virus removal in CA antivirus

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View


CA antivirus found 10 files / entries on my computer that are infected
with various viruses including java shinwow and win32 cutwail, but it
does not give an option for removing these viruses.  CA is upto date
and registered.  How can I remove these viruses ?

Re: virus removal in CA antivirus




| CA antivirus found 10 files / entries on my computer that are infected
| with various viruses including java shinwow and win32 cutwail, but it
| does not give an option for removing these viruses.  CA is upto date
| and registered.  How can I remove these viruses ?

Shinwow and cutwail are trojans, not viruses.



1. Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

2. Disable Notepad's word wrap:
In Notepad.exe;  Format --> uncheck; "Word wrap"

3. Download/run Deckard's System Scanner:
http://www.techsupportforum.com/sectools/Deckard/dss.exe

4. Save the scan results (Main.txt and Extra.txt)

5. And then post the contents of Main.txt and Extra.txt in your post in one of
the below
expert forums...


{ Please - Do NOT post the HJT and Deckard's System Scanner Logs here ! }

Forums where you can get expert advice for HiJack This! (HJT) and Deckard's
System Scanner
Logs.

NOTE: Registration is REQUIRED in any of the below before posting a log

Suggested primary:
http://www.thespykiller.co.uk/index.php?board=3.0

Suggested secondary:
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.malwarebytes.org/forums/index.php?showforum=7

Suggested tertiary:
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.atribune.org/forums/index.php?showforum=9
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://forum.networktechs.com/forumdisplay.php?f=130
http://forums.maddoktor2.com/index.php?showforum=17
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.spywareinfo.com/index.php?showforum=18
http://forums.techguy.org/f54-s.html
http://forums.tomcoyote.org/index.php?showforum=27
http://forums.subratam.org/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://aumha.net/viewforum.php?f=30
http://makephpbb.com/phpbb/viewforum.php?f=2
http://forums.techguy.org/54-security /
http://forums.security-central.us/forumdisplay.php?f=13


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: virus removal in CA antivirus



David H. Lipman wrote:
Quoted text here. Click to load it

David,

dss has apparently been temporarily removed due to the fact that there
is some sort of exploit attached to it. Techsupportforum recommends that
it be removed from all systems until further notice.

RB

Re: virus removal in CA antivirus




| David H. Lipman wrote:
Quoted text here. Click to load it

| David,

| dss has apparently been temporarily removed due to the fact that there
| is some sort of exploit attached to it. Techsupportforum recommends that
| it be removed from all systems until further notice.

| RB

Thanx !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: virus removal in CA antivirus



Rube Bumpkin wrote:
Quoted text here. Click to load it

Could you post a link to that info?

Thanks
John

Re: virus removal in CA antivirus




| Rube Bumpkin wrote:
Quoted text here. Click to load it




| Could you post a link to that info?

| Thanks
| John

It isn't an exploit, its about a RootKit.  Specifically the tdssserv RootKit.
http://www.prevx.com/filenames/1088998989430477431-X1/TDSSSERV.SYS.html

http://www.techsupportforum.com/security-center/hijackthis-log-help/280436-important-regarding-deckard-s-system-scanner-dss-exe.html
"We found that a recent rootkit infection has been interfering with Deckard's
System
Scanner (DSS) resulting in possible damage to the Operating System. As such, we
have
pulled DSS from service, and strongly suggest you delete DSS.exe from your
systems.

We shall publish news of an updated DSS.exe as it becomes available."

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: virus removal in CA antivirus



David H. Lipman wrote:
Quoted text here. Click to load it
http://www.techsupportforum.com/security-center/hijackthis-log-help/280436-important-regarding-deckard-s-system-scanner-dss-exe.html
Quoted text here. Click to load it
Thanks, David.

I should have published that link, but I was so distraught about the
news, and in the middle of resolving a deeply rooted problem on one of
the family systems, that I fuzzed.

All is well. MBAM fixed it.

RB

Site Timeline