[Resolved] Please help remove: Trojan winself.exe; not good
Posted 12 May 2008 - 11:34 AM
Register to Remove
Posted 13 May 2008 - 07:30 PM
Reset your hosts file as per the previous instructions, wait for WinPatrol to alert you to the change and allow it.
Then lock your hosts file as follows:
Download lockhost.bat to your Desktop (right-click the link, select Save Target As..., select your Desktop and press Save)
Then double-click lockhost.bat to run it.
You may be given another alert by WinPatrol because you have modified the hosts file, allow this change, then reboot and see if you receive any further warnings.
Once everything is complete, please copy the hosts file to your Desktop and post it again so I can check it's still OK:
Press Start->Run and copy/paste the following command into the box and press OK:
A file called hosts2.txt will appear on your Desktop, please post the contents in your next response.
cmd /c copy "C:\windows\system32\drivers\etc\hosts" "%userprofile%\desktop\hosts2.txt"
Posted 14 May 2008 - 05:03 PM
Posted 28 May 2008 - 11:38 AM
Posted 28 May 2008 - 07:38 PM
You're most welcome and I'm glad to hear things are running better. Here are some important final steps:
If you have not already done so, please delete gmer.exe and dss.exe from your Desktop, also delete this folder:
Create a new, clean System Restore point which you can use in case of future system problems:
Press Start->All Programs->Accessories->System Tools->System Restore
Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close
Now remove old, infected System Restore points:
Next click Start->Run and type cleanmgr in the box and press OK
Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
Press OK and Yes to confirm
If the above went well, I think your machine is clean of malware, here are some tips to help you keep it that way:
You have good protection software installed however please ensure it is kept up to date. Check that your antivirus and antispyware programs are set to automatically update themselves daily, and that your firewall is the latest version.
Please take care when downloading programs. One of the easiest ways to be infected is to download freeware/shareware programs which come laden with malware - this includes allowing websites to install browser plug-ins or ActiveX controls. Before downloading, it is crucial to check whether the source is reputable.
One way to check is to use McAfee SiteAdvisor. Copy the domain name into the space provided and SiteAdvisor will give you a report on the website which can help you decide if it is safe. They also have a toolbar for IE and Firefox which adds this functionality to your browser.
Find out more about how to prevent infection in the future
Please post back to let me know that you have read this, and if there are any further issues.
Edited by silver, 28 May 2008 - 07:38 PM.
Posted 04 June 2008 - 06:59 PM
Register to Remove
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users