C and D drive dissapeared

vbimport

#1

my computer got infected with smitfraud & zlobdownloader…i have removed it with spybot search and destroy…it has returned my system almost to normal except for c&d drive not seen in mycomputer (i still can run it from the address bar)…and next to the time in notification area is written VIRUS ALERT!..and no log off option in my start menu…please help


#2

I see from your tags that you have something called “Antivirus 2008 Pro”…did you manage to uninstall it? If not, you may want to check this out: http://answers.yahoo.com/question/index?qid=20080526232341AAzlqZu

Also, do you have a real AntiVirus application installed that can scan for anything else that may be hidden from your view?

You may have to do a clean install to get your computer back to running at 100%.


#3

i have avg and avira resident shield running all times…i have deleted all files named antivirus by searching c and registry…no unknown processes running now…yet no c & d drive


#4

everything is allright now as far as i can see…i dont know how it happened…after running a scan with superantispyware(i did not find anything) i retsarted my comp with superantispyware on the startup and then everything is fine now…(other than that next time i restarted my theme had automatically changed)…i ran spybot and everything was clean…i hope that was the end of that problem…(i heard on the net that some people had to format their drives to get rid of this menace)…


#5

[QUOTE=shobith;2104148]everything is allright now as far as i can see…i dont know how it happened…after running a scan with superantispyware(i did not find anything) i retsarted my comp with superantispyware on the startup and then everything is fine now…(other than that next time i restarted my theme had automatically changed)…i ran spybot and everything was clean…i hope that was the end of that problem…(i heard on the net that some people had to format their drives to get rid of this menace)…[/QUOTE]

That reformatting the HDD is usually the last resort…but sometimes with bad infections just formatting it will get rid of the problem as well…so depending on how bad the infections and if were able to rid of the virus or malware then you should be ok. Only time is when it affects your windows directory but overwritting or corrupting system files-then it’s time to reformat otherwise you will have never ending problems in your O/S.


#6

[QUOTE=shobith;2103625]i have avg and avira resident shield running all times…i have deleted all files named antivirus by searching c and registry…no unknown processes running now…yet no c & d drive[/QUOTE]
You should not run two AV’s at the same time.
It is however OK to run multiple anti-spyware apps if they are known to play well together.
I don’t like to squander resources so I run one of each and scan manually with other apps from time to time.


#7

my computer guy put me avira and avg telling me that they are best in combination…i later added soyware terminator toadd to my protection…which i disabled later since avg 8 came with resident spyware protection too…i was trying to install some other software(just trying out nod32)which asked me to disable my antivirus…as soon as i disabled avg all this happened…but my avira didnt say a thing even though it has a high detection rate…i am back to using spyware terminator too…so what would be a best combination for enhanced protection among the free softwares…


#8

I’m not sure if it can be run with your other anti viruses running (fyi two anti viruses installed can conflict with each other making both less effective), but trend micro’s online virus scanner is very good.


The advantage of doing an online scan is that some virus’s can disable or alter your anti virus so it doesn’t work. If nothing else, it should tell you if the computer is still infected.
On a side note, is it possible that your computer guy intended for you to run avira with the anti virus disabled (for the firewall, anti spyware etc) and run avg for the anti virus?


#9

[QUOTE=ripit;2104732]I’m not sure if it can be run with your other anti viruses running (fyi two anti viruses installed can conflict with each other making both less effective), but trend micro’s online virus scanner is very good.
http://housecall.trendmicro.com/[/QUOTE]

I second that :iagree:

I personally wouldn’t run two AV softwares together, just like I wouldn’t run two software firewalls.


#10

Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.

orjust post over at the am I infected

but look out for wookies


#11

Hi,[quote=shobith;2104714]so what would be a best combination for enhanced protection among the free softwares…[/quote]
Apart from Brain.exe no software can protect you. Period.
Some basic rules:

[ul]
[li]Never use the net as user with administrative permissions[/li][li]Install all security patches for operating system and software.[/li][li]Avoid unreliable source for software and media content. No cracks and warez, of course[/li][li]MSIE is good for Windows Update only.;)[/li][li]Think twice before you click - and don’t trust attachments you get per mail unless they are requested.[/li][/ul]

And concerning you main problem:
"The only way to clean a compromised system is to flatten and rebuild. "
http://technet.microsoft.com/en-us/library/cc512587.aspx
Yes, this is from Microsoft.

Michael


#12

[QUOTE=mciahel;2104746]Hi,
Apart from Brain.exe no software can protect you. Period.
Some basic rules:

[ul]
[li]Never use the net as user with administrative permissions
[/li][li]Install all security patches for operating system and software.
[/li][li]Avoid unreliable source for software and media content. No cracks and warez, of course
[/li][li]MSIE is good for Windows Update only.:wink:
[/li][li]Think twice before you click - and don’t trust attachments you get per mail unless they are requested.
[/li][/ul]

And concerning you main problem:
"The only way to clean a compromised system is to flatten and rebuild. "
http://technet.microsoft.com/en-us/library/cc512587.aspx
Yes, this is from Microsoft.

Michael[/QUOTE]I agree with all of that. :iagree:


#13

[QUOTE=Albert;2104760]I agree with all of that. :iagree:[/QUOTE]

As do I, sound advice :iagree:

Even if I don’t practice the first one on the list :o


#14

[quote=Arachne;2104762]Even if I don’t practice the first one on the list :o[/quote]Then you’ve lost.

Seriously, any attacker/botnet manager/music industry agent/other badguy who (remotely) managed to get access to your computer will then have fully system access. Of course it will then render your anti-virus and firewall software useless. No problem.

Buying and installing “security software” is a waste of money and other resources in that usage scenario. But at least you can be sure you have only the latest malware installed.


#15

I ran naked with xp sp2 and IE6 no updates, no av no spyware protection and only the sp2 firewall and a good nat router for a year and a half

When I got slammed in a drive by malware attack, vundo, trojan downloader etc about wiped me out

I ran spybot, superantispyware, norton’s, dr web cureit, vundofix, trojan hunter and sdfix, all while disconnected from the internet and using safe and normal mode

It took about 12 hours, I was clean, then ran windows as a repair disk, I then started using spybot sdhelper and immunization(hosts) and ran another year but I did start keeping my updates current
I started using firefox with noscript for my moderator duties investigating suspicous web links.

6 months ago or so I got hit with an advanced backdoor trojan and rootkit thru a usb drive infection, luckily the computer I was trying to disinfect had caused me to download all the newest versions of Malwarebytes and SAS and SDFix to a folder on my desktop. It took a little over 2 hours and I was clean, I even ran 3 rootkit scanners.

You can clean a computer if you know what you are doing and you don’t get too infected, some infections are terminal, they are rare.

The hardest computers I have ever disinfected are ones where Mcaffe, teattimer and norton’s cause as many problems as the infection


#16

[QUOTE=shobith;2104714]my computer guy put me avira and avg telling me that they are best in combination[/QUOTE]
Noone runs two AV’s together, period.
They are big engines…sometimes two-three engines and they do not play well together, not to mention the resource hit even if you could get them to work together.

i later added soyware terminator toadd to my protection…which i disabled later since avg 8 came with resident spyware protection too

OK, as previously stated anti-spyware solutions can be run together. Many pros runs multiple anti-spyware apps because there are so many malware definitions and families that one AS can’t cover them all.
AVG’s packaged AS solution is “Ewido” which AVG (Grisoft) purchased. In the free form I believe that Ewido times out after 30 days trial.

i was trying to install some other software(just trying out nod32)which asked me to disable my antivirus…as soon as i disabled avg all this happened

This is normal behaviour for an AV upon install to ask you to disable all scanners (AV, AS, firewall, etc) and of course you should be doing all of this [B]off-line[/B]. BTW, NOD32 is one of the best paid-for AV’s…low resource hit with top-notch detection rates.

but my avira didnt say a thing even though it has a high detection rate
Avira, I know it as AntiVir, is one of the better freebie AV’s…the smitfraud scam was more of a ad/spyware rather than a virus.
AntiVir was doing its job looking for viruses.
I find AntiVir annoying (pop-ups) in its free form.
Suggest you Wikipedia “computer virus” and separately “spyware”

i am back to using spyware terminator too

I tried that until a friend in the computer security biz gave it a thumbs-down.
SAS is his fave in that genre.

so what would be a best combination for enhanced protection among the free softwares…

This computer is running all freebies…

  1. Hardware firewall (NAT router)…your first line of defense
  2. Software firewall…COMODO
  3. Avast! anti-virus…my favorite freebie because it works and doesn’t bother me.
  4. McAfee SiteAdvisor…a Firefox or IE plug-in that is highly recommended
    Flags all your search results.
  5. My Anti-Spyware scanning is not real-time!!!
    I should buy another license for SUPERAntiSpyware for this computer !
    That’s a good one…can find and kill alot of bad stuff.
    Using this and the afore-mentioned brain.exe has keep me malware free for several years.

#17

[quote=jflan;2104864]Noone runs two AV’s together, period.
They are big engines…sometimes two-three engines and they do not play well together, not to mention the resource hit even if you could get them to work together.

OK, as previously stated anti-spyware solutions can be run together. Many pros runs multiple anti-spyware apps because there are so many malware definitions and families that one AS can’t cover them all.
AVG’s packaged AS solution is “Ewido” which AVG (Grisoft) purchased. In the free form I believe that Ewido times out after 30 days trial.

This is normal behaviour for an AV upon install to ask you to disable all scanners (AV, AS, firewall, etc) and of course you should be doing all of this [B]off-line[/B]. BTW, NOD32 is one of the best paid-for AV’s…low resource hit with top-notch detection rates.

Avira, I know it as AntiVir, is one of the better freebie AV’s…the smitfraud scam was more of a ad/spyware rather than a virus.
AntiVir was doing its job looking for viruses.
I find AntiVir annoying (pop-ups) in its free form.
Suggest you Wikipedia “computer virus” and separately “spyware”

I tried that until a friend in the computer security biz gave it a thumbs-down.
SAS is his fave in that genre.

This computer is running all freebies…

  1. Hardware firewall (NAT router)…your first line of defense
  2. Software firewall…COMODO
  3. Avast! anti-virus…my favorite freebie because it works and doesn’t bother me.
  4. McAfee SiteAdvisor…a Firefox or IE plug-in that is highly recommended
    Flags all your search results.
  5. My Anti-Spyware scanning is not real-time!!!
    I should buy another license for SUPERAntiSpyware for this computer !
    That’s a good one…can find and kill alot of bad stuff.
    Using this and the afore-mentioned brain.exe has keep me malware free for several years.[/quote]

I had installed COMODO once…it was asking a lot of questions…i allowed most of it…but some sounded completely unfamiliar…i blocked few …next time IE did not open(or something like this happened…i dont remember exactly what)then i uninstalled it…even then i had heard it was the best free firewall available but how do i decide what to allow what not to…

Even avast i was running before…but once some time ago i downloaded something p2p avg called it a virus(then i was running avg + avast since avast had lot of resident features ) so i scaned it again with avg,avira and avast…avg &avira called it a virus while avast kept quit…then i didnt feel safe with avast…so decided to remove it from startup…but it didnot allow me…it said me i need administrator privileges…well so i uninstalled it completely

i am now using both mcafee site advisor and script blocker with mozilla…i think they are both very helpful…


#18

[quote=DaChew;2104736]Download SmitfraudFix (by S!Ri) to your Desktop.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Double-click SmitfraudFix.exe
Select option #1 - Search by typing 1 and press Enter
This program will scan large amounts of files on your computer for known patterns so please be patient while it works. When it is done, the results of the scan will be displayed and it will create a log named rapport.txt in the root of your drive, eg: Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

IMPORTANT: Do NOT run any other options until you are asked to do so!

**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.

orjust post over at the am I infected

but look out for wookies

i had downloaded smitfraud fix after checking yahoo answers(after cleaning my system) with spybot…i ran it on windows from the desktop(not in safe mode)…as soon as i ran it avg called it a virus…then i scaned it with avira…it id’d two infected files…since my system already looks clean i didnt take the risk of running it again…


#19

[quote=mciahel;2104746]Hi,
Apart from Brain.exe no software can protect you. Period.
Some basic rules:

[ul]
[li]Never use the net as user with administrative permissions[/li][li]Install all security patches for operating system and software.[/li][li]Avoid unreliable source for software and media content. No cracks and warez, of course[/li][li]MSIE is good for Windows Update only.;)[/li][li]Think twice before you click - and don’t trust attachments you get per mail unless they are requested.[/li][/ul]

And concerning you main problem:
"The only way to clean a compromised system is to flatten and rebuild. "
http://technet.microsoft.com/en-us/library/cc512587.aspx
Yes, this is from Microsoft.

Michael[/quote]

do i need to just create a guest account or are there other settings to change…the place where i work also has net connection(lan) but we are allowed to use only as guests…we cannot install anything nor run activex…also we are blocked from few sites …are u talking about such a setting if so how can i do it at home…


#20

[quote=ripit;2104732]I’m not sure if it can be run with your other anti viruses running (fyi two anti viruses installed can conflict with each other making both less effective), but trend micro’s online virus scanner is very good.


The advantage of doing an online scan is that some virus’s can disable or alter your anti virus so it doesn’t work. If nothing else, it should tell you if the computer is still infected.
On a side note, is it possible that your computer guy intended for you to run avira with the anti virus disabled (for the firewall, anti spyware etc) and run avg for the anti virus?[/quote]

i am running a free version of avira doesnt have antispyware or a firewall