and when I get out of it, all of my icons and the task bar are not on the desktop and I have to restart the computer.

I do not know how to get the Windows System 32 (as listed above) to load.

I am running Windows XP, SP1. My computer is about seven years old.


TOPICS: Computers/Internet
KEYWORDS: malware; spyware; trojanhorses; windowsxp

1 posted on 12/23/2007 5:13:13 AM PST by hsmomx3
[ Post Reply | Private Reply | View Replies]

To: hsmomx3
I can suggest this forum, SpywareInfo . They'll help you.

Here's a link to help you get started.

SpywareInfo Forum FAQ

It may take several steps, it may not be an instant fix.

2 posted on 12/23/2007 5:20:35 AM PST by csvset
[ Post Reply | Private Reply | To 1 | View Replies]

To: csvset

Thanks.

Forgot to add that I do have the Adaware program on my computer as well.


3 posted on 12/23/2007 5:23:14 AM PST by hsmomx3
[ Post Reply | Private Reply | To 2 | View Replies]

To: hsmomx3
Navigate All Programs --> Accessories --> System Tools --> System Restore --> Restore my computer to an earlier time. Hopefully you have been taking restores once a week.

I also recommend downloading freeware Spybot - Search and Destroy and running it.

4 posted on 12/23/2007 5:53:19 AM PST by hflynn ( Soros would not make any sense even if he spelled his name backwards)
[ Post Reply | Private Reply | To 3 | View Replies]

To: hsmomx3

I had a Trojan Installer which was turning off my Norton Auto Protect. I downloaded it myself in a game patch and should have known better so I had no one to blame but me.

Point is, I could not get rid of it and had to restore the Ghost copy of my hard drive.

That was the bad news. The good news is that there is nothing like a nice, clean, re-formated system. Fast and clean again. I have been Ghosting every week since and I think I am going to re-format the system every 6 months from now on!

Anyway, when you get rid of it I would get Ad-Aware, Spybot, and SpySweeper in addition to your anti-virus program.


5 posted on 12/23/2007 6:06:33 AM PST by NucSubs (Rudy Giuliani 2008! Our liberal democrat is better than theirs!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3

http://www.kaspersky.com/downloads

This saved my laptop.


6 posted on 12/23/2007 6:55:44 AM PST by COUNTrecount
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3; rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

7 posted on 12/23/2007 7:32:29 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3

I got a trojan with AVG and bought Norton’s, use my computer for work and can’t afford to go down. They gave us 3 choices.
i had used avast for several years before that with NO problems.


8 posted on 12/23/2007 7:37:14 AM PST by libbylu (I am voting for the prettiest.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3
I use AVG religiously, but it will not provide complete protection by itself.

There are just too many entry points of infection in most Windows systems.

1. Running AVG is a very good thing. Keep it scanning at least once a week, if not every day.

2. Add Spybot 1.5 to the system. While it takes a bit to start up, that is normal. Accept the updates, allow it to install immunize the system and then run the Search.

I get Spybot here:

http://www.majorgeeks.com/downloads31.html

3. If needed there are Java protections and Spyware blockers. I normally use only the above two programs and beg my customers to update and scan. Sometimes they do it themselves, sometimes I do it for them and send them a bill.

You will find more professional help on this forum than anywhere else, especially for nonprofessionals. FR is incredibly kind to their fellow FReepers.

Except for opuses and flame wars.

And the secret Viking Kitty Special Services. Which, as we know, doesn't exist.

9 posted on 12/23/2007 8:20:50 AM PST by texas booster (Join FreeRepublic's Folding@Home team (Team # 36120) Cure Alzheimer's!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3

Also, run the Windows Updates regularly.

And buy your kids a Mac Mini.


10 posted on 12/23/2007 8:21:45 AM PST by texas booster (Join FreeRepublic's Folding@Home team (Team # 36120) Cure Alzheimer's!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: NucSubs
GHOST is GREAT! I use a floppy generated from Ghost 2002 that I got with Norton System Works Pro. It takes about 12 minutes to save my complete C-Drive onto another partition. Quite a few times I have had to revert back to a previous Ghost Image. Also with my current 2003 Ghost Explorer, I can copy any file(s) from previous Ghost Image files and don't have to restore the whole thing to merely get a file.

