Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




71 posts

Master Geek


# 39314 12-Aug-2009 15:41
Send private message

1st off we are using the anti virus software CA which we find good.
When we start the computer up it comes up with Win32/Buzus.AU virus in the temp files on the local disc, CA says they have been deleted but it happens everytime we restart. When we do a full scan it comes up empty  but I am assuming thats because it was deleted. How can we get rid of this trojan as we do not want any damage. Please HELP!!

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2

xpd

Chief Trash Bandit
9719 posts

Uber Geek
+1 received by user: 1676

Mod Emeritus
Trusted
Lifetime subscriber

  # 245658 12-Aug-2009 15:48
Send private message

Hehe similar issue here with a virus/trojan but using Symantec..... try booting into safe mode and running full scan that way. Or if youre desperate, another thing to try (dosent always work tho) is to put the drive into another system and get that system to scan it. That way it cant complain Windows has locked the file etc.




XPD / Gavin / DemiseNZ

 

Server : i5-3470s @ 3.50GHz  16GB RAM  Win 10 Pro    Workstation : i5-3570K @ 3.40GHz  16GB RAM  RX580 4GB Win 10 Pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, emulation, geekery, and my attempts at photography.     Now on BigPipe 100/100 and 2Talk

 

Emulation - The art of getting your $4000 PC to run an 80's system - and still fails.




71 posts

Master Geek


  # 245660 12-Aug-2009 15:49
Send private message

Hi
Thanks, I have tried loading safe mode but I can not seem to do it. When i restart and push F10 or F9 or something nothing happens.

 
 
 
 


xpd

Chief Trash Bandit
9719 posts

Uber Geek
+1 received by user: 1676

Mod Emeritus
Trusted
Lifetime subscriber

  # 245667 12-Aug-2009 16:01
Send private message

You get safe mode options by pressing F8 before WIndows starts up :)




XPD / Gavin / DemiseNZ

 

Server : i5-3470s @ 3.50GHz  16GB RAM  Win 10 Pro    Workstation : i5-3570K @ 3.40GHz  16GB RAM  RX580 4GB Win 10 Pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, emulation, geekery, and my attempts at photography.     Now on BigPipe 100/100 and 2Talk

 

Emulation - The art of getting your $4000 PC to run an 80's system - and still fails.




71 posts

Master Geek


  # 245682 12-Aug-2009 16:23
Send private message

Could this virus come from a pen drive that had data from a laptop? The laptop was last known to have a worm virus. Thanks :)



71 posts

Master Geek


  # 245810 12-Aug-2009 21:01
Send private message

FINALLY GOT RID OF IT YAY!!!! Used Combofix which dragged the trojan out and my antivirus program sorted it. Thanks tho

360 posts

Ultimate Geek


  # 245813 12-Aug-2009 21:06
Send private message

try disconecting the computer from the net. deleting the virus ca finds reboot. if it comes up automaticly while disconected from the net you know that the viruse is recreating its self from another location. if you plug it into the net the virus pops up you know its downloading its self from the net. ither way you are going to have to do some clean out on it

http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe download this file.

in safe mode with netwroking  hit f8 as your comptuer starts

make sure you have

show hidden files checked
hide extentions unchecked
hide known file types unchecked

run HJT do a scan with log file post the log file back here so i can view it. dont check any of the boxes in the scan or you could screw your computer.


Some other tools that may help

run this first it will get rid of most tmp files http://www.ccleaner.com/ under options advanced tab uncheck the box that says only delete files older than 48hours 
 
Combofix (caution this can screw around with your computer read instructions on use first generaly speaking its ok http://www.bleepingcomputer.com/combofix/how-to-use-combofix you can download it from this site i always get it from bleeping computers sever.

malwarebytes http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button make sure you choose full scan option and update b4 you scan

spybot http://www.safer-networking.org/en/home/index.html when you set it up make sure you uncheck all of the check boxes other wise you get stuff starting up that will slow your ocmputer down. make sure you update b4 you scan

these are the basic scans you can. if you are still getting the problem we will have to look at things further.

let me know how you get on

thanks

PS CA in my experence is not that great. avast is much beter and its free (for home use) i would suggest installing avast and doing a boot scan being aware if you install it while having ca on your omcputer yhou will have problems




Hu? did i do that?
16Mb (EDO RAM), K6-II processor, 2Mb of onboard graphics. 32k dial up modem. 12 speed CD ROM. 5¼-inch floppy drive. 500Mb HDD.

