Visit the Ironworks Gaming Website Email the Webmaster Graphics Library Rules and Regulations Help Support Ironworks Forum with a Donation to Keep us Online - We rely totally on Donations from members Donation goal Meter

Ironworks Gaming Radio

Ironworks Gaming Forum

Go Back   Ironworks Gaming Forum > Ironworks Gaming Forums > General Discussion > General Conversation Archives (11/2000 - 01/2005)

Thread Tools Search this Thread
Old 01-21-2005, 04:14 PM   #1
Ma'at - Goddess of Truth & Justice

Join Date: September 15, 2002
Location: Kennewick, WA
Age: 46
Posts: 3,165
Anyone know how to get rid of this? It is making my com. restart constantly doing various tasks, like right clicking on the desktop to change the properties.
I believe I got it while downloading via peer to peer on Limewire.
Yes yes, I know. No need to lecture me...
The first "problem" I discovered was when trying to download more files and thinking I was succeeding, yet only to discover that even though it said "complete file", there was no information detected.

Anyway, after investigation, and a scan, this is what I found:

Scan started at 1/19/2005 9:14:17 PM

Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\Paul Martin\Application Data\winlink\winlink.dll - TrojanDownloader:Win32/WinShow.I -> Infected
C:\Documents and Settings\Paul Martin\Application Data\winlink\ - TrojanDownloader:Win32/Winshow -> Infected
C:\Documents and Settings\Paul Martin\Local Settings\Temp\optimize.exe - TrojanDownloader:Win32/Dyfuca.CZ -> Infected
C:\WINDOWS\bbbrtiob.exe - TrojanDownloader:Win32/IstBar.GC -> Infected
C:\WINDOWS\SSK_B5.EXE - TrojanDropper:Win32/Small.NF -> Infected
C:\WINDOWS\system32\mzzzgbsj.exe - TrojanProxy:Win32/Agent.CJ -> Infected
C:\WINDOWS\system32\svcinit.exe - PWS:Win32/Fakesvc.C -> Infected

Objects: 60139
Directories: 4656
Archives: 7046
Size(Kb): -178790
Infected files: 7

Viruses found: 7
Suspicious files: 0
Disinfected files: 0
Mail files: 233
LordKathen is offline  
Old 01-21-2005, 04:37 PM   #2
Symbol of Moradin

Join Date: June 5, 2002
Location: Slovenia,Ljubljana
Age: 31
Posts: 8,553
Did you try to delete it? Also I suggest you do a Google search on that one.
I suggest Avast wich is a very good AV program and it's free too.

[ 01-21-2005, 04:21 PM: Message edited by: Xen ]
Xen is offline  
Old 01-21-2005, 05:17 PM   #3
40th Level Warrior

Join Date: October 29, 2001
Location: Western Wilds of Michigan
Posts: 11,752
Have you tried doing an online scan at Trendmicro? That might be able to clear things up.

I came across this link from for one of 'em. Looks like you've got four or five of 'em in there... nasty little buggers.

Unfortunately, you're probably going to have to blow up each of the little critters independently. What AV software are you using now? They may be able to clean it if you boot in safe mode.
Save Early, Save Often Save Before, Save After
Two-Star General, Spelling Soldiers
Give 'em a hug one more time. It might be the last.
Bungleau is offline  
Old 01-21-2005, 07:17 PM   #4
The Magister

Join Date: December 9, 2004
Location: VA
Age: 30
Posts: 114
You may have a bunch of spyware on your computer since you have severel trojan downloaders. I suggest getting Ad-Aware at it worked wonders with my computer.
<img border=\"0\" alt=\"[monster3]\" title=\"\" src=\"graemlins/monster3.gif\" />
Jerry_Seinfeld is offline  
Old 01-22-2005, 01:17 AM   #5
Ironworks Moderator

Join Date: October 26, 2003
Location: Sydney, Australia
Age: 37
Posts: 4,414
Restart your computer in SAFE Mode.

1. Run your virus scanner if you don't have one get AVG.

2. Run Adaware

3. Run Spy bot.

4. Restart and all should be good.
T-D-C is offline  
Old 01-22-2005, 10:58 AM   #6
Symbol of Cyric

Join Date: July 3, 2001
Location: Cornwall England
Age: 31
Posts: 1,197
Not always so, i', fighting a runnign battle with cool web search and vx2, ad and spy don't get rid of it, neither did CWshredder or the VX2 plug-in on add, oh well, i'll keep trying.
Aragorn1 is offline  
Old 01-23-2005, 10:36 PM   #7
Ma'at - Goddess of Truth & Justice

Join Date: September 15, 2002
Location: Kennewick, WA
Age: 46
Posts: 3,165
How do you restart in SAFE mode T-D-C?
LordKathen is offline  
Old 01-24-2005, 01:50 AM   #8
Ironworks Moderator

Join Date: October 26, 2003
Location: Sydney, Australia
Age: 37
Posts: 4,414
Depends on your OS.

Usually you will hit the F8 key while the computer is starting up (before you get the windows screen)

If sucessful you should see a menu with safe Mode as one of the options.

Safe mode will look bad as it doesn't load half the drivers and its good for getting rid of unwanted things that start up when you don't want them to.
T-D-C is offline  
Old 01-24-2005, 02:00 AM   #9
Gold Dragon

Join Date: March 29, 2002
Location: Canada
Age: 46
Posts: 2,534
You've got some real nice stuff going on there.

As for the lecture, NO...I do believe you still need one.

Anyway, I'd suggest you run each virus name through Google and see what you can find regarding removal. I run 4 of them through, and came up with quite a few procedures to get rid of them.
It\'s all fun and games until somebody loses an eye...then it becomes a sport.<br /> [img]\"\" alt=\" - \" />
Animal is offline  

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
I found a virus in a webpage Harkoliar General Discussion 4 11-14-2006 08:45 AM
Trendmicro scan with Firefox. Possible? dplax General Conversation Archives (11/2000 - 01/2005) 4 01-16-2005 10:08 AM
What the?! A virus found... Raistlin Majere General Conversation Archives (11/2000 - 01/2005) 10 05-29-2004 11:41 AM
First Reported JPEG Virus Found! Ziroc General Conversation Archives (11/2000 - 01/2005) 7 06-14-2002 05:15 AM
VIRUS-ALERT get anti virus patch here TheCrimsomBlade General Conversation Archives (11/2000 - 01/2005) 2 09-20-2001 01:17 AM

All times are GMT -4. The time now is 09:59 PM.

Powered by vBulletin® Version 3.8.3
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
©2017 Ironworks Gaming TM & The Great Escape Studios - All Rights Reserved