Good Hunting... from Varmint Al

11 posted on 12/23/2007 8:30:43 AM PST by Varmint Al
[ Post Reply | Private Reply | To 5 | View Replies]

To: hsmomx3

Hi,
one question, are you running Win XP Home or XP Pro?

Run Spybot and Adaware as mentioned above.

CCleaner..run this before malware scans, also has a registry cleaner
http://www.snapfiles.com/reviews/CCleaner/ccleaner.html

second, d/l this:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
run it.
Save the output logs and write down their location.
You can then go to http://forums.spywareinfo.com/ and ask for help also.

third, if you have someone around who knows a bit about this, use this:
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Do not go removing stuff unless you are sure you know what you are doing with this program.

Some more suggestions:
[1] http://research.pandasecurity.com/archive/New-Panda-Anti_2D00_Rootkit-_2D00_-Version-1.07.aspx Freeware, Windows 2K, XP.353KB
[2] http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx Freeware, All Windows, 231KB
[3] http://www.sysinternals.com/Forum/default.asp


12 posted on 12/23/2007 9:38:50 AM PST by JerseyHighlander
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3

This is good also, will scan your computer for you.
http://housecall.trendmicro.com/

A friend brought his laptop to my house that was almost unusable. We ran Trend Micro Housecall and got rid of several malware but 1 wouldn’t budge.

Kaspersky got rid of it, and my friend now runs Kaspersky.

I run Trend Micro on my PCs and am happy with it.
My 2 month old Mac Book Pro is naked and during the next year plan to go all Mac.


13 posted on 12/23/2007 9:56:03 AM PST by Vinnie (You're Nobody 'Til Somebody Jihads You)
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3
I got into my AVG program and ran it and some 44 Trojan Horse Dropper, generic THT items were found in many programs such as Acrobat Reader, in my AVG program, etc.

It's doubful any single program will find & cure everything on your system.

I suggenst giving "Dr. Web CureIT" a try (below). It does not require installation. Simply download to a folder on your HD, & run the executable.

A-squared free (below) is a dedicated anti-trojan.

After that, you may want to download, update & scan with SUPERAntiSpyware.

If/when you get your system clean, you may want to consider a multi-layered defense.

I.E. I recommend Spywareblaster. Because of the way it works (placing "killbits" in the registry, etc.), once its' protection is in place, it uses no system resources.

Sybot - Search & Destroy has an "immunize" feature, which works in a similar manner. You may also want to consider using Spybot S&Ds' resident "TeaTimer". Note: There are a few bugs in the latest version of Spybot S&D (1.5). For now, I suggest getting Spybot S&D 1.4 from www.oldversion.com

Obviously, if you're using MSIE, stop. Firefox, Seamonkey and Opera are all safer.

And here's my list of security applications, that won't take a bite out of your wallet. Good luck, and Merry Christmas.

PC security-related links.   All software listed is freeware or open source.

Last Update: 08/16/2007  List maintained by holymoly.
Anti-Virus:

avast! Home Edition  Thumbs up
Windows 95/98/ME, 2000/XP

AVG Anti-Virus
Windows 98/ME, 2000/XP

BitDefender Free Edition
Windows 98/ME, 2000/XP
On-demand anti-virus program.

ClamWin
Windows 98/ME, 2000/XP
On-demand virus scanner. Detects, doesn't clean.

Dr. Web CureIT!
Windows 95 OSR2/98/ME, 2000/XP
On-demand, anti-malware (anti-virus/spyware). Detects and cleans. No installation required.

McAfee Stinger
On-demand anti-virus/trojan. No installation required. Fits on a 3.5" floppy.
Alternatives to MSIE, Outlook & Outlook Express:

Mozilla.org  Thumbs up
Firefox browser, Thunderbird E-mail client, Mozilla Suite.

Opera  Thumbs up
Supports tabbed browsing, etc. Easier on resources than Firefox, Mozilla/Seamonkey.

Off By One
The world's smallest and fastest web browser. No installation required.

Popcorn E-Mail
Small, no-frills e-mail client.

Seamonkey
The successor to the Mozilla Suite.  Web-browser, e-mail/usenet client, IRC client, HTML editing, all in one application.