360 posts

Ultimate Geek


  # 245814 12-Aug-2009 21:08
Send private message

my bad you must of posted that last comment while i was typing. seriously though get rid of CA and put Avast on your system :)




Hu? did i do that?
16Mb (EDO RAM), K6-II processor, 2Mb of onboard graphics. 32k dial up modem. 12 speed CD ROM. 5¼-inch floppy drive. 500Mb HDD.

 
 
 
 




71 posts

Master Geek


  # 245837 12-Aug-2009 21:50
Send private message

Hi
Wow thank you so much for your answer, it was great altho I'll admit some of it was over my head a little lol. We got Combofix recommended and I was able to use that without stuffing up computer (yay :P). Currently we have CA and will continue to do so until out subscribtion runs out in Jan/Feb, I do not have enough money to go buy another. We have tried Advast and honestly I didn't really understand how to use it but the computer it was on was seriously messed up, since then we have bought a new one. Could you recommend a full security suite? CA has firewall, anti virus and anti spyware, so far it has worked until today. I would really appreciate that.
Cheers :D



71 posts

Master Geek


  # 245839 12-Aug-2009 21:52
Send private message

Sorry add on here to above post when I press F8 before computer starts nothing happens so since this is custom made it might not be on or something. Im not to sure and here I thought I knew a bit about computers lol :P

360 posts

Ultimate Geek


  # 245844 12-Aug-2009 22:02
Send private message

mmm our company recomends nod32 there are several versions. the standard version which is just antivirus/anitspyware there is also a version with firewall its a bit more expensive. to tell you the truth you dont realy need the fire wall in my opinion for most home users windows fire wall does the trick and if you hare on broad band most routers have a firewall any how

best one i have come accross only paid one i woudl recomend
once you have it set up it just does its thing. we sell it for around $80 but price veries a little from $70-$80 and then its about $50 a year after that



avast is very good and easy to use basicly just install it and it works. where people get hung up is when the they have to register it. its free to register you get 2 months b4 you have to register but if you follow the prompts you should be good to go.

http://www.avast.com/eng/home-registration.php

this is the registration page for it from what i can tell thats the hardest part every body gets caught up on the registration lol.

http://www.bleepingcomputer.com/tutorials/tutorial104.html

this is how to set up avast just rember to uninstall ca first.

http://www.digitalred.com/avast-boot-time.php

how to do boot scan only thing i can see what i woudl do differntly where it says move infected file to chest i would just set it to delte cause if its infected no pooint in having it on your computer

Ither one is good. nod32 i would suggest is much better for most users but i love the boot time scan on avast. avast is what i use at home

let us know how you get on and what you decied thanks




Hu? did i do that?
16Mb (EDO RAM), K6-II processor, 2Mb of onboard graphics. 32k dial up modem. 12 speed CD ROM. 5¼-inch floppy drive. 500Mb HDD.

