XP + Broadband + Kazaa + NO Anti Virus = OH NO!

A friend of mine recently bought a new pc - bespoke build thing!
He then ordered Cable Broadband (on my recommendation)
He then downloaded and uses Kazaa lite (on my recommendation)
He then informed me of odd goings on, on his PC
What anti virus you using - I says
What you mean - he says
Oh No - I says

I visit
I install AVG Free
I run AVG Free
69 (YES, sixty nine) viruses later, I manually remove those that avg doesnt.
The two i cannot remove

C:\Windows\uninst.exe - Win32/Hantaner
C:\ Windows\System32\system32.exe - Trojan Horse - IRC Backdoor.SdBot.

I try to install Spybot S&D, but whilst the temp installation files are being removed - the trojan kicks in and prevents the completion of the installation process.

OK, can't install a trojan removal program
Cant remove the above manually (maybe the w32/hantaner I can - wasn't gonna try as it is a system32 file)

Ideas anyone.

BTW - OS is Windows XP Home

 

Sean

What about your own problem????

You still have Viri.

But for this one do the following.

Download but do not run these, after download boot to safe mode and run them from there:

Special Virus cleaners

Stinger http://vil.nai.com/vil/stinger/
PQremove http://www.webmasterfree.com/software/2911.html
SysClean http://www.trendmicro.com/download/tsc.asp

These are the Delta force for only the newest and most prolific viruses today.

Use these if it is possible that a virus may have disabled your regular scanner.

For a quick clean, and then if they find and clean anything do a full deep scan with a full-fledged scanner.

If you suspect a virus has disabled your regular scanner you should do 3 things

1. Download STINGER and PQREMOVE and Sysclean and run them.

NOTE: always download them do not run an older one that you have had; these are updated almost daily.

2. Do an online dedicated Trojan/worm scan and online regular virus scan. Here http://www.anti-trojan.net/at.asp?l=en&t=onlinecheck

3. If your virus scanner was up to date, and "IF" either 1 or 2 above finds a virus then it is possible that your virus scanner has been disabled. You should completely uninstall and reinstall your virus scanner update it and run it in full mode with max settings.

Mike

 

Hi Mike,

I'm in the middle of sorting my pc

With this one though, I KNOW what the problems are - just not sure how to/if I should remove them.

Will the online trojan scan help me remove the trojan i found

Cheers

Seany

 

Sean

Just do the steps I advised; Stinger, Pqremove and Sysclean in safe mode. That should get them.

Then on boot back to full/normal mode then do the online to confirm.

Mike