Xnews
Usenet client.
Anti-Adware/Spyware/Trojan:

a-squared Free
Windows 98/ME, 2000/XP, 2003 Server & Vista
On-demand anti-trojan/rootkit, etc.

Comodo BOClean
Windows for Workgroups 3.11 , 95/98/ME, NT4 SP2+, 2000/XP & Vista.
Full/real-time protection against trojans, rootkits, etc.

SpywareBlaster  Thumbs up
Windows 95/98/ME, 2000/XP
Prevent the installation of spyware and other potentially unwanted software!

SpywareGuard
Windows 98/ME, 2000/XP
Full/real-time protection against spyware/malware.

Spybot - Search and Destroy  Thumbs up
Windows 98/ME, 2000/XP
Offers both on-demand scanning and full/real-time protection.

SUPERAntiSpyware  Thumbs up
Windows 98/ME, 2000/XP
Remove spyware, adware, trojans, keyloggers, home page hijackers and other malware threats.
Firewall:

How to Install a Firewall

Kerio Personal Firewall 2.1.5
Windows 98/ME, 2000/XP
(Last freeware version)

Tiny Personal Firewall 2.0.15A
Windows 95/98/ME, 2000/XP

Tiny Personal Firewall 2.0.9  Thumbs up
Windows 98/ME, 2000/XP
(Last freeware version)

ZoneAlarm Free Download

Zonealarm at Oldversion.com
For those who need a version compatible with Windows 9x/ME
Miscellaneous:

CCleaner
Windows 95/98/ME, NT4/2000/XP/2003/Vista
A freeware system optimization and privacy tool. Over 65 million downloads!

Dr. Web anti-virus link checker  Thumbs up
OS Independent
This plugin/extension allows you to check any file you are about to download, or any web page, with Dr. Web anti-virus. Firefox users may download the extension at Addons.Mozilla.Org

MVPS HOSTS File  Thumbs up
Windows: All
Block known malicious websites & servers.

Ping Plotter
Windows: All
Internet diagnostic tool.

Proxomitron  Thumbs up
Windows 95/98/ME, 2000/XP
A free, highly flexible, user-configurable, small, but very powerful, local HTTP web-filtering proxy.

WinPatrol
A security monitor.  WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission.
New and/or Untested:

Lavasoft Ad-Aware 2007 Free
Windows 2000/XP/Vista
(On-demand?) Anti-adware/spyware.

Microsoft Windows Defender
Windows XP SP2 or later.
Anti-spyware.

Spyware Terminator
Scanner (On-demand): Windows 98/ME, 2000/XP/Vista
Real-Time Protection: Windows 2000/XP/Vista

TC-Spy
Windows 98/ME, NT/2000/XP/Vista
On-demand anti-adware/spyware.
Zeroday Emergency Response Team (ZERT)

"The nonprofit Zeroday Emergency Response Team is offering VML security patches for out-of-support Windows OS versions.

The volunteer group, which is made up of well-respected security professionals, has released updates for Windows 98, Windows 98 SE, Windows ME, Windows 2000 and Windows 2000 SP3."

Above quote from:
ZERT Patches Out-of-Support Windows OS


14 posted on 12/23/2007 10:56:12 AM PST by holymoly (Molon labe.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: hsmomx3
I am able to start my computer but my AVG program is no longer in the task bar.

The icon you speak of....is this usually in the System tray (near the clock) on the lower right? Or is it the icon that you use to laucnh the program from the Quick Launch bar on the left (near the Start button)?

If it is usually in the System tray, this is only the AVG Control Center. The process that runs while the Control Center icon shows up is called "avgcc.exe". It is not necessary for this to be running in order for the PC to be protected. That is the responsibility of another process called "agvamsvr.exe".

You should go into the Task Manager (right click on the task bar) and see if either one is listed under the Processes tab.
If avgcc is there but you have no icon in the SysTray, then AVG may be hosed and should be uninstalled and reinstalled.
If avgcc is not running, go to Start>>Programs>>>AVGFree and start the Control Center. You might also check to see if it is the Startup group or is set to run at startup by checking with 'msconfig'.

15 posted on 12/23/2007 11:42:07 AM PST by Bloody Sam Roberts (Res firma mitescere nescit)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Varmint Al
It is great. I STILL don't understand how it works, but man it does.

