Correct virus removal.

Hello all. I stumbled upon your site by doing a search for dirote.exe. This thread was helpful in pinpointing what has been screwing with my uncle's 2 week old PC.

Now I know I'm new here, but I was curious if someone here wouldnt mind briefly running through the correct steps to remove kolder.exe;dirote.exe;and PPI.exe, the f0r0r folder, and redroses and so forth. I'd really appreciate it so I can go back to his house tomorrow (hour or so drive and I've been back and forth 2 times so far) and fix his new PC for him. He already has Norton's. I've installed SpyBot, CWShredder, and Adaware. For some reason, I couldn't install AVG. The self extracter couldnt create a folder in the owner/temp file.

Also, a good suggestion for a simple firewall? I have his XP one enabled. I'm running ZoneAlarm, but he and my aunt are basically PC illiterate, and don't think they could learn this one.

TIA

 

I'll leave it to one of the pros to give you specifics on removal. Just wanted to comment on having two different on-board AV programs installed.

Don't.

If you need a reality check or 2nd opinion, use an online scanner.

 

Hi NumberTwo

This kolder.exe;dirote.exe;and PPI.exe, the f0r0r infection is almost brand new, while our forum has attempeted to fix it and it appears to have worked in a case or two there is far more to it than we know.

The folks who know of it most are at spywareinfo, I suggest you post a hjackthis log there and here wait for several instructions before deciding on what cource of action to take.
if I understand it correctly its called Hacker Defender and is a bew form of coolwebsearch that is quite complicated. attempting a partail fix might couse system crash's or couse your internet connection to be disabled.
http://forums.spywareinfo.com/index.php?showforum=18


Regards

 

I was wrong about Hacker Defender aka rootKill dirote.exe being related to CWS , But have heard they will probaly soon use the same methods.
nasty folks.

 

For the AVG installation problem: I've discovered that AVG will often refuse to install or, strangely, will attempt to install a completely different program when its downloaded installation file is run from the desktop. If you move it into any other folder (except the Recycle Bin, of course ), it will install.

As far as having two AV programs installed, it's not a bad idea but set them up so only one is actively running to provide full-time, background protection.

No one AV program is going to be 100% effective 100% of the time on 100% of the viruses out there. So, having two installed - and kept updated - can be a lifesaver if you need a second, "failsafe" scan but can't get online to use one of the online scanners.

 

Thanks for the replies, guys. My uncle decided to return the PC, and get a new one. If I read the Posting Rules right, new questions should have their own threads so I'll ask there. Thanks again, everyone.