How does someone get 2928 Trojans on their computer when they have a State of Art, Top of the Line anti-virus program like Mcafee ?? - www.mcafee.com.
Actually it's a serious question with out an answer, but here is a few things I observed on someone's computer that I was trying to clean out.
I ran a separate virus scanner simply called sysclean.com from Trendmicro -
http://www.trendmicro.com/ftp/products/tsc/sysclean.com
Currently you can download it even if your not a customer.
Then you need to download an updated virus database from -
http://www.trendmicro.com/download/viruspattern.asp.
You should see file similar to lpt497.zip (the numbers will change with each update), click on it to download it and place the sysclean.com and the uncompressed virus pattern database in the same folder. The last database I downloaded had the name lpt$vpn.475.
Just double-click on the sysclean.com to start the scan. Warning - this is only a manual scanner, not meant to replace a full version anti-virus program.
This is the program that nipped the 2000+ infected files in the bud!!
More info - http://www.trendmicro.com/ftp/products/tsc/readme.txt
Then I ran Spybot SD - http://www.safer-networking.org/en/home/index.html -
It detected and removed traces of :
AntivirusXP 2008 (fake antivirus)
MalwareProtector2008 (fake)
FakeMSN88eta - netstat.com and taskill.com (both in Windows/System32 folder)
FakeAlert.cc
Then I decided to uninstall Mcafee, for what a good job it was doing. I couldn't get the uninstall to run so I had to remove it manually.
How to manually remove a program from your computer:
www.theeldergeek.com/manually_uninstall_programs.htm
ask-leo.com/how_do_i_uninstall_a_program_thats_not_in_the_addremove_list.html
That meant deleting the Mcafee folder which I couldn't do because files where in use, so I had to restart in safe mode. Deleted the folder and then I deleted the registration database entries. I also had to disable the services and start up entries. Once it was gone I restarted the system and installed My Virus Program Of Choice - Avira Antivir Personal Edition - www.free-av.com
Once I got Avira Antivir Personal Edition up and running I immediately went online, updated it and ran a FULL SYSTEM SCAN. The system seemed to be clean - usually, it's recommended to format and re-install Windows in the case of such a bad infection. I haven't heard from the computer's owners since so I'm going to assume my cleaning was some what successful.
Then another guy brought his computer over. It had WinME and wouldn't start up. It was giving some error about corrupted registry and suggested to use a book disk to start up and run the following command - scanreg /fix
I Did - It Worked, to a certain degree. Once Windows fully booted up the computer would just shutdown. I immediately suspected an overheating system but the motor didn't seem to warm.
I checked the system in the BIOS. Looking for the temperature in the BIOS setup. It was around 64C. I'm not sure what it should be but as long as I was in the BIOS settings the computer remained on.
Windows requires a lot more power to run and produces more heat in the system.
As soon as Windows started up the computer would shut off. I was going to remove the FAN from the Heatsink that was on the CPU and clean out around it. But on this model I wasn't sure how to remove it.
So I just used some cotton swabs and rubbing alcohol and did the best job that I could. Its amazing what can build up on these things. Amazingly it seemed to work. The computer booted up and stayed on.