Turns a 12-24 hr job into a couple of hours tops.

16 posted on 12/23/2007 12:36:21 PM PST by NucSubs (Rudy Giuliani 2008! Our liberal democrat is better than theirs!)
[ Post Reply | Private Reply | To 11 | View Replies]

To: hsmomx3
download Spybot
17 posted on 12/23/2007 5:11:08 PM PST by tutstar (Baptist Ping list - freepmail me to get on or off.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tutstar

In addition to all this I would recommend downloading SP2.


18 posted on 12/23/2007 5:15:11 PM PST by UsnDadof8 (Navy Chief Navy Pride)
[ Post Reply | Private Reply | To 17 | View Replies]

To: hsmomx3

bookmarked


19 posted on 12/23/2007 5:35:08 PM PST by chaosagent (Remember, no matter how you slice it, forbidden fruit still tastes the sweetest!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: chaosagent; All

Thanks soooo much for the links, etc.

In addition to the AVG program, Adaware which I already have, I also ran the “Dr. Web CureIT” and that picked up on the one thing AVG could not heal and it was the trojan in that windows path!!

I am back in business but I have been running a quick scan each time the kids get off as I found another one in their ITunes program.


20 posted on 12/23/2007 8:08:36 PM PST by hsmomx3
[ Post Reply | Private Reply | To 19 | View Replies]

To: Vinnie; hsmomx3

Run Trend Micro Internet Security or F-Prot, and you won’t have these problems.

Also, supervise the kids.


21 posted on 12/23/2007 11:57:15 PM PST by Jeff Chandler ("Liberals want to save the world for the children they aren't having." -Mark Steyn)
[ Post Reply | Private Reply | To 13 | View Replies]

To: UsnDadof8
In addition to all this I would recommend downloading SP2.

Yes, keep everything updated.

22 posted on 12/23/2007 11:58:20 PM PST by Jeff Chandler ("Liberals want to save the world for the children they aren't having." -Mark Steyn)
[ Post Reply | Private Reply | To 18 | View Replies]

To: hsmomx3; holymoly
It is very common that virus writers will create a package with a feature to stymie Norton, McAfee or AVG. There has never been a perfect scanner and probably won’t be.

Using a layered defense is the only way to protect your system. Keep this thread handy and the next time the kids come home from college, have friends over etc., you will have a workable plan to clean it all off.

Glad that you are back in business!

And keep holymoly’s links close at hand. I have added several of his findings to my jump drive and they eventually bring success.

Merry Christmas to both of you!

23 posted on 12/24/2007 5:50:54 AM PST by texas booster (Join FreeRepublic's Folding@Home team (Team # 36120) Cure Alzheimer's!)
[ Post Reply | Private Reply | To 20 | View Replies]

To: holymoly
MERRY CHRISTMAS

thanks for the links

24 posted on 12/24/2007 7:20:53 AM PST by righthand man (WE'RE SOUTHERN AND PROUD OF IT)
[ Post Reply | Private Reply | To 14 | View Replies]

To: texas booster
Glad that you are back in business!

That is good news.

However, since she had 44(?) trojans on her system, I don't think I'd stop scanning with Dr. Web CureIT.

When she gets the time, it might not be a bad idea for her to download & run Hijackthis. Then, post the log to the Spywarewarrior.com forum.

One of the experts there will review the log, and tell her if her system is actually clean. If not, they will give here detailed, step-by-step instructions on what to do.


25 posted on 12/24/2007 8:08:44 AM PST by holymoly (Molon labe.)
[ Post Reply | Private Reply | To 23 | View Replies]

To: righthand man
MERRY CHRISTMAS

thanks for the links

You're welcome. Good to know you & others find it useful.


26 posted on 12/24/2007 8:10:55 AM PST by holymoly (Molon labe.)
[ Post Reply | Private Reply | To 24 | View Replies]

To: holymoly; hsmomx3

I’m slipping up. Post #25 was also meant for hsmomx3.


27 posted on 12/24/2007 8:15:12 AM PST by holymoly (Molon labe.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: hsmomx3

I am experiencing the same problem you are, and it just started on Dec. 22.