360 posts

Ultimate Geek


  # 245845 12-Aug-2009 22:03
Send private message

oh yea forgot to mention i woudl still run spybot and malwarebytes links in the previous post thanks. best to do in safe mode




Hu? did i do that?
16Mb (EDO RAM), K6-II processor, 2Mb of onboard graphics. 32k dial up modem. 12 speed CD ROM. 5¼-inch floppy drive. 500Mb HDD.

xpd

Chief Trash Bandit
9719 posts

Uber Geek
+1 received by user: 1676

Mod Emeritus
Trusted
Lifetime subscriber

  # 245899 13-Aug-2009 07:50
Send private message

F8 isnt a system manufacturer option, its part of Windows so cant be turned off as such.... some keyboards are a bit slow at becoming active tho so might be a tiny Window that you can actually hit it in :)
Oh well..at least you got rid of it :)

I recommend running somehting like Malwarebytes Anti-malware along side your virus scanner though to be extra safe :)




XPD / Gavin / DemiseNZ

 

Server : i5-3470s @ 3.50GHz  16GB RAM  Win 10 Pro    Workstation : i5-3570K @ 3.40GHz  16GB RAM  RX580 4GB Win 10 Pro    Console : Xbox One

 

https://www.xpd.co.nz - Games, emulation, geekery, and my attempts at photography.     Now on BigPipe 100/100 and 2Talk

 

Emulation - The art of getting your $4000 PC to run an 80's system - and still fails.


6 posts

Wannabe Geek


  # 246139 13-Aug-2009 16:50
Send private message

AVG Free works for me at home. They update regularly and it is not resource hungry. Plus ZoneAlarm Firewall ( and the ADSL firewall ) for good measure. Spybot and MBAM for a final safe experience.
Been using AVG for about 5 years now and very few problems.

360 posts

Ultimate Geek


  # 246264 13-Aug-2009 20:35
Send private message

Personally wouldnt go with avg. seen it screw tomany computers. Personally wouldnt go with zone alarm. it gets stuck on ya computer. seen several very screwd computers caused by zone alarm. but every body has there opinion and if it works for you great

I would recomend safteynet fire wall can be downloaded here

http://www.netveda.com/downloads/downloadform.asp?product=sn&lic=serv you do have to enter your email.

takes a little to cofigure but no more than zone alarm

its free works in the same way as zone alarm in my opinion easier to use and it doesnt go wrong like zone alarm.

we mainly put it on computers that have win 98 ME or 2k.  personally wouldnt bother with xp unless you are running a buisness with sensitive info.

in the past we have found the new avg 8.5 screws with downloads on vista. after you download a file it autmaticly deletes the file but does not tell yo its doing it. and on xp it brings the system to a grinding hault. not sure if they have fixed the bugs but i wouldnt touch it.

just my opinion and experences.

as i say if it works for you, use it.





Hu? did i do that?
16Mb (EDO RAM), K6-II processor, 2Mb of onboard graphics. 32k dial up modem. 12 speed CD ROM. 5¼-inch floppy drive. 500Mb HDD.



71 posts

Master Geek


  # 246278 13-Aug-2009 20:58
Send private message

Hi All
We are now installing malwarebytes. Can we use with CA?

 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Dunedin selects Telensa to deliver smart street lighting for 15,000 LEDs
Posted 18-Jul-2019 10:21


Sprint announces a connected wallet card with built-in IoT support
Posted 18-Jul-2019 08:36


Educational tool developed at Otago makes international launch
Posted 17-Jul-2019 21:57


Symantec introduces cloud access security solution
Posted 17-Jul-2019 21:48


New Zealand government unveils new digital service to make business easier
Posted 16-Jul-2019 17:35


Scientists unveil image of quantum entanglement
Posted 13-Jul-2019 06:00


Hackers to be challenged at University of Waikato
Posted 12-Jul-2019 21:34


OPPO Reno Z now available in New Zealand
Posted 12-Jul-2019 21:28


Sony introduces WF-1000XM3 wireless headphones with noise cancellation
Posted 8-Jul-2019 16:56


Xero announces new smarter tools, push into the North American market
Posted 19-Jun-2019 17:20


New report by Unisys shows New Zealanders want action by social platform companies and police to monitor social media sites
Posted 19-Jun-2019 17:09


ASB adds Google Pay option to contactless payments
Posted 19-Jun-2019 17:05


New Zealand PC Market declines on the back of high channel inventory, IDC reports
Posted 18-Jun-2019 17:35


Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39


TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.