If I do a google-search on “Dropper.Generic.THT”, four items are returned. In all four cases, the anti-virus software being used is AVG. I think the odds of that are extremely low, much too low to be a coincidence. Maybe I am barking up the wrong tree, but I’m very suspicious.

I wonder if AVG itself has been hacked. Did your problems begin happening soon after an AVG update? I believe mine were.


28 posted on 12/24/2007 3:47:13 PM PST by tomlew
[ Post Reply | Private Reply | To 27 | View Replies]

To: tomlew

Yes, it did happen the exact same day as yours!! I always keep our system clean and of course, I am always blaming my kids-lol!!

I used the cureit to which a link in one of the above posts is provided. It was very simple to use but I continue to find 1-4 Trojans everyday which AVG has been picking up but I noticed this trojan also got into the AVG program and infected it.

I am not that computer savvy, just know how to roam the internet safely and do my word processing stuff offline.


29 posted on 12/25/2007 12:40:08 PM PST by hsmomx3
[ Post Reply | Private Reply | To 28 | View Replies]

To: Jeff Chandler

That is one thing I did not do based on all of the people who have had major problems with their Dell computers. Mine is about 7 years old. I think I would feel more comfortable is someone with expertise were here when/if the installation of that were to occur.


30 posted on 12/25/2007 12:42:13 PM PST by hsmomx3
[ Post Reply | Private Reply | To 22 | View Replies]

To: hsmomx3

It’s important to set up Windows automatic updates, and automatic updates on your virus protection program. Watch what you download and email attachments, stay off of porn sites, and supervise young people using the computer.


31 posted on 12/25/2007 8:38:59 PM PST by Jeff Chandler ("Liberals want to save the world for the children they aren't having." -Mark Steyn)
[ Post Reply | Private Reply | To 30 | View Replies]

To: Jeff Chandler

I do everything you say but like another poster said, it all happened on Dec. 22nd after the latest AVG update was downloaded.

Strange.............


32 posted on 12/25/2007 9:17:35 PM PST by hsmomx3
[ Post Reply | Private Reply | To 31 | View Replies]

To: COUNTrecount; hsmomx3; Vinnie

Glad some folks on here like Kaspersky; I’m looking for something to replace clunky Norton and the reviews on it are good.


33 posted on 12/26/2007 11:52:02 AM PST by CedarDave (The only access Hillarycare will bring is access to a waiting list.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: boxerblues

bump for later


34 posted on 12/26/2007 12:01:08 PM PST by boxerblues
[ Post Reply | Private Reply | To 14 | View Replies]

To: CedarDave

If you buy it you get to put it on three computers, so it is really worth the price.I did an outstanding job on my computers.


35 posted on 12/26/2007 12:16:53 PM PST by COUNTrecount
[ Post Reply | Private Reply | To 33 | View Replies]

To: COUNTrecount

Thanks. That’s exactly why I’m looking to buy it. I’d be paying that much to re-up with resource hog Norton.


36 posted on 12/26/2007 12:40:59 PM PST by CedarDave (The only access Hillarycare will bring is access to a waiting list.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: CedarDave

I have Adaware on my system but am finding that thing takes forever—like 10 minutes to scan!

It is very frustrating as all it does is look for spyware items.

I wonder if anyone else finds this annoying?


37 posted on 12/26/2007 5:49:10 PM PST by hsmomx3
[ Post Reply | Private Reply | To 36 | View Replies]

To: hsmomx3

There’s a command that allows you to have it perform a “smart scan” that only takes three to four minutes. I couldn’t find a description of how the “smart scan” differs from the complete scan, though I suspect it only checks areas of the computer which are most likely to have embedded spyware.


38 posted on 12/26/2007 6:26:46 PM PST by CedarDave
[ Post Reply | Private Reply | To 37 | View Replies]

To: CedarDave

I think that is what it does. I just have the free version but oh well......I have been checking my system a few times a day with different things just in case.


39 posted on 12/26/2007 6:37:19 PM PST by hsmomx3
[ Post Reply | Private Reply | To 38 | View Replies]

To: tomlew

Just wanted you to know that I have gone two days now without a Trojan or virus.

I am running AVG anti-virus everyday, and another program as well.


40 posted on 12/28/2007 2:18:21 PM PST by hsmomx3
[ Post Reply | Private Reply | To 